Submitted URL: http://shadows-house.com/
Effective URL: https://shadows-house.com/
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE

Summary

This website contacted 25 IPs in 3 countries across 17 domains to perform 80 HTTP transactions. The main IP is 104.21.88.143, located in and belongs to CLOUDFLARENET, US. The main domain is shadows-house.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2021. Valid for: a year.
This is the only time shadows-house.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 104.21.88.143 13335 (CLOUDFLAR...)
6 172.67.69.151 13335 (CLOUDFLAR...)
7 172.217.23.98 15169 (GOOGLE)
1 69.16.175.42 20446 (HIGHWINDS3)
2 142.250.185.170 15169 (GOOGLE)
3 172.67.26.21 13335 (CLOUDFLAR...)
1 151.101.12.193 54113 (FASTLY)
4 104.18.226.52 13335 (CLOUDFLAR...)
3 142.250.186.130 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
1 205.185.216.42 20446 (HIGHWINDS3)
5 142.250.186.35 15169 (GOOGLE)
3 142.250.184.194 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 142.250.185.234 15169 (GOOGLE)
1 13.225.78.106 16509 (AMAZON-02)
1 151.101.65.229 54113 (FASTLY)
1 104.26.15.238 13335 (CLOUDFLAR...)
2 13.225.78.27 16509 (AMAZON-02)
1 13.224.193.10 16509 (AMAZON-02)
2 142.250.185.97 15169 (GOOGLE)
1 104.18.225.52 13335 (CLOUDFLAR...)
1 172.217.23.100 15169 (GOOGLE)
80 25
Domain Requested by
29 shadows-house.com 1 redirects shadows-house.com
7 pagead2.googlesyndication.com shadows-house.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
4 assets.vlitag.com tag.vlitag.com
shadows-house.com
3 onesignal.com cdn.onesignal.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 storage.ko-fi.com shadows-house.com
storage.ko-fi.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 quantcast.mgr.consensu.org assets.vlitag.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.googletagservices.com pagead2.googlesyndication.com
tag.vlitag.com
2 www.google-analytics.com shadows-house.com
www.google-analytics.com
2 cdn.onesignal.com shadows-house.com
cdn.onesignal.com
2 fonts.googleapis.com shadows-house.com
storage.ko-fi.com
2 services.vlitag.com shadows-house.com
services.vlitag.com
1 www.google.com tpc.googlesyndication.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 cdn.jsdelivr.net assets.vlitag.com
1 test.quantcast.mgr.consensu.org assets.vlitag.com
1 imasdk.googleapis.com tag.vlitag.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 a.exdynsrv.com shadows-house.com
1 tag.vlitag.com services.vlitag.com
1 i.imgur.com shadows-house.com
1 code.jquery.com shadows-house.com
80 26

This site contains links to these domains. Also see Links.

Domain
dailysenpai.com
ko-fi.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-16 -
2022-04-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
exdynsrv.com
R3
2021-08-05 -
2021-11-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
quantcast.mgr.consensu.org
R3
2021-09-25 -
2021-12-24
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 6 frames:

Primary Page: https://shadows-house.com/
Frame ID: 055A0CC602ACEFC23615A2C469BDE981
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 2B4D3984D73A933E2EF698D1A8ABB6F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8486942672098239&output=html&adk=1812271804&adf=3025194257&lmt=1632698369&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshadows-house.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732113946&bpp=744&bdt=95&idt=1019&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1096459997021&frm=20&pv=2&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1032
Frame ID: 8629B7B3F964F1B336E410F87AF723ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8486942672098239&output=html&h=280&slotname=5869201679&adk=2038559562&adf=33086468&pi=t.ma~as.5869201679&w=920&fwrn=4&fwrnh=100&lmt=1632698369&rafmt=1&psa=0&format=920x280&url=https%3A%2F%2Fshadows-house.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732114778&bpp=3&bdt=927&idt=215&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1096459997021&frm=20&pv=1&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=180&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=W8j2oFOuAh&p=https%3A//shadows-house.com&dtd=225
Frame ID: 3AE64B21993911589E6713928461C9D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B40354CBDBFA1EC8130621C53BD28CC5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F65CB0C67CBD0B724831FEEB36790C2
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Read Shadows House Manga Online - English Scans

Page URL History Show full URLs

  1. http://shadows-house.com/ HTTP 301
    https://shadows-house.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

80
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

26
Subdomains

25
IPs

3
Countries

1833 kB
Transfer

5415 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shadows-house.com/ HTTP 301
    https://shadows-house.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
shadows-house.com/
Redirect Chain
  • http://shadows-house.com/
  • https://shadows-house.com/
81 KB
19 KB
Document
General
Full URL
https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
3213a640adf0a391bd86ea7141b81495b368db9210050569f1fdbe2aaafa142d

Request headers

:method
GET
:authority
shadows-house.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
last-modified
Sun, 26 Sep 2021 23:19:29 GMT
cache-control
public, max-age=0
expires
Mon, 27 Sep 2021 08:41:53 GMT
vary
Accept-Encoding,Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swLiM5QiU0WMBw2uX5NVvAldlXJdDcMKB8m5sqAk7buD498nxsRTb6juQrJHGa7AMVlDx3jUtVBdcOBaXf5BdQa0CH6hX95am5nd%2FU8GeDH5nXYXBQJciC1RLl5915IRCM6YRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69536f7b7e3b4138-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 27 Sep 2021 08:41:53 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 27 Sep 2021 09:41:53 GMT
Location
https://shadows-house.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW8EhpczQLMfTcYPUcpNgs9i5Sa7cqngMyjQYqsu6qj%2FOj2v9K7cTQIJaAeReevxUb0YTr7jtmuh6tBSWbuLvK9bPTgrF64PD%2FYTkZtw4aAIy%2FFgWdap3bmcHtiwTQrjSugiKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
69536f7b1cb4278c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
services.vlitag.com/adv1/
927 B
1 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=2b20f9867e6c63d86143b035238e7c75
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddae42329f8386f4e9e530fe0f86d9e4f1e251ecb5f6c22277916ee8f3fbde5a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 27 Sep 2021 08:41:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sflTu9y4v8afUSMVIGGZQe%2BdjwKkUfWEcLolACxFM1qpSQje3xtEO9DUaTcxzqj6A6%2Bxc%2FRizfwYoFd6QKQEjtDAiJ9MVQttqnarRIvvc%2BEcNDmPPUmZWpHu05NZbGwPpbrKBV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
69536f80098af9e6-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
fd39e7ecbcf51d2eeff2c1f681a6aadbe62793634fbb924e0b25dae42db5720b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49936
x-xss-protection
0
server
cafe
etag
12266674932944689529
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 08:41:53 GMT
jquery-1.11.3.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:20:58 GMT
server
nginx
etag
W/"553fb36a-176d5"
vary
Accept-Encoding
x-hw
1632732113.dop038.fr8.t,1632732113.cds231.fr8.hn,1632732113.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
style.min.css
shadows-house.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 07:18:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M1WRPHODfoU%2FiWbqfDEpRX1sabKiKILMoAw0R1efBaW86IoWdhrcSYkMVf0l8W4fbroS63CR8U50KiJyIx0PJLdHoi147hs9GA%2F9bDzAU3FLa0NB83U5bky6WP9Us7xhOm9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb96b4138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:54 GMT
styles.css
shadows-house.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=2640
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:10:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yczsKggj3Kq8B9Z67NH%2Bb2FKeseWHpbuxNqDU4w0KpvjkMnUk8NqsCZ3Bqp3%2FvQyIT6n%2Bob6RB5mMchou2hgZIw5uMXCtVmlUsPGGtqd9vnB%2BM92r1DTMkQ%2BdroAhNsrA1%2Bbbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb96c4138-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
frontend.css
shadows-house.com/wp-content/plugins/wp-dark-mode//assets/css/
29 KB
4 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28f33966d5087d3509f2278b0d1dbd62e5caa5240bd022eefff060360774f5c

Request headers

:path
/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:11:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNwJVCxPG6qMaGwwdlii1ktHyluz7B5pZnivraJ%2Bv7wtkMcAFI7rPkiC1zpm8lsN2PkdLhVDO1eU780YVV9re5GffOqokTS1UvO%2BU92G5NiuB0k%2FI90tF%2F09nVfNI4EEKaTKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb96d4138-PRG
expires
Tue, 27 Sep 2022 08:41:54 GMT
bootstrap.css
shadows-house.com/wp-content/themes/Ifenzi/css/
119 KB
20 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac

Request headers

:path
/wp-content/themes/Ifenzi/css/bootstrap.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
355973
cf-polished
origSize=124948
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 24 Apr 2021 22:26:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20THxwxqL8hPHBplMr7feF%2FzrQWQByvDrXOYJiLSYtcZzcGkFqGKB3WjTS7UZYlMt2K1%2FBkI3KY7Hg8NLPfYz%2B7FRJnR%2BFKNRSpCmqb97ZVHafKxpQ%2BADkTwaAVP1jNjJmX52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb96e4138-PRG
expires
Thu, 30 Sep 2021 05:49:00 GMT
style.css
shadows-house.com/wp-content/themes/Ifenzi/
23 KB
6 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/style.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe

Request headers

:path
/wp-content/themes/Ifenzi/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=24746
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 08 May 2021 04:38:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUDcptu4kikCXscOvBHYB%2Bdug%2BJlwKrRyUuPvaDa%2FhAFOrTNTgOiOQ%2FGUwfE8IN6yQalkQPsSGICRWnAUWz4sLB3Z9ETX4zGp3tVFwI2NwsmzLefG0yza1Q5ZQvoFhgE5amNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb96f4138-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
font-awesome.min.css
shadows-house.com/wp-content/themes/Ifenzi/font-awesome/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

:path
/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Apr 2021 00:10:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssO46DTQcalzsXXVsFx8AAxr0zqXClzTKkopwSIlakfKC5Mp2stI8S3dK6dwgrBi9lJn3%2FscLsxrwcmENjSHWaPw4E91pPheIG8XWVdUs4y5GWmFljhQ%2BF3B5flC8AkWeBlM6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb9704138-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8ff14e4c3c09dd07483e75066e5f28e0aadce667253b26eea0e124f2b2b79787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 07:40:22 GMT
server
ESF
date
Mon, 27 Sep 2021 08:41:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 08:41:53 GMT
essb-subscribe.min.css
shadows-house.com/wp-content/plugins/easy-social-share-buttons3/assets/css/
54 KB
4 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-subscribe.min.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a6d5271e675e56a1da3ab0ddac24e70a88e7581adf9affc809d147780bef1d

Request headers

:path
/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-subscribe.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 27 Mar 2021 06:21:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6kG%2FZ60lZ4EzFc2mBzKm0El6tSS3PFZBzw0xsWtWIX4Z85Wsx0K5LY8slYApQ1A1WuoZ%2BfJ7utqjG5CiY338Dp0b0I04Y3NtmPKLp7Tjx5%2FiYol9nLL2U%2Bqh5VryeRARW6Izg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb9714138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:54 GMT
easy-social-share-buttons.min.css
shadows-house.com/wp-content/plugins/easy-social-share-buttons3/assets/css/
119 KB
16 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b

Request headers

:path
/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522263
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 27 Mar 2021 06:21:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZsBVvvysBdd9%2B5Bh4xxpoAIy3mycB2MzyvsXiJaj7ZB8s79POHMJOgPF4Ac1n4lVmYgFSPanQD7tUunu5GNyagWfIFITldXN3YkVTWRBvR8TBjjlM5SdoGl1kHlcm7xjEEZ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb9734138-PRG
expires
Tue, 28 Sep 2021 07:37:30 GMT
jquery.min.js
shadows-house.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://shadows-house.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 14 Feb 2021 12:19:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cATRLEP4oYpL1YRmjDDJAR9tW11jTWMAt0ojTHl16wV40uThYjuoNA%2FDiE0PUw4mt4GjSJ7Ff%2FWazgxY6i4NXEkjCTT74rhwT%2FdUA1ozle4bkbgicExOnpjSXJfaP7gPprvjkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb9744138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:54 GMT
dark-mode.js
shadows-house.com/wp-content/plugins/wp-dark-mode//assets/js/
111 KB
30 KB
Script
General
Full URL
https://shadows-house.com/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6

Request headers

:path
/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=183317
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:11:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o62VYBuuBpZE%2BDDe1qG8u3wKvHg1%2FSMTFvdS9ZoyiIWabqgJX4iiXJHppSNfvwBCc1Oe%2F%2B5a9qBdLgR%2BTtRuk50Mf786%2F1gIy%2F2xZi8YZSzdp2jy3LRduNA8dzw5RcIIdl6MXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f7fb9754138-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
Widget_2.js
storage.ko-fi.com/cdn/widget/
3 KB
2 KB
Script
General
Full URL
https://storage.ko-fi.com/cdn/widget/Widget_2.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 27 Sep 2021 08:41:53 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OrvIUQF0Mg8EkV9ejBdWSw==
age
511417
cf-polished
origSize=3628
x-ms-lease-status
unlocked
last-modified
Fri, 04 Dec 2020 11:14:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
85c59827-301e-0054-4946-a8a9b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
69536f7ffe570eab-FRA
cf-bgj
minify
jWoFcS2.jpg
i.imgur.com/
12 KB
12 KB
Image
General
Full URL
https://i.imgur.com/jWoFcS2.jpg
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1b36da64bd8c3348e791b82dbc1fa25505f939396b421fc0dc20708dbcf1f630
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
x-content-type-options
nosniff
age
2157530
x-cache
HIT, HIT
content-length
12463
x-served-by
cache-bwi5183-BWI, cache-fra19163-FRA
last-modified
Sat, 08 May 2021 06:54:53 GMT
server
cat factory 1.0
x-timer
S1632732115.738596,VS0,VE1
etag
"09628f4e1ce3e8256bf8c71509ce9ad6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
icons.css
shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ae7e5203901b2a924d8937e9a6e3c934f747dbd89158f690ad316f35478ec4

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579323
cf-polished
origSize=33935
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:11:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceyYV%2BxSQlhHF7dVMPlVPxq%2BO%2B2uTk9seOThGWEK%2FPR%2BFe%2FsS6MHna1sMIF1APWBJo8JhrGtIaJxsx6Pnd%2B1kKvZsShJVwEc88uEilcgVYODpSd1Si2dGwhiPnZupx4BJFhxCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f83c8c4f9ce-PRG
expires
Mon, 27 Sep 2021 15:46:31 GMT
shortcodes.css
shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/
46 KB
9 KB
Stylesheet
General
Full URL
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e888dd1ff331706ce38a8df3b6a49db3a4b2dc24091c637eec77d39776f7e4c

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=47396
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:11:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzXR8rZ9bScLuv99XzVohTntnO%2BcgXh%2FeFOVHf5ajx1WblJV35N5CIXo1f%2FKydyCglel9iMM1c%2BF0OibHNfSWV9crnke30Bm%2FgV914NGWZDMeRkiGIfodc0nB2QUuYU1HCpt9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f83f8d8f9ce-PRG
expires
Tue, 27 Sep 2022 08:41:54 GMT
wp-polyfill.min.js
shadows-house.com/wp-includes/js/dist/vendor/
97 KB
34 KB
Script
General
Full URL
https://shadows-house.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 14 Feb 2021 12:19:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNOvQuG3kQTETXbuPz4JfOEM4%2FnjoT0b%2FBoB7hXaXLZff5sU8GHawrUvvYLixS%2B6iETiOlJrqgkIivODaYgiLo9cwyxYFutk%2FSbMd5fEn58Rtyw73F7XDZDvYgaGoIwwCBPsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84c91ef9ce-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:55 GMT
index.js
shadows-house.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://shadows-house.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/index.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:10:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g24ssriRLO%2BNoW9rfR21y7JcQEwAK2c4GjtXQbfT7gVY95k618pljK4muh4vP0KKM0zJgeEFP5dUIynsZeKpn%2FHe3pmvyk%2F2alAmQtVLWcjVTWPpFlvwXV5yy4D0QUwOi9QLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d922f9ce-PRG
expires
Tue, 27 Sep 2022 08:41:55 GMT
underscore.min.js
shadows-house.com/wp-includes/js/
16 KB
6 KB
Script
General
Full URL
https://shadows-house.com/wp-includes/js/underscore.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path
/wp-includes/js/underscore.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 07:18:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3o1JmWF1RDiDxblqL685pVc%2BmSgU4L3IUewQ9U9LbIUJ53cw2O2tb4Fr%2FvNbbx4mMCAtzXdbheRPTR4JFgkQaq0PD3MnLCZo1votDaIsHXVtl4CGDREScTP26x%2F4hEih9m4PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d923f9ce-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:55 GMT
wp-util.min.js
shadows-house.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://shadows-house.com/wp-includes/js/wp-util.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Request headers

:path
/wp-includes/js/wp-util.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522257
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 14 Feb 2021 12:19:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3Sq%2FvovqTr2iGZxTQvg0OG90NR7JOSVc5u9hjO%2B6e1HENly1vR1pp0VE5KLSBvsh%2BzuIZnj5qfL6IyVmHpjBhCDXGptXE2wmoar8PI%2B7XVKCmb5J6s%2FLOmw3a7taNtwtWBBQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d924f9ce-PRG
expires
Tue, 28 Sep 2021 07:37:37 GMT
frontend.min.js
shadows-house.com/wp-content/plugins/wp-dark-mode//assets/js/
5 KB
2 KB
Script
General
Full URL
https://shadows-house.com/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f4ca2aec628453880aac3d6dfb899bfac045ed6228329bdfb34615caf1ba04

Request headers

:path
/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Sep 2021 17:11:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrJUior3fenEOIGVQ5scfPWx1GZQMvh0wwO%2FGZcOguGRTmNZz1h1bUDJYMEplJoWhRv7PfV%2BkEaCg8TDeKxQoDWe3NBnWTu1tQufezR79xmplci7GCLr4Ig60l03jKRHt8jYDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d925f9ce-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 27 Sep 2022 08:41:55 GMT
bootstrap.js
shadows-house.com/wp-content/themes/Ifenzi/js/
36 KB
10 KB
Script
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410

Request headers

:path
/wp-content/themes/Ifenzi/js/bootstrap.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=36790
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Apr 2021 00:10:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmBz8dqWeR%2Bn%2BAghcORettllAUUk7X4U8UJOFk7tWTcpMXYEqqLaXAzEd4FrGPv2n12tmNSKl36kP%2BmMTC2dhgNimz9naqnV%2FS7JNsBs7u%2FHoxRKvH3lrA89YaksoJBSgip3aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d926f9ce-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
skip-link-focus-fix.js
shadows-house.com/wp-content/themes/Ifenzi/js/
588 B
926 B
Script
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5

Request headers

:path
/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=751
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Apr 2021 00:10:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSjrSTqM1%2FgdA128KecogXGiVS72OwbyhhsSUjsdhqHrGCHklCCj5BeZOrV%2F13ppyACBeRjwMLkIthsMWe0Nzt2%2BVoR16N7ipGjK5ET2d3kRpe08HMMj1u%2BbAL9d38P1KWEu3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d927f9ce-PRG
expires
Tue, 27 Sep 2022 08:41:54 GMT
lighthouse.js
shadows-house.com/wp-content/themes/Ifenzi/js/
1010 B
994 B
Script
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022

Request headers

:path
/wp-content/themes/Ifenzi/js/lighthouse.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=1100
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Apr 2021 00:10:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzsi0AXvnPl5f3rw1Dq1c1SeIZqve3NQ6ytQxeCcofOgJ%2BsVmwFSgSA1rlSITVkHCGk%2FQj2bYXByKj42pHLAf%2Bz9RL6%2FaVvAUw7vKnStzKsIaUZZ9KroJ93eHZBnoLIjWLk07g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d928f9ce-PRG
expires
Tue, 27 Sep 2022 07:24:54 GMT
wp-embed.min.js
shadows-house.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://shadows-house.com/wp-includes/js/wp-embed.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 14 Feb 2021 12:19:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTEOzqnZ1XpnXWRBUtdt8PyAClkCS64DB6kQvFbKDkn0LCYoJNIIJVJM4wsn1OnDL20cnVsfpQBsYR%2FvtthJRAdWng42Q5Ym%2BJZgmNCndQEnIIpW6jOOTFCcq1TavJr6ZQfOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d929f9ce-PRG
expires
Tue, 28 Sep 2021 07:37:34 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
835
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69536f85091ac272-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 30 Sep 2021 08:41:54 GMT
index.js
shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/
12 KB
4 KB
Script
General
Full URL
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2740bd54d671ae19ea57cd6e7a65802509cbbd8d67b89f4ffce1a2d05ddb1c83

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
355964
cf-polished
origSize=12262
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 17:11:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfG1RzDVYKe%2FLOC9My22tefa6aExwyfebjVyI2LZZwShL3bawazMdRycW7JPeHLRFqs%2FDc82r7Vz6QmWQplP0R%2F1ZurULpZShiZpLtT%2BHAIQpVDpBTIWKU2g2LaALyxjN2ljJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d92af9ce-PRG
expires
Thu, 30 Sep 2021 05:49:10 GMT
2566c291e59e185c12a331fef1e235f3.js
shadows-house.com/wp-content/easysocialsharebuttons-assets/compiled/
51 KB
13 KB
Script
General
Full URL
https://shadows-house.com/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364

Request headers

:path
/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246917
cf-polished
origSize=51947
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 08 May 2021 09:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HoNH8Ioi5JTa5kbyCK5dSkjUQBMdRhjd0j97gYVZJJHM3k3%2BqDfXJ%2BrGLYWei77EqANIhW58cm81DMvUzdnmfSb7t5z4aSDVGlRSPgM564CoeNF9RljE1PRAFcUFJCGIl2c7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d92bf9ce-PRG
expires
Sat, 24 Sep 2022 12:06:37 GMT
lazyload.min.js
shadows-house.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/
8 KB
3 KB
Script
General
Full URL
https://shadows-house.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path
/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522262
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 14 Feb 2021 12:19:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDqm5Y0EOpsBJW9M9ff4THxbuk77vIyBEXdFOrI5e%2FmCtwZYg2HbUdZickF6qGI3BnB1H51mGdZJnn7i7Zd3Wlne5BGaTPHsdyut2D%2BqtuywKuxRchr4ZhXFUYwSX8mw11F1aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
69536f84d92cf9ce-PRG
expires
Tue, 28 Sep 2021 07:37:32 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/
255 KB
94 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96563
x-xss-protection
0
server
cafe
etag
7060619430629612648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 08:41:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 2B4D
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shadows-house.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 27 Sep 2021 05:23:04 GMT
expires
Mon, 11 Oct 2021 05:23:04 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
11929
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
services.vlitag.com/uv/
13 B
692 B
XHR
General
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshadows-house.com%2F&mtk=15937
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=2b20f9867e6c63d86143b035238e7c75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 27 Sep 2021 08:41:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPOoihfs8%2B5piKsuunxZXea1mHpG36gpwrXsl2mlVk5to6BUBOJGw06kRnczDAAW19PBUy2%2BG14cQU8FjFo8IkveEf0EDGjZQ1Lz%2FCAxzP%2F7xP7yaK9kWkGej05lqTm1k8CmlvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shadows-house.com
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
69536f811872f9d6-PRG
expires
on, 01 Jan 1970 00:00:00 GMT
2b20f9867e6c63d86143b035238e7c75.js
tag.vlitag.com/v1/1632593430/
500 KB
126 KB
Script
General
Full URL
https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=2b20f9867e6c63d86143b035238e7c75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b68d5157c5578c3247973b8f01320ddaf137fa0afe3882f9df8e2ca7b46a6d5e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 26 Sep 2021 18:50:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTzBrDYAYhPzQ%2Fi68RshW%2FdkDge6c8fX0l9DLSImjwvrC7bL%2FkJ12tnrcuAhFqfG92oWtDRXE5eswuquKFuB1%2Fd7ZKMS%2BWSIiJoR6qFzSyt9J0oWHGDx4k2qnTcNnwG7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
69536f850cf4f9e6-PRG
cf-bgj
minify
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6594
date
Mon, 27 Sep 2021 06:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 27 Sep 2021 08:52:00 GMT
popunder1000.js
a.exdynsrv.com/
94 KB
39 KB
Script
General
Full URL
https://a.exdynsrv.com/popunder1000.js
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 08:41:54 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"f744f0d2317398d07acc666b278"
X-HW
1632732114.dop038.fr8.t,1632732114.cds168.fr8.shn,1632732114.dop038.fr8.t,1632732114.cds103.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40039
cropped-shadwo.jpg
shadows-house.com/wp-content/uploads/2021/06/
69 KB
70 KB
Image
General
Full URL
https://shadows-house.com/wp-content/uploads/2021/06/cropped-shadwo.jpg
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cec230fed5866adcb014b6476f95f9fe13102a6ea49bc260953fa2a31ffa531

Request headers

:path
/wp-content/uploads/2021/06/cropped-shadwo.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shadows-house.com
referer
https://shadows-house.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522261
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71042
last-modified
Sun, 13 Jun 2021 00:03:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4laRnZYn%2BrgqSpV4GIxDgfcrIdN%2F3teLiwTLpyQBkxqLsQFkPTxL8SN5xh1E1vrD7MLgSVAT7dJcp0v0PXGytq33jjnR31oq%2BMjbi9YEB6m3hLDag7eqBWOYQLGaGOgobtAFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
69536f84d92df9ce-PRG
expires
Tue, 28 Sep 2021 07:37:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 08:57:05 GMT
x-content-type-options
nosniff
age
431089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 08:57:05 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:11:30 GMT
x-content-type-options
nosniff
age
581424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 15:11:30 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:22:16 GMT
x-content-type-options
nosniff
age
544778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:22:16 GMT
css
fonts.googleapis.com/
2 KB
446 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,700
Requested by
Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/widget/Widget_2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
3499d092c81dcc2408c9b889e2c77b164d8742edf441ad11fb69584b25c8fbae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 07:00:49 GMT
server
ESF
date
Mon, 27 Sep 2021 08:41:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 08:41:54 GMT
cup-border.png
storage.ko-fi.com/cdn/
6 KB
6 KB
Image
General
Full URL
https://storage.ko-fi.com/cdn/cup-border.png
Requested by
Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/widget/Widget_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 27 Sep 2021 08:41:54 GMT
cf-cache-status
HIT
content-md5
nt+i2V4lVEX5fauLp9jhTw==
age
314760
cf-polished
origFmt=png, origSize=11273
content-disposition
inline; filename="cup-border.webp"
content-length
6016
x-ms-lease-status
unlocked
expires
Wed, 13 Oct 2021 21:15:54 GMT
last-modified
Thu, 13 Aug 2020 07:33:04 GMT
server
cloudflare
etag
0x8D83F5B1DB37834
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
295fe38f-101e-00e2-029e-b0a741000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=1742400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
69536f84fdb40eab-FRA
cf-bgj
imgq:100,h2pri
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1892468114&t=pageview&_s=1&dl=https%3A%2F%2Fshadows-house.com%2F&ul=en-us&de=UTF-8&dt=Read%20Shadows%20House%20Manga%20Online%20-%20English%20Scans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1393146627&gjid=433184628&cid=364576929.1632732115&tid=UA-194774824-1&_gid=741035236.1632732115&_r=1&_slc=1&z=1659260097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadows-house.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 08:41:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shadows-house.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
whitelogo.svg
storage.ko-fi.com/cdn/
2 KB
1002 B
Image
General
Full URL
https://storage.ko-fi.com/cdn/whitelogo.svg
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 27 Sep 2021 08:41:54 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
NNxd8cik1auzYySPv5WiaQ==
age
512365
x-ms-lease-status
unlocked
last-modified
Tue, 31 Mar 2020 10:30:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1a37f790-901e-017f-3d88-989b54000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
69536f855e880eab-FRA
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v24/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:51:14 GMT
x-content-type-options
nosniff
age
391840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 18:17:05 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 19:51:14 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 20:10:54 GMT
x-content-type-options
nosniff
age
563460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15280
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:10:54 GMT
fontawesome-webfont.woff2
shadows-house.com/wp-content/themes/Ifenzi/font-awesome/fonts/
55 KB
56 KB
Font
General
Full URL
https://shadows-house.com/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-fetch-mode
cors
origin
https://shadows-house.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_ga=GA1.2.364576929.1632732115; _gid=GA1.2.741035236.1632732115; _gat=1
:path
/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadows-house.com
referer
https://shadows-house.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shadows-house.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56780
last-modified
Sat, 03 Apr 2021 00:10:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERujfIp%2FdYaJyQiM9kYs08hhlbjJ1%2BYPaRcTbK9OAWKPZ3IiX4PGOCctsXo4WHrQa49qWxx01I8PgEwaQ94QYghpcHXQh6TgaRv4gzOclTBiEjCbFrFn6wI1u9bCP5CfpR%2BENw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
69536f85696af9ce-PRG
expires
Tue, 25 Jan 2022 08:41:55 GMT
forkawesome-webfont.woff2
shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/
88 KB
89 KB
Font
General
Full URL
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

sec-fetch-mode
cors
origin
https://shadows-house.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_ga=GA1.2.364576929.1632732115; _gid=GA1.2.741035236.1632732115; _gat=1
:path
/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadows-house.com
referer
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shadows-house.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://shadows-house.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
90420
last-modified
Wed, 08 Sep 2021 17:11:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FUY4VxKljoxbnN06EUNnZBZ%2Bxhmgzth3Xd0%2Bwj4Ozkyn1rJrIvjNRpGrepRQcum2vY29mpZ7WZIKZS35zDGumFIv%2BwBIPWdGVBUBiiQt%2F4EIvMeUxQUKwALrqcX2t6b3MydVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
69536f866a21f9ce-PRG
expires
Tue, 25 Jan 2022 08:41:55 GMT
cookie.js
partner.googleadservices.com/gampad/
207 B
662 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=shadows-house.com&callback=_gfp_s_&client=ca-pub-8486942672098239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8325a4bb973668a07f6fc6bfe9b3cdbb30846d3b8f4ddb6fddb2cf42d9e7f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fshadows-house.com%2F&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 08:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shadows-house.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8629
12 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8486942672098239&output=html&adk=1812271804&adf=3025194257&lmt=1632698369&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshadows-house.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732113946&bpp=744&bdt=95&idt=1019&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1096459997021&frm=20&pv=2&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1032
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
88096dd67d39ebf6988ef7182b223ab8b19a66b0dc98a8a0557c3f2e6b57e773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8486942672098239&output=html&adk=1812271804&adf=3025194257&lmt=1632698369&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshadows-house.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732113946&bpp=744&bdt=95&idt=1019&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1096459997021&frm=20&pv=2&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1032
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shadows-house.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 27 Sep 2021 08:41:55 GMT
server
cafe
content-length
4811
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 08:56:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 27 Sep 2021 08:41:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
fdea71e924d77e130a4272ac71807196634473b6046bc03e8302c4b64ae37aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27646
x-xss-protection
0
server
sffe
etag
"1632483125817035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 27 Sep 2021 08:41:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3AE6
430 B
231 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8486942672098239&output=html&h=280&slotname=5869201679&adk=2038559562&adf=33086468&pi=t.ma~as.5869201679&w=920&fwrn=4&fwrnh=100&lmt=1632698369&rafmt=1&psa=0&format=920x280&url=https%3A%2F%2Fshadows-house.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732114778&bpp=3&bdt=927&idt=215&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1096459997021&frm=20&pv=1&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=180&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=W8j2oFOuAh&p=https%3A//shadows-house.com&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0dd744e34b832dcce24797cdda3a102ccef177548a70261aa180cfe91631217d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8486942672098239&output=html&h=280&slotname=5869201679&adk=2038559562&adf=33086468&pi=t.ma~as.5869201679&w=920&fwrn=4&fwrnh=100&lmt=1632698369&rafmt=1&psa=0&format=920x280&url=https%3A%2F%2Fshadows-house.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632732114778&bpp=3&bdt=927&idt=215&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1096459997021&frm=20&pv=1&ga_vid=364576929.1632732115&ga_sid=1632732115&ga_hid=1892468114&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=180&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062853%2C44750533&oid=3&pvsid=2221093377818607&pem=989&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=W8j2oFOuAh&p=https%3A//shadows-house.com&dtd=225
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shadows-house.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 27 Sep 2021 08:41:55 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 08:56:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 27 Sep 2021 08:41:55 GMT
cache-control
private
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/
267 KB
72 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809840
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HahRWyEOHQJbgpBY9%2FeGdA4s0LsGPPPNtKdA7WqikWf2C1HtUtCJr8yjj4zGbvKrXzBtD%2FiD0oXG8xaN12A6rZe5mCfTEhmPQR7EQ1c0BcKzCPqbREcx4k3VUMBaK4nh3FT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
69536f873e1cf9e6-PRG
expires
Mon, 06 Sep 2021 10:27:55 GMT
prebid-v5.12.0.js
assets.vlitag.com/prebid/default/
465 KB
136 KB
Script
General
Full URL
https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809840
cf-polished
origSize=476623
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 02 Sep 2021 03:27:04 GMT
server
cloudflare
etag
W/"61304488-745cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVYAsH9UuIt0ItUwpqJpjWLFUNzwO2lbUPfwMOryl381m0wsU9yw%2FGmpPqTSSUGiX3S5CWJAIRRYTqfHYnTz5lFFXlsIiGYp8kh6eqgquT81T5LgOQ7NP1rD0%2F46YdRmWjWn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
69536f873e1df9e6-PRG
expires
Mon, 06 Sep 2021 10:27:55 GMT
gpt.js
www.googletagservices.com/tag/js/
73 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
373a8bed442801caa31cc0d5831450d22cfa9d5aef01ac2342a9616ec5f89695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 935 of 1000 / last-modified: 1632522707"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24869
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 08:41:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
345 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
dcadac01c15fd23fd69c73bd74aea64b86e95a4fd847b4049dff4b9abc65165e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121280
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Mon, 27 Sep 2021 08:41:55 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/
38 KB
17 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632593430/2b20f9867e6c63d86143b035238e7c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809840
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2PoPUq4GVkgciy%2FNHmw%2FBVnVUZG9EpYaAxUCK7rv9MlpoMfpdJ%2FbYWKBO1E0d3aHd%2B%2Ffan1NCmMWwV9NvqoVZjfA73XjlNkPEWKwhhw%2FM7EZ7bPvKIsBDrep1R6mQi8s0j3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
69536f873e1ef9e6-PRG
expires
Mon, 06 Sep 2021 10:27:55 GMT
pubads_impl_2021091501.js
securepubads.g.doubleclick.net/gpt/
334 KB
117 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119151
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 08:39:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 08:41:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
36 B
709 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shadows-house.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a87ba6168fb909572b721edf9e3adb2548e773952768c5ddd2df9cba06fee1bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52
x-xss-protection
0
expires
Mon, 27 Sep 2021 08:41:55 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/
8 KB
3 KB
XHR
General
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadows-house.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:00:40 GMT
content-encoding
gzip
age
20476
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
86400
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 21 Sep 2021 19:52:29 GMT
server
AmazonS3
etag
W/"c9ca46e8bca386b00ae734ec7f36e72e"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
53eMtdSFMejUNxoIEd.wWdAMwnfkg3aL
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
content-type
application/json
x-amz-cf-id
oDT2dtOdrHUsS030FfqYYNtTZfDaUjP7dCC7bRk7d60NM-dnDSElRw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210927
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shadows-house.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18769
x-jsd-version
1.0.1112
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
953
etag
W/"695-HwbnefgGmL4f3mqH04jBDIcX10Q"
x-served-by
cache-fra19147-FRA, cache-hhn4023-HHN
x-jsd-version-type
version
date
Mon, 27 Sep 2021 08:41:55 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/
74 KB
75 KB
Image
General
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by
Host: shadows-house.com
URL: https://shadows-house.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306581
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv6xlYC08NG06YUvq2lvuqK9rqKUqIpl1E%2B1yKgRuv%2FfnpnZ25IMHabOY28Fhh%2BRVfIvO2GhbUNPKlJeHApc%2FoXw4IaXRnfMmpTmnX%2FV30sbF2%2BxCUHsvEzi1iTa9GBmKC%2Fb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 23 Sep 2021 20:02:14 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
69536f888c5ff9d6-PRG
cf-bgj
imgq:85,h2pri
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/
287 KB
37 KB
XHR
General
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
20478
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 27 Sep 2021 03:00:31 GMT
server
AmazonS3
etag
W/"dccf112bc5d2e3e28d1ec13b6c87167e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
1EefEnSav8dGLEs66tPr29gPvFnZEy_JLIirE0yCFwSaYLKpyaVSag==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/
469 KB
124 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:40:54 GMT
content-encoding
br
age
43262
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oW6mDggkjLx_MTFBMq--hT5jRKcR8Sq6NP7cCBfJaUEHz8WQ3688uA==
/
audit-tcfv2.quantcast.mgr.consensu.org/
80 B
538 B
XHR
General
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shadows-house.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1632732115429%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-vf8xwe4vugkfuow8tkjl%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-10.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadows-house.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 16:15:25 GMT
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
age
59191
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HN10Fv5wz7lDlca3pq1t5ZG7RDXGbVpqOtKGzv5X2ce3b9Vwn6XZ2g==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
69 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:55 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
26
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69536f8a99a96934-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 30 Sep 2021 08:41:55 GMT
web
onesignal.com/api/v1/sync/a43ae5d6-573b-4bd6-b038-2430ef6b6734/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/a43ae5d6-573b-4bd6-b038-2430ef6b6734/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
0b46fd8942e454e3d7d8af4432e6c69166a3d936f68be3742ecb812e0b9f5cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
cdd4df9e-9799-4017-8775-c46f686fe071
x-runtime
0.060689
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0b46fd8942e454e3d7d8af4432e6c691"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
69536f8b082fc272-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 27 Sep 2021 09:41:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
2460e3bfb0c00c3bd327b21761e3ad3a05c63ed0b2c33848260a2d5eb833a140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 08:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8519
x-xss-protection
0
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
850
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
69536f8d4fbc6934-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 30 Sep 2021 08:41:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 27 Sep 2021 08:41:56 GMT
icon
onesignal.com/api/v1/apps/a43ae5d6-573b-4bd6-b038-2430ef6b6734/
44 B
583 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/a43ae5d6-573b-4bd6-b038-2430ef6b6734/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c2827d44-324a-4c78-8a6d-5b28a5a356aa
x-runtime
0.161329
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e51140cdcd044ad76335646936ec5319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
69536f8d88a84e19-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 27 Sep 2021 10:41:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B403
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shadows-house.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 27 Sep 2021 07:28:21 GMT
expires
Tue, 27 Sep 2022 07:28:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0F65
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
5c232cf8658dd22d6bae980ce308745b64f7bd957af4db332a5db49222574989
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qu+p8XVPfAIJ9L0EsFR8lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shadows-house.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Sep 2021 08:41:56 GMT
date
Mon, 27 Sep 2021 08:41:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Qu+p8XVPfAIJ9L0EsFR8lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F65
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=2221093377818607&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
pagead2.googlesyndication.com/bg/ Frame B403
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 20:25:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
130565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 25 Sep 2022 20:25:51 GMT
truncated
/
582 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=2221093377818607&bg=!tbaltvLNAAZNQyuQTUM7ACkAdvg8WmLYa6La0LSW8PC8KTOOMrcSDVgR4gvKaCS4ScxZPGWTh16BYgIAAABkUgAAAAdoAQcKAMX4JHcyaoTMR4RWZ06B9OWVKPw1WJweHQREXLgQ8mw0mtT5gNVdl2mcVWxGQs9ItH5Kbg0nMrTWtEzX8LbrxOxoWPboJIbejC1MY_k1kcWeu7xn7mho-ZHaDXrRYHVVS6xNYuhtAsA7GM-1qLCCfzEOi1oPymaCVcWWWXO5hqmPdSKdAG-VeG9IKooySBCl1odaI_0tbOPHHs2Zq8kC8LsltAvxC97wqo0MGSCPTRMJ7pzXt2EGmXjI544jnmVoxZXxyQECupkCv4X2A-P_vIVbOw5cEo0Y76jGaLFJeov4CvFuj0rBQFBCVZP2ZRgsC5mec4wOqgUTMzynNAZxyqPGZOwSPqjWaegwY-yxuAe3yl17-lGvyvCTDc8ir1aU0bIteTapcn25xWjyshEiCQ1_bom9uUhTr7GRV538N85be2i3EJmksR87gT5c2o-86NG8aYeSNWtGjM3VqYhlEPWlyD-Ga6u_8rIAFKhGPU2EDzJey-fXZlTluzCTFF8Q2rpK0wS9anRRjylRtf-tLagjZNnW1j3-Z4vi-E6IjA57LdH5gAnCtFvRrnIYBI63dpm0VHz8DoM38TAfYefQDtVB9bRlwvZjgRF-DvQ35a8P-MyLn2gnfwsJyyANRI3Y3yi7Fhm8Rt45N9SLVb4biJ_oMq3eUZ4m9lHUXMKp55L5UMOqRXbEEHkx8iuoUxi6ujmxIwAZQ9pNDjuTpZ4ZEXt3ZqEWoEjx-YRWrAN7f9Ac3UEERNBQUqCcOY2Cgx2ZE6N1AD6WGXeOYI_6RN8ZqMr9d58aZ3rj7DETj73Oha40aiKi7aerSg2Yepnb3dHb1jD7tEzXQEBiLsjXjZ_24Ry3r7mJk0bEYbvLWlROfbe8XaSDO0VP8yByup7jETA_aYXLQrgRzPaLu553mcFEsUVZNhSfba8_Ry01Yu-6sYklGrshAdRwQH3Alu2Mf8t2DXzcqf6_VdBOfN7b6Cr3XTxg5rp5UPMSoBmp_-lHEaxHXaW-Tim-34_64aFFUgkHCeSIkXO4i1puOx90sRsnk-1b54u_CMD7JVfeO_0ePJNIwyS_fj1REM13IEAbfvlF3FCU9YWSvxI5qbJMtn1xYPkgZSoE4gwjNgHRxZ1mrjxuHvgybbQfIm1dP4Q_SOoEftuZL8MxQFJPALvvNtv8GfhUtpCfqq3w3FDI6ZTkfco3Z1UG2gSM2Fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shadows-house.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| vitag function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots string| google_user_agent_client_hint object| _VLIOBJ object| DarkMode string| GoogleAnalyticsObject function| ga object| wpDarkMode function| checkOsDarkMode object| essb_settings function| documentInitOneSignal function| OneSignal function| loadCSS function| google_spfd number| google_unique_id object| google_sv_map number| amountScrolled object| jQuery111306926978331612821 object| kofiwidget2 object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| google_lpabyc function| f488 function| Q888 function| n800 function| s488 function| F7ss function| x233 function| M5GG function| C7ss string| e94dfadd0 function| t0xx object| exoJsPop101 number| ad_idzone number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method boolean| ad_popup_force boolean| ad_popup_fallback boolean| ad_chrome_enabled boolean| ad_new_tab boolean| ad_t_venor boolean| ad_cookieconsent string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_trigger_class string| ad_tags string| ad_el function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| $sf object| regeneratorRuntime function| __tcfapiui function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| scCGSHMRCache object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill object| wpcf7 function| _ object| _wpUtilSettings object| wp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close function| LazyLoad number| height number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.shadows-house.com/ Name: _ga
Value: GA1.2.364576929.1632732115
.shadows-house.com/ Name: _gid
Value: GA1.2.741035236.1632732115
.shadows-house.com/ Name: _gat
Value: 1
.shadows-house.com/ Name: __gads
Value: ID=5ae22add1c83a94b-2227874a5cc9007f:T=1632732115:RT=1632732115:S=ALNI_MbweP08gKsCRLAcCSBYX6cKyAPe_g
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
adservice.google.com
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
cdn.jsdelivr.net
cdn.onesignal.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
imasdk.googleapis.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
services.vlitag.com
shadows-house.com
storage.ko-fi.com
tag.vlitag.com
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.18.225.52
104.18.226.52
104.21.88.143
104.26.15.238
13.224.193.10
13.225.78.106
13.225.78.27
142.250.184.194
142.250.184.226
142.250.185.170
142.250.185.234
142.250.185.97
142.250.186.130
142.250.186.162
142.250.186.35
142.250.186.78
151.101.12.193
151.101.65.229
172.217.23.100
172.217.23.98
172.67.26.21
172.67.69.151
205.185.216.42
69.16.175.42
0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6
0b46fd8942e454e3d7d8af4432e6c69166a3d936f68be3742ecb812e0b9f5cff
0dd744e34b832dcce24797cdda3a102ccef177548a70261aa180cfe91631217d
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
1b36da64bd8c3348e791b82dbc1fa25505f939396b421fc0dc20708dbcf1f630
2460e3bfb0c00c3bd327b21761e3ad3a05c63ed0b2c33848260a2d5eb833a140
2740bd54d671ae19ea57cd6e7a65802509cbbd8d67b89f4ffce1a2d05ddb1c83
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
3213a640adf0a391bd86ea7141b81495b368db9210050569f1fdbe2aaafa142d
3499d092c81dcc2408c9b889e2c77b164d8742edf441ad11fb69584b25c8fbae
373a8bed442801caa31cc0d5831450d22cfa9d5aef01ac2342a9616ec5f89695
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c232cf8658dd22d6bae980ce308745b64f7bd957af4db332a5db49222574989
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
80f4ca2aec628453880aac3d6dfb899bfac045ed6228329bdfb34615caf1ba04
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
8325a4bb973668a07f6fc6bfe9b3cdbb30846d3b8f4ddb6fddb2cf42d9e7f041
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
88096dd67d39ebf6988ef7182b223ab8b19a66b0dc98a8a0557c3f2e6b57e773
8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8e888dd1ff331706ce38a8df3b6a49db3a4b2dc24091c637eec77d39776f7e4c
8ff14e4c3c09dd07483e75066e5f28e0aadce667253b26eea0e124f2b2b79787
9cec230fed5866adcb014b6476f95f9fe13102a6ea49bc260953fa2a31ffa531
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6ae7e5203901b2a924d8937e9a6e3c934f747dbd89158f690ad316f35478ec4
a87ba6168fb909572b721edf9e3adb2548e773952768c5ddd2df9cba06fee1bf
a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b68d5157c5578c3247973b8f01320ddaf137fa0afe3882f9df8e2ca7b46a6d5e
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bc8cc7536bf94d03004fa21c405a2281878fb1296a61a9dfeb55cc27a53c6ca1
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d28f33966d5087d3509f2278b0d1dbd62e5caa5240bd022eefff060360774f5c
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d5a6d5271e675e56a1da3ab0ddac24e70a88e7581adf9affc809d147780bef1d
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcadac01c15fd23fd69c73bd74aea64b86e95a4fd847b4049dff4b9abc65165e
ddae42329f8386f4e9e530fe0f86d9e4f1e251ecb5f6c22277916ee8f3fbde5a
e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd39e7ecbcf51d2eeff2c1f681a6aadbe62793634fbb924e0b25dae42db5720b
fdea71e924d77e130a4272ac71807196634473b6046bc03e8302c4b64ae37aca