www.shadesquad.info Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadesquad.info/
Effective URL:
https://www.shadesquad.info/offerte
Submission Tags: phishingrod
Submission: On December 14 via api (December 14th 2023, 12:43:17 am UTC) from DE — Scanned from DE

Summary HTTP 60 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 60 HTTP transactions. The main IP is 2606:4700::6810:cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shadesquad.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 14th 2023. Valid for: a year.

This is the only time www.shadesquad.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 15	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3 8	2606:4700:10:... 2606:4700:10::ac43:1653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:455f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d1b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2606:4700:440... 2606:4700:4400::ac40:944b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:445f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f011:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f011:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:e0:3125:... 2a02:e0:3125:1:face:b00c:0:a7	34984 (TELLCOM-AS) (TELLCOM-AS)
1	2a02:e0:3125:... 2a02:e0:3125:2:face:b00c:0:a7	34984 (TELLCOM-AS) (TELLCOM-AS)
1	2a02:e0:3125:... 2a02:e0:3125:5:face:b00c:0:a7	34984 (TELLCOM-AS) (TELLCOM-AS)
60	25

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

shadesquad.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:cc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.shadesquad.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:1653 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
classic.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:455f (United States)

ASN13335 (CLOUDFLARENET, US)

core.service.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d1b4 (United States)

ASN13335 (CLOUDFLARENET, US)

capig.stape.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:944b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445f (United States)

ASN13335 (CLOUDFLARENET, US)

service-reviews-ultimate.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f011:8:face:b00c:0:1 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

scontent-atl3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f011:100:face:b00c:0:3 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

scontent-atl3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e0:3125:1:face:b00c:0:a7 (Turkey)

ASN34984 (TELLCOM-AS, TR)

scontent.fesb10-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e0:3125:2:face:b00c:0:a7 (Turkey)

ASN34984 (TELLCOM-AS, TR)

scontent.fesb10-2.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e0:3125:5:face:b00c:0:a7 (Turkey)

ASN34984 (TELLCOM-AS, TR)

scontent.fesb10-5.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	shadesquad.info 2 redirects shadesquad.info www.shadesquad.info	3 MB
12	elfsight.com 3 redirects apps.elfsight.com — Cisco Umbrella Rank: 16213 static.elfsight.com — Cisco Umbrella Rank: 14293 core.service.elfsight.com — Cisco Umbrella Rank: 16012 service-reviews-ultimate.elfsight.com — Cisco Umbrella Rank: 15424	448 KB
8	fbcdn.net scontent-atl3-1.xx.fbcdn.net — Cisco Umbrella Rank: 6528 scontent-atl3-2.xx.fbcdn.net — Cisco Umbrella Rank: 6904 scontent.fesb10-1.fna.fbcdn.net — Cisco Umbrella Rank: 609698 scontent.fesb10-2.fna.fbcdn.net — Cisco Umbrella Rank: 492498 scontent.fesb10-5.fna.fbcdn.net — Cisco Umbrella Rank: 502624	18 KB
6	clickfunnels.com 1 redirects app.clickfunnels.com — Cisco Umbrella Rank: 59368 www.clickfunnels.com — Cisco Umbrella Rank: 165815 classic.clickfunnels.com — Cisco Umbrella Rank: 220164	4 KB
3	gstatic.com fonts.gstatic.com	74 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	91 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	563 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	166 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	169 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	stape.org capig.stape.org — Cisco Umbrella Rank: 235380	691 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	257 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
0	addevent.com Failed track.addevent.com Failed
60	19

	Domain	Requested by
15	www.shadesquad.info	1 redirects www.shadesquad.info static.cloudflareinsights.com
6	static.elfsight.com	www.shadesquad.info apps.elfsight.com static.elfsight.com
4	app.clickfunnels.com	www.shadesquad.info
3	scontent-atl3-1.xx.fbcdn.net
3	fonts.gstatic.com	fonts.googleapis.com
3	apps.elfsight.com	3 redirects
3	use.fontawesome.com	www.shadesquad.info use.fontawesome.com
2	scontent-atl3-2.xx.fbcdn.net
2	service-reviews-ultimate.elfsight.com	static.elfsight.com
2	www.google.de	www.shadesquad.info
2	www.google.com	1 redirects www.shadesquad.info
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.shadesquad.info www.googletagmanager.com
2	connect.facebook.net	www.shadesquad.info connect.facebook.net
2	cdnjs.cloudflare.com	www.shadesquad.info
2	fonts.googleapis.com	www.shadesquad.info
1	scontent.fesb10-5.fna.fbcdn.net
1	scontent.fesb10-2.fna.fbcdn.net
1	scontent.fesb10-1.fna.fbcdn.net
1	classic.clickfunnels.com
1	www.clickfunnels.com	1 redirects
1	www.facebook.com	www.shadesquad.info
1	capig.stape.org	connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	core.service.elfsight.com	www.shadesquad.info
1	www.googleadservices.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.shadesquad.info
1	shadesquad.info	1 redirects
0	track.addevent.com Failed	www.shadesquad.info
60	29

This site contains links to these domains. Also see Links.

Domain
elfsight.com
www.facebook.com

Subject Issuer	Validity	Valid
www.shadesquad.info Cloudflare Inc ECC CA-3	`2023-12-14` - `2024-12-13`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
capig.stape.org GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.fesb10-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.fesb10-2.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.fesb10-5.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-11-24` - `2024-02-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.shadesquad.info/offerte
Frame ID: B0DD809444FBBE41AB862B8881258970
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wil jij het hele jaar door kunnen genieten van je terras?

Page URL History Show full URLs

http://shadesquad.info/ HTTP 301
https://www.shadesquad.info/ HTTP 302
https://www.shadesquad.info/offerte Page URL

Detected technologies

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

60
Requests

90 %
HTTPS

92 %
IPv6

19
Domains

29
Subdomains

25
IPs

3
Countries

4270 kB
Transfer

8170 kB
Size

28
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://elfsight.com/
Title: Kom meer te weten

Search URL Search Domain Scan URL

URL: https://www.facebook.com/brigitte.vanbrussel/posts/pfbid02aeR7Pdv2A5kLXPTZgiAGtb8TJRjzdinUv3LQsQqKwrCU3aznTg26bE9ARcSWLoaQl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/melissa.verkoelen/posts/pfbid08oj8deayaBePodj3nJZhPgSMHLrWmhgtXSW7XQTYTzFE7wEf9YcsNvSqxuy2C7rUl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/linda.lelievre.79/posts/pfbid0hGQ9NCpfu7bFFM5VPsZWFJjEVGmY1cgRCP6kbN16oiWcERhUpyyaYNJZWrKHig1il

Search URL Search Domain Scan URL

URL: https://www.facebook.com/viviana.steyaert/posts/pfbid0TXvva9YKJBnN2vBtX1x1a4dh4AQg3meurbw54sSg3YdpxyPFWH67FTZP7FPdhGJAl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hilde.vanavermaet.33/posts/pfbid0UwjEHwqWePsfFDpQ6QAhVSLpp2RMg4njkm39jvK5xYYQuVBATnaxYLGp5ATrCcu5l

Search URL Search Domain Scan URL

URL: https://www.facebook.com/roos.uyttersprot.7/posts/pfbid02BKJX1M7HpVj5ud4iGwVqKGVr9pm2v8xzf8uwJq24qt6Q2p1SNrDBvTtSF6YoTxX7l

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bjorn.verdickt/posts/pfbid0cZA1b8UZ7kcZMBDGdmLfNhrn4L3bzyAGrBuXfKRiJwCcsj2aV1KCjxaraVMoWeVPl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jefkesonja.hermanpeeleman/posts/pfbid0u8CrGc9GmZqu93dg7Vx7rEoueqiZtjUkHvDejRhXzxU4spie5Ubb4oCZ7d2m89ESl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadesquad.info/ HTTP 301
https://www.shadesquad.info/ HTTP 302
https://www.shadesquad.info/offerte Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

Request Chain 24

https://apps.elfsight.com/p/platform.js?_=1702514591478 HTTP 301
https://static.elfsight.com/platform/platform.js?_=1702514591478

Request Chain 31

https://apps.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&w=7e53aea5-9e3e-462f-884a-f05dae6d471f%2C59dc947c-0194-4eab-a76d-5d10ea878d6b HTTP 302
https://core.service.elfsight.com/p/boot/?w=7e53aea5-9e3e-462f-884a-f05dae6d471f,59dc947c-0194-4eab-a76d-5d10ea878d6b&page=https://www.shadesquad.info/offerte

Request Chain 35

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&auid=2018905586.1702514591&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=n096ZdemIMm-9u8PpPC02A0&sscte=1&crd=&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvkbvo_gAQpPR8KPjkO7OSAjS-2B5SvECGw&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPaWhraDhaME5PYzJuLXQ5VmdCdWJNNHpJVDdheGZSTjNORWxlVzVSQS1ZTTZJGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SngyLWNVOEhNZEtOLTBQa0dwdERaY2JFTENzVWI2bDNLUFFPdGdxU0J3R0tNNzBRdjMxRVpPbHciEwiX8s-L2Y2DAxVJn_0HHSQ4Dds HTTP 302
https://www.google.com/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&auid=2018905586.1702514591&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPaWhraDhaME5PYzJuLXQ5VmdCdWJNNHpJVDdheGZSTjNORWxlVzVSQS1ZTTZJGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SngyLWNVOEhNZEtOLTBQa0dwdERaY2JFTENzVWI2bDNLUFFPdGdxU0J3R0tNNzBRdjMxRVpPbHciEwiX8s-L2Y2DAxVJn_0HHSQ4Dds&is_vtc=1&ocp_id=n096ZdemIMm-9u8PpPC02A0&cid=CAQSKQAvHhf_n0T7gmVX0Iw5cXRCWb8cOCnK5EPa9kMOWt-rp6Et61ypj5i1&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvvuL_Fz95neAqeWcxl5IAX9l4ckacynksA&random=1273077827 HTTP 302
https://www.google.de/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&auid=2018905586.1702514591&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPaWhraDhaME5PYzJuLXQ5VmdCdWJNNHpJVDdheGZSTjNORWxlVzVSQS1ZTTZJGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SngyLWNVOEhNZEtOLTBQa0dwdERaY2JFTENzVWI2bDNLUFFPdGdxU0J3R0tNNzBRdjMxRVpPbHciEwiX8s-L2Y2DAxVJn_0HHSQ4Dds&is_vtc=1&ocp_id=n096ZdemIMm-9u8PpPC02A0&cid=CAQSKQAvHhf_n0T7gmVX0Iw5cXRCWb8cOCnK5EPa9kMOWt-rp6Et61ypj5i1&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvvuL_Fz95neAqeWcxl5IAX9l4ckacynksA&random=1273077827&ipr=y

Request Chain 38

https://www.clickfunnels.com/images/closemodal.png HTTP 301
https://classic.clickfunnels.com/images/closemodal.png

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request offerte Show response
www.shadesquad.info/
Redirect Chain

http://shadesquad.info/
https://www.shadesquad.info/
https://www.shadesquad.info/offerte

100 KB
16 KB

277ms
276ms

Document
text/html

2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 2b3cf935c87336188addeb190d2aa46d32f12826ff0798ee419ac1289a46425f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: REVALIDATED
cf-ray: 83526940a9a62bc7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 00:43:11 GMT
last-modified: Wed, 13 Dec 2023 10:41:36 GMT
server: cloudflare
status: 200 OK
vary: Accept-Encoding
x-content-digest: efb785c9ba77bc0808e2fcb7ce8313d9d5a406c2
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 4748477eb72dfa9897eaa05af1e38e02
x-runtime: 0.340134

Redirect headers

access-control-allow-origin: *
access-control-request-method: *
cache-control: no-cache, no-store
cf-cache-status: BYPASS
cf-ray: 8352693d7f802bc7-FRA
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 00:43:10 GMT
location: https://www.shadesquad.info/offerte
pragma: no-cache
server: cloudflare
status: 302 Found
vary: Accept-Encoding
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 95769eea70a150056f5072ca4f1cef1a
x-runtime: 0.247989

GET
H2 200 lander.css
www.shadesquad.info/assets/ 425 KB
70 KB 48ms
48ms Stylesheet
text/css 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/assets/lander.css
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:58:27 GMT
server: cloudflare
age: 819
etag: W/"6579f0c3-6a514"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1200
cf-ray: 835269426aab2bc7-FRA
expires: Thu, 14 Dec 2023 01:03:11 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
12 KB 195ms
17ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1363134
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDeGS6%2BqmoFB3VgkQ1zvhz%2BhbmICe6byhE8PKnCDYOquZdL9k8ATczv2mMHh0%2FXvzF5FOOGCZCwmCZh%2BP5mDF3twx7JGIylRBqb9b%2FbbBCGS6XDLax2S%2FV87aokdeVRye8fYQaLj%2FizoJ62k9MBusbhP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 835269437dd79c0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 194ms
16ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1205695
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT1zQ6QQWPQZK5I%2BphC2rYGb4ZF0OupYkaGEx8xG8Xe82dlEzaRQ2o%2FyX1t97G%2BzT2XxMJRYKuZwrJCrTeYhKzqYEhfmuOoeaDn8KlYMuSDMJRXJr1qogSz4LSj635mF7JoHYLT9WXItHDiJjNyDUQm9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 835269437dd99c0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 48 KB
3 KB 196ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b38afd352e3c2e7790373d54a02008617c551a8865eb488d22af53fd2aa9df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:33:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 00:43:11 GMT

GET
H2 200 application.js Show response
www.shadesquad.info/assets/userevents/ 5 KB
2 KB 42ms
41ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/assets/userevents/application.js
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:58:27 GMT
server: cloudflare
age: 781
etag: W/"6579f0c3-147c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 83526943ab612bc7-FRA
expires: Thu, 14 Dec 2023 01:03:11 GMT

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

49 KB
17 KB

17ms
17ms

Script
application/javascript

2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000077d21114a1787238-006579c149-536a3570-sfo2a
age: 36438
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 12:13:36 GMT
server: cloudflare
etag: W/"2063d9765e1647d954e5344382c692a1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 835269445f00bbd3-FRA

Redirect headers

date: Thu, 14 Dec 2023 00:43:11 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
cf-ray: 83526943eed1bbd3-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 01:43:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
847 B 180ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%7Csans-serif%7CPoppins%7Csans-serif%7CPoppins%7COpen+Sans%7CPoppins%7COpen+Sans%7CPoppins%7COpen+Sans%7CPoppins%7Csans-serif%7CPoppins%7Csans-serif%7COpen+Sans%7Csans-serif%7C%7C

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fea85b26f6b3cf1de4aef9e6d9c3aa318dd4d7ff349dc7ddd24a15f913b5cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 00:43:11 GMT

GET
H2 200 lander.js Show response
www.shadesquad.info/assets/ 2 MB
662 KB 51ms
51ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/assets/lander.js
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8688980b91d979f65b1b4ac6cb84d355aac7eaba6a11c05dba09d4a3ae785302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:59:44 GMT
server: cloudflare
age: 819
etag: W/"6579f110-23747c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=sd2O.7XrZ1nlXb246MZcGZXjoJbpbgJEAmMOVeOscNc-1702514591-1-AcGWEpwSSxXRfuRplX3zTGUzygkupYv4cp5USjQM0iKO73JNYWTUJT0YQOzWrgH9IBEc9ctAQ5Geiya1qd2dMbaj7MwJicOhOg5pnwiwSErNROYOzEggt3K10cyfappb05w1WWKVEsCX6vib9nhvoOfNbtFXZzTD16RfELiSGZnx"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/x-javascript
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=sd2O.7XrZ1nlXb246MZcGZXjoJbpbgJEAmMOVeOscNc-1702514591-1-AcGWEpwSSxXRfuRplX3zTGUzygkupYv4cp5USjQM0iKO73JNYWTUJT0YQOzWrgH9IBEc9ctAQ5Geiya1qd2dMbaj7MwJicOhOg5pnwiwSErNROYOzEggt3K10cyfappb05w1WWKVEsCX6vib9nhvoOfNbtFXZzTD16RfELiSGZnx; report-to cf-csp-endpoint
cache-control: public, max-age=1200
cf-ray: 835269427ab62bc7-FRA
expires: Thu, 14 Dec 2023 01:03:11 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
2 KB 72ms
47ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/mailcheck.min.js
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:58:27 GMT
server: cloudflare
age: 2276
etag: W/"6579f0c3-a8d"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 83526943d9b84d95-FRA

GET
H2 200 pushcrew.js Show response
www.shadesquad.info/assets/ 637 B
445 B 33ms
32ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/assets/pushcrew.js
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:58:26 GMT
server: cloudflare
age: 476
etag: W/"6579f0c2-27d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1200
cf-ray: 83526943bb6f2bc7-FRA
expires: Thu, 14 Dec 2023 01:03:11 GMT

GET
H2 200 fotorama.css
cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/ 15 KB
3 KB 175ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.css

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1292877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2454
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-3b25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY1JDiqTx07xK8ZxoPzidbAS%2B45KVQFeAkOocvmi7fElA0q9duIgH93kDcV2%2Ftv1YpNBkgkyMRWSnuFWAHEBaYQ0nzEJ9CMLMGRw1B6H2cgOCvaN5bJUPB%2B7375mE2RvaSUcXfbguxWD%2Bcb%2BKL4in26N"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 835269437db72c76-FRA
expires: Tue, 03 Dec 2024 00:43:11 GMT

GET
H2 200 fotorama.js Show response
cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/ 38 KB
15 KB 176ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.js

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1271617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14592
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-9800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13Jxn3nwPp9VaXRgydHblE8%2B2jD93HdgdsTd7aKLqfjxZvfEwYsUlJ2H7uTuxev2A3cbdLnxbAr%2BTPOoFAODNsbV%2F7oIt%2FbMn0JfEC3p5rEw64KQ1BHAufQ2%2BRjL2a%2FTyZJAyyhLp1QiaFGuFRYFcNBT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 835269438db82c76-FRA
expires: Tue, 03 Dec 2024 00:43:11 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 53ms
37ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.shadesquad.info/
Origin: https://www.shadesquad.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83526943cff01a49-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:43:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: P50Q7pHVaUpuF4L0EJNF0ecsk3EE2QIdYbBExbvQzSwTU3S/rwMBYduKdvCDiuz7MqBKR3FR7jWCyrnIHa4+2w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
75 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FF29KR

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

214d97b87c9e76486d741c99ecf36317fa8268bfbc474951307c22db520f75d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76881
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 00:43:11 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Ontwerp-zonder-titel-19-.png
www.shadesquad.info/hosted/images/e6/05b6ca967149ce89d35b51d209455e/ 652 KB
652 KB 221ms
220ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/e6/05b6ca967149ce89d35b51d209455e/Ontwerp-zonder-titel-19-.png
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acfafd5dde555f4cbb6009710ff98de04de2e689361ad24b92e149c25255add8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 03 Sep 2022 09:07:03 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "f473b124d838de0d8c17f453ba39debd"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526943cb772bc7-FRA
content-length: 667243

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 43ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%7Csans-serif%7CPoppins%7Csans-serif%7CPoppins%7COpen+Sans%7CPoppins%7COpen+Sans%7CPoppins%7COpen+Sans%7CPoppins%7Csans-serif%7CPoppins%7Csans-serif%7COpen+Sans%7Csans-serif%7C%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadesquad.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options: nosniff
age: 538551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadesquad.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 199598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:16:33 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadesquad.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:10:56 GMT
x-content-type-options: nosniff
age: 189135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 20:10:56 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 41ms
17ms Font
font/woff2 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://www.shadesquad.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45852
alt-svc: h3=":443"; ma=86400
content-length: 75440
last-modified: Fri, 22 Sep 2023 01:46:05 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvTRJfuvVw5UGQTPmiec1DQUDEC56GUXAoXoB%2FbGCXvDSEORZiCTZEYqJgZCms3PiNcWmKn4RBuQMreRVVxgUL2swN1804xHCUEvxcbUS7W6%2BEDEpdsy7uBWIlxFWVeVnNFMC49rqE5R3ee0zoeFYzFA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83526943eb9e5d8e-FRA

GET
H2 200 vendor.js Show response
www.shadesquad.info/ 18 KB
5 KB 192ms
192ms Script
application/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/vendor.js
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 0.010244
date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: application/javascript
status: 200 OK
cache-control: max-age=900, public
cf-ray: 835269447bf42bc7-FRA
x-rack-cache: stale, valid, store
x-request-id: a64bfa73e6f9758fd0bf7428d0a717f0

GET /
track.addevent.com/atc/ 0
0

GET
H2 200 1502853880206444 Show response
connect.facebook.net/signals/config/ 371 KB
115 KB 372ms
371ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1502853880206444?v=2.9.138&r=stable&domain=www.shadesquad.info

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2776a5edcca321a45eb8992578b03b55bd08186812f3c97570dae087c8bf9d1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:43:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: W+epqBnvl9Fy0It9OT7sQTEtN7CxXC7LITHAYP3x2uKs+kpHAewmCGrSEJbusiFwyL840+i/tGEToEVevjVtHQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js?_=1702514591478
https://static.elfsight.com/platform/platform.js?_=1702514591478

49 KB
17 KB

475ms
475ms

Script
application/javascript

2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js?_=1702514591478

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: tx000001957af44320912f2-00657a4f9f-5369b237-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 12:13:36 GMT
server: cloudflare
etag: W/"2063d9765e1647d954e5344382c692a1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 83526944dc0739c2-FRA

Redirect headers

date: Thu, 14 Dec 2023 00:43:11 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://static.elfsight.com/platform/platform.js?_=1702514591478
cache-control: max-age=3600
cf-ray: 83526944cf34bbd3-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 01:43:11 GMT

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
439 B 774ms
758ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=dFlyYjliRVR6b1pVcENlQytoR3hWUT09LS12NXE4Y0w3ckp6RGRCQTJiellUL0dBPT0%3D--3772ca1b39989d55396188c0badf65f207d51606&page_id=NTVmaVBtZFlQNzZCRlp2WGRJL2JGdz09LS0wTUdDQWN3a1V4TUVXbUozRjViVUR3PT0%3D--2d16e5d5e573cc4fb03c2226248bb00662136980&funnel_step_id=T01xQzV4ajYzVHlXd29UZ1hmR25wdz09LS1zdnVyRXNPRWRuazFaUGVBK1dVckVnPT0%3D--29a72fc9f35dbc71164a75625cac8fa8dc8d09e8&user_id=c01HcGU3LzJRN1N5UWkrcUdhbG9SUT09LS1YbWpSZDJ4NTU2VEZtV0xrRXhKamJ3PT0%3D--073c22a7e6f12803f0e31a77ddc2f6840d9aaa16&account_id=RXFJWWlzTGdUQlM1eHROR1FJV3NnUT09LS1POWxlSkNOZzRySEsyZVZIeGF4L3pRPT0%3D--2a70a509cf98382632ac82c35107856dc557ff26&page_code=NTc5MTA3Mzg%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=b8fd165f-fafa-4a42-a7d0-7ec72567b45d&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/assets/userevents/application.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:12 GMT
access-control-request-method: *
x-runtime: 0.023843
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 83526944ef509265-FRA
x-rack-cache: miss
x-request-id: 84ec9e69dcd79d42ffb7d480019e7eaa

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
622 B 197ms
181ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=dFlyYjliRVR6b1pVcENlQytoR3hWUT09LS12NXE4Y0w3ckp6RGRCQTJiellUL0dBPT0%3D--3772ca1b39989d55396188c0badf65f207d51606&page_id=NTVmaVBtZFlQNzZCRlp2WGRJL2JGdz09LS0wTUdDQWN3a1V4TUVXbUozRjViVUR3PT0%3D--2d16e5d5e573cc4fb03c2226248bb00662136980&funnel_step_id=T01xQzV4ajYzVHlXd29UZ1hmR25wdz09LS1zdnVyRXNPRWRuazFaUGVBK1dVckVnPT0%3D--29a72fc9f35dbc71164a75625cac8fa8dc8d09e8&user_id=c01HcGU3LzJRN1N5UWkrcUdhbG9SUT09LS1YbWpSZDJ4NTU2VEZtV0xrRXhKamJ3PT0%3D--073c22a7e6f12803f0e31a77ddc2f6840d9aaa16&account_id=RXFJWWlzTGdUQlM1eHROR1FJV3NnUT09LS1POWxlSkNOZzRySEsyZVZIeGF4L3pRPT0%3D--2a70a509cf98382632ac82c35107856dc557ff26&page_code=NTc5MTA3Mzg%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=daa55f2d-fdcb-4678-926d-0ae854b7b429&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/assets/userevents/application.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
access-control-request-method: *
x-runtime: 0.022443
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 83526944ef519265-FRA
x-rack-cache: miss
x-request-id: a87c60f37257b59372d6401c3a853059

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
414 B 410ms
395ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=dFlyYjliRVR6b1pVcENlQytoR3hWUT09LS12NXE4Y0w3ckp6RGRCQTJiellUL0dBPT0%3D--3772ca1b39989d55396188c0badf65f207d51606&page_id=NTVmaVBtZFlQNzZCRlp2WGRJL2JGdz09LS0wTUdDQWN3a1V4TUVXbUozRjViVUR3PT0%3D--2d16e5d5e573cc4fb03c2226248bb00662136980&funnel_step_id=T01xQzV4ajYzVHlXd29UZ1hmR25wdz09LS1zdnVyRXNPRWRuazFaUGVBK1dVckVnPT0%3D--29a72fc9f35dbc71164a75625cac8fa8dc8d09e8&user_id=c01HcGU3LzJRN1N5UWkrcUdhbG9SUT09LS1YbWpSZDJ4NTU2VEZtV0xrRXhKamJ3PT0%3D--073c22a7e6f12803f0e31a77ddc2f6840d9aaa16&account_id=RXFJWWlzTGdUQlM1eHROR1FJV3NnUT09LS1POWxlSkNOZzRySEsyZVZIeGF4L3pRPT0%3D--2a70a509cf98382632ac82c35107856dc557ff26&page_code=NTc5MTA3Mzg%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=6adeae85-d010-4cca-b608-bd45f0015899&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/assets/userevents/application.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
access-control-request-method: *
x-runtime: 0.030069
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 83526944ef529265-FRA
x-rack-cache: miss
x-request-id: f56eb040e61099c9a40957f5935b0c16

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-33FQ2P37EN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FF29KR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27dba4a8e10c120ec24f5587b49fbea82c1bf52dc930c7aed88696dae345f14a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 00:43:11 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11242144846/ 3 KB
2 KB 48ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11242144846/?random=1702514591493&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&bttype=purchase&auid=2018905586.1702514591&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FF29KR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

21184588cedefdba09e62c09a3ce08b48e052b34031ed442fd82019c4c66064e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11242144846/ 3 KB
2 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11242144846/?random=1702514591497&cv=11&fst=1702514591497&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&auid=2018905586.1702514591&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FF29KR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b66a284490a5e55274dd75333b2057bbac0e6ef48ca2248fb2331edbc06a9618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
core.service.elfsight.com/p/boot/
Redirect Chain

https://apps.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&w=7e53aea5-9e3e-462f-884a-f05dae6d471f%2C59dc947c-0194-4eab-a76d-5d10ea878d6b
https://core.service.elfsight.com/p/boot/?w=7e53aea5-9e3e-462f-884a-f05dae6d471f,59dc947c-0194-4eab-a76d-5d10ea878d6b&page=https://www.shadesquad.info/offerte

11 KB
5 KB

268ms
249ms

XHR
application/json

2606:4700:10::6816:455f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core.service.elfsight.com/p/boot/?w=7e53aea5-9e3e-462f-884a-f05dae6d471f,59dc947c-0194-4eab-a76d-5d10ea878d6b&page=https://www.shadesquad.info/offerte

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Server

2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e73d3419ecb0bc8f601a5e3c24ddd9159ade8b1650cd1e12320bbff8938dfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=0
x-dns-prefetch-control: on
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: unsafe-none
etag: W/"2c97-OWvjSJbLqK8wMBTB1MA8QHI0kXE"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: null
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 835269470b4f9b9e-FRA

Redirect headers

date: Thu, 14 Dec 2023 00:43:11 GMT
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
location: https://core.service.elfsight.com/p/boot/?w=7e53aea5-9e3e-462f-884a-f05dae6d471f,59dc947c-0194-4eab-a76d-5d10ea878d6b&page=https://www.shadesquad.info/offerte
access-control-allow-origin: https://www.shadesquad.info
cache-control: no-cache, private
access-control-allow-credentials: true
cf-apo-via: origin,host
vary: Accept-Encoding
cf-ray: 83526944dc0339c2-FRA
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 /
www.google.com/pagead/1p-user-list/11242144846/ 42 B
455 B 46ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11242144846/?random=1702514591497&cv=11&fst=1702512000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ZY2l2Cdvok3anb5R7OR8Z-wAr7biVA&random=1912309979&rmt_tld=0&ipr=y

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11242144846/ 42 B
455 B 42ms
18ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11242144846/?random=1702514591497&cv=11&fst=1702512000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ZY2l2Cdvok3anb5R7OR8Z-wAr7biVA&random=1912309979&rmt_tld=1&ipr=y

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-33FQ2P37EN&gtm=45je3bt0v9132326499z89132190809&_p=1702514591309&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=201708556.1702514592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702514591&sct=1&seg=0&dl=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&dt=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1384
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-33FQ2P37EN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shadesquad.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11242144846/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
108 B

41ms
41ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&auid=2018905586.1702514591&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPaWhraDhaME5PYzJuLXQ5VmdCdWJNNHpJVDdheGZSTjNORWxlVzVSQS1ZTTZJGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SngyLWNVOEhNZEtOLTBQa0dwdERaY2JFTENzVWI2bDNLUFFPdGdxU0J3R0tNNzBRdjMxRVpPbHciEwiX8s-L2Y2DAxVJn_0HHSQ4Dds&is_vtc=1&ocp_id=n096ZdemIMm-9u8PpPC02A0&cid=CAQSKQAvHhf_n0T7gmVX0Iw5cXRCWb8cOCnK5EPa9kMOWt-rp6Et61ypj5i1&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvvuL_Fz95neAqeWcxl5IAX9l4ckacynksA&random=1273077827&ipr=y

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:43:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11242144846/?random=1137211716&cv=11&fst=1702514591493&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9132190809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&label=pboFCPDoy7UYEM6I1vAp&hn=www.googleadservices.com&frm=0&tiba=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&value=0&auid=2018905586.1702514591&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPaWhraDhaME5PYzJuLXQ5VmdCdWJNNHpJVDdheGZSTjNORWxlVzVSQS1ZTTZJGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SngyLWNVOEhNZEtOLTBQa0dwdERaY2JFTENzVWI2bDNLUFFPdGdxU0J3R0tNNzBRdjMxRVpPbHciEwiX8s-L2Y2DAxVJn_0HHSQ4Dds&is_vtc=1&ocp_id=n096ZdemIMm-9u8PpPC02A0&cid=CAQSKQAvHhf_n0T7gmVX0Iw5cXRCWb8cOCnK5EPa9kMOWt-rp6Et61ypj5i1&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvvuL_Fz95neAqeWcxl5IAX9l4ckacynksA&random=1273077827&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 60efbedc568d1862fff7c80353b8321bda8d169fc23e80de6cad30212a906d10 Show response
capig.stape.org/events/ 0
691 B 689ms
333ms XHR
text/plain 2606:4700:3031::ac43:d1b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.stape.org/events/60efbedc568d1862fff7c80353b8321bda8d169fc23e80de6cad30212a906d10
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1502853880206444?v=2.9.138&r=stable&domain=www.shadesquad.info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shadesquad.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZmUySYaSDYfGwlB09wdWH27gEDp%2B%2FrXwOqwUeIyBNvo4zfoDP491FVzw8RJIN11tzoxs0e9IelVoDxx%2F5tkDgDm2eRIh5s7Gohq6FlfugqQ7RRwj6DbaOFAKmEURAF4xJE73kZZl146I%2Bd6v2k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.shadesquad.info
access-control-allow-credentials: true
cf-ray: 8352694a0c166435-SJC
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1502853880206444&ev=PageView&dl=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&rl=&if=false&ts=1702514591878&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702514591875.1941808137&eid=ob3_plugin-set_dbff59ed24fb272fd0dd70820657b1b385fdd91deadaeecb5fc3935203e7c683&cs_est=true&ler=empty&it=1702514591455&coo=false&rqm=GET

Requested by

Host: www.shadesquad.info
URL: https://www.shadesquad.info/offerte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:43:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

closemodal.png
classic.clickfunnels.com/images/
Redirect Chain

https://www.clickfunnels.com/images/closemodal.png
https://classic.clickfunnels.com/images/closemodal.png

672 B
949 B

55ms
46ms

Image
image/webp

2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classic.clickfunnels.com/images/closemodal.png
Protocol: H2
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: HIT
age: 1374983
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Thu, 05 Oct 2023 14:30:48 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "651ec898-314"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 835269489c5b4d95-FRA
expires: Sun, 14 Jan 2024 00:43:12 GMT

Redirect headers

date: Thu, 14 Dec 2023 00:43:12 GMT
server: cloudflare
vary: Accept-Encoding
location: https://classic.clickfunnels.com/images/closemodal.png
cache-control: max-age=3600
cf-ray: 8352694839523651-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 01:43:12 GMT

GET
H2 200 Ontwerp-zonder-titel-46-.png
www.shadesquad.info/hosted/images/b5/75c8afb2ed4f13ab5ab6b04a6f7613/ 39 KB
39 KB 600ms
599ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/b5/75c8afb2ed4f13ab5ab6b04a6f7613/Ontwerp-zonder-titel-46-.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e7baf11cdba43b90a6ab3e69c8b56b56e07d17fa0b3c32402ec9f38074af7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 14 Jan 2023 16:08:39 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "70f50f66f27b7451a031257d8cf8df96"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526947ee612bc7-FRA
content-length: 39571

GET
H2 200 Badkamers-10-.png
www.shadesquad.info/hosted/images/6c/5556646e3b4d02aa6acdfab80ebfef/ 426 KB
427 KB 313ms
313ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/6c/5556646e3b4d02aa6acdfab80ebfef/Badkamers-10-.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d889b0c0f155e371252962bd724e34954008b6a75bfc3b2928c0eed135482a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: MISS
last-modified: Fri, 31 Mar 2023 08:26:51 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "3ce5e4c8a6bcf034000b4f194b5ff8ca"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526947ee622bc7-FRA
content-length: 436708

GET
H2 200 126.png
www.shadesquad.info/hosted/images/37/79fb14ee7c486b955cd413694b7bbe/ 447 KB
448 KB 595ms
595ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/37/79fb14ee7c486b955cd413694b7bbe/126.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cc65dc11272dfd57c00c3ca752f4f6dc3dfa1aae1513272c6ccd9c07d71a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 25 May 2023 09:36:18 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "735f64d17ffee0709e733e2b75867e89"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526947ee632bc7-FRA
content-length: 457847

GET
H2 200 90.png
www.shadesquad.info/hosted/images/11/a5e1c7c0a340449d1195555c0085cc/ 492 KB
493 KB 220ms
219ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/11/a5e1c7c0a340449d1195555c0085cc/90.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 158638f92c5dbf5270d3c1a12aa6e4df41e82c259337dc5df0d8d01e0d667df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 10:05:03 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "7418bc2a6264c0540a76dc259db23bbd"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526947ee642bc7-FRA
content-length: 503964

GET
H2 200 91.png
www.shadesquad.info/hosted/images/13/afbfca8beb43c5b3e1e1f7b0d953bf/ 449 KB
450 KB 276ms
276ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shadesquad.info/hosted/images/13/afbfca8beb43c5b3e1e1f7b0d953bf/91.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5b8a002f23a2f3f3ae940768d24df187c8173fad214be9a433b6b9fbb9f62b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 10:02:00 GMT
server: cloudflare
x-amz-cf-pop: FRA60-P6
etag: "6a93af70c59aff95a9f083dd2cfd24a9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83526947ee652bc7-FRA
content-length: 460204

GET
H2 200 background.png Show response
www.shadesquad.info/images/ 118 B
366 B 157ms
157ms XHR
text/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shadesquad.info/images/background.png?_unique=0.10997141552491518&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.shadesquad.info/offerte&_title=Wil%20jij%20het%20hele%20jaar%20door%20kunnen%20genieten%20van%20je%20terras%3F&_key=o6l109cd&_page_key=8omnyp1vf0ln2i2a&_fid=12729109&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.shadesquad.info/offerte&_referrer=
Requested by: Host: www.shadesquad.info
URL: https://www.shadesquad.info/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: fd4fbb55600279bbae605d499372a4a1df988f84653ce97c47094e39f51ff6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/offerte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
access-control-request-method: *
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: b679676d23757f819af2e2c737d75d2a
x-runtime: 0.014813
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
cf-ray: 83526947ee682bc7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-rack-cache: miss

POST
H2 204 rum Show response
www.shadesquad.info/cdn-cgi/ 0
196 B 18ms
18ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadesquad.info/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.shadesquad.info/offerte
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.shadesquad.info
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 835269489ec92bc7-FRA

GET
H3 200 cookieConsent.js Show response
static.elfsight.com/apps/cookie-consent/stable/e5b9bc78cd9c517a3c3360df5b666b08386fef5c/app/ 266 KB
83 KB 29ms
29ms Script
application/javascript 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/cookie-consent/stable/e5b9bc78cd9c517a3c3360df5b666b08386fef5c/app/cookieConsent.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495745f8f6d6a894ab2bd65d9bd9ea8dd9267ae438b27cc1d54a3fe48695a832

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000081eabc57ac3d8898-0065733cd9-5369e07d-sfo2a
age: 224783
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 08:09:03 GMT
server: cloudflare
etag: W/"92be4e3793b71026103dfbdf26274757"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 835269493eb539c2-FRA

GET
H3 200 facebookReviews.js Show response
static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/ 921 KB
288 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/facebookReviews.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5baf0fe7badd17bb95d56bb74843db1b340f5544169f92a5c114621d0b8fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000004357288910f11e45-006579b0af-5369e07d-sfo2a
age: 40419
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 13:19:20 GMT
server: cloudflare
etag: W/"85cffc3ed1186af3be2c317e50470354"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 835269493eb639c2-FRA

GET
H3 200 619.facebookReviews.js Show response
static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/ 109 KB
33 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/619.facebookReviews.js

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/facebookReviews.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ba38fddf3f0a8c5f265c841f464322a872659ee92bd148280da02888272307

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000575f0dc9658978f6-006579b0b0-5369b250-sfo2a
age: 39975
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 13:19:20 GMT
server: cloudflare
etag: W/"2e5faba39658aebb76058070464bb01f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8352694a7f5739c2-FRA

GET
H2 200 sources Show response
service-reviews-ultimate.elfsight.com/data/ 324 B
316 B 300ms
266ms Fetch
application/json 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service-reviews-ultimate.elfsight.com/data/sources?uris%5B%5D=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100089256228474%26sk%3Dreviews

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/facebookReviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063947b39186b91f4d49909f51e9acbc85b8855f98a5fb6525090432a6b3e4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.shadesquad.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.shadesquad.info
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 8352694aba549b31-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 reviews Show response
service-reviews-ultimate.elfsight.com/data/ 8 KB
4 KB 229ms
195ms Fetch
application/json 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service-reviews-ultimate.elfsight.com/data/reviews?uris%5B%5D=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100089256228474%26sk%3Dreviews&with_text_only=1&min_rating=5&page_length=100&exclude_keywords%5B%5D=support+business&order=date

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/facebookReviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

791038c88c68dbd6ed4d406f723b085bc4acd2d39e1f3787197a938f3fe7c3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.shadesquad.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.shadesquad.info
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 8352694aba539b31-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 app-all-in-one-reviews-icons-facebook-multicolor.svg Show response
static.elfsight.com/icons/ 379 B
664 B 201ms
193ms XHR
image/svg+xml 2606:4700:10::6816:445f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/icons/app-all-in-one-reviews-icons-facebook-multicolor.svg

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/stable/3d461f5029e25ca8568f37cc3f5a84f5b93cc908/app/facebookReviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf25b8a41d337d313960a271454b6a21d791f61abd0be29fc2feb0fd4662b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: tx00000e1cd308dc52c2b26-00657a4fa0-536a3570-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 13:32:36 GMT
server: cloudflare
etag: W/"cba284ef15c9558c0a37b53ba45e40ac"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray: 8352694c4b699b31-FRA

GET
H2 200 20374237_101181537242930_2601718283730401527_n.jpg
scontent-atl3-1.xx.fbcdn.net/v/t1.18169-1/ 2 KB
2 KB 354ms
104ms Image
image/jpeg 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.xx.fbcdn.net/v/t1.18169-1/20374237_101181537242930_2601718283730401527_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=108&ccb=1-7&_nc_sid=2b6aad&_nc_ohc=9eyTJhrXzrkAX-13XV6&_nc_ht=scontent-atl3-1.xx&oh=00_AfAXqB9FEHlK3fR8lbMiyPElj1YZ5gyiZr6ziD-DosvVrQ&oe=659DA3CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8aab5b44f636a8b64f2e334f18dcf1ff9e032422f66db005aec9c47a8766ebb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 27 Jul 2017 14:59:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=956028115
thrift_fmhk: GBAjlFnN+m0lwpa3xew/22y+FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 541327692
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2011

GET
H2 200 393668954_10231387542622303_1323292012599479084_n.jpg
scontent-atl3-1.xx.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 354ms
104ms Image
image/jpeg 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.xx.fbcdn.net/v/t39.30808-1/393668954_10231387542622303_1323292012599479084_n.jpg?stp=c7.0.60.60a_cp0_dst-jpg_p60x60&_nc_cat=106&ccb=1-7&_nc_sid=5740b7&_nc_ohc=i0eqR90ZK9kAX_tFuHQ&_nc_ht=scontent-atl3-1.xx&oh=00_AfAndwkCCVZLzVTL5eI_BUSMDYvs-kJ4Tcu3Ke2IIZfYVw&oe=657AF653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0a28743ed2253f69bd3206d1541fbb5d620defa6aa506106d998f211127f29c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 18 Oct 2023 20:57:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3877504782
thrift_fmhk: GBBfHWzKqfbyQ4hLhjH0oUnnFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1774185816
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2049

GET
H2 200 11951758_10209346323680653_2142290247408679161_n.jpg
scontent-atl3-2.xx.fbcdn.net/v/t1.18169-1/ 2 KB
2 KB 324ms
104ms Image
image/jpeg 2a03:2880:f011:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.xx.fbcdn.net/v/t1.18169-1/11951758_10209346323680653_2142290247408679161_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=104&ccb=1-7&_nc_sid=2b6aad&_nc_ohc=xuoGsIt54lIAX8_tS_u&_nc_oc=AQlcSvz2KotSKSx1EVW2ReygtMJn9vOJ9985qqGHniRzN5thlY1CwJcJV-prX_aN9V0&_nc_ht=scontent-atl3-2.xx&oh=00_AfAg1HFQbR9RJxbZFESFoDMm1GwBsTVc4I86F_8b8P96EA&oe=659DA257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f011:100:face:b00c:0:3 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d7a6ca7cb40af95b0e8a33fcf88b717ec2388af84c95841083cfa9cab68209ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 15 Mar 2016 15:30:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1482273188
thrift_fmhk: GBDNBsQXRpoFmUkf0IxJkt7nFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4121676946
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2409

GET
H2 200 305485472_5853802377998233_2184508467430323745_n.jpg
scontent-atl3-2.xx.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 323ms
104ms Image
image/jpeg 2a03:2880:f011:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-2.xx.fbcdn.net/v/t39.30808-1/305485472_5853802377998233_2184508467430323745_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=111&ccb=1-7&_nc_sid=5740b7&_nc_ohc=sdl04zMqj4YAX89Vg8m&_nc_ht=scontent-atl3-2.xx&oh=00_AfDAotIBjdRYCMFh5lIOyNlZ1cwLC5I76rIYyKvvdL7dKA&oe=657B2267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f011:100:face:b00c:0:3 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8727a9d4ef218509c77d2d9df8ec67c5781ab3a219911a5b312ddd57bdb2b8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 05 Sep 2022 16:15:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2762231299
thrift_fmhk: GBACfUt99oitzLnxRJdYzcT5FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2643421308
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1736

GET
H2 200 407801493_6956347851070629_4431602008034250084_n.jpg
scontent-atl3-1.xx.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 355ms
105ms Image
image/jpeg 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-atl3-1.xx.fbcdn.net/v/t39.30808-1/407801493_6956347851070629_4431602008034250084_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=103&ccb=1-7&_nc_sid=5740b7&_nc_ohc=IVqet4nF0kEAX-ZQJIy&_nc_ht=scontent-atl3-1.xx&oh=00_AfAjVVK8Mt6u__heSalcvMeZDKt3eh53E1J63Az35l35qw&oe=657B74BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 38959173de7d450f3d288bff3a472bdea8ee09a7a0bba0d495403f28dfa41d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 03 Dec 2023 10:25:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3796827323
thrift_fmhk: GBDn9pKVB9+TJ/xZehz1Z4yDFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2990269639
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2053

GET
H2 200 360102596_6585375978150534_132568696581964934_n.jpg
scontent.fesb10-1.fna.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 195ms
61ms Image
image/jpeg 2a02:e0:3125:1:face:b00c:0:a7
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fesb10-1.fna.fbcdn.net/v/t39.30808-1/360102596_6585375978150534_132568696581964934_n.jpg?stp=c0.0.60.60a_cp0_dst-jpg_p60x60&_nc_cat=104&ccb=1-7&_nc_sid=5740b7&_nc_ohc=Iy0f6Q5WtKoAX-X4czL&_nc_ht=scontent.fesb10-1.fna&oh=00_AfBMY3vbq5rYmcU3JZynb5sL6Ii8MKkKQzDKO7OV1C1W1g&oe=657C2AB3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e0:3125:1:face:b00c:0:a7 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: f2ed967c4cf180922745777c5c2de0811362bd9365f8997be651eb007b5acee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 15 Jul 2023 18:33:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=719801598
thrift_fmhk: GBBWBcIc5R69kyd4vXXWKq4aFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1048018484
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1689

GET
H2 200 149722047_455214082298528_3034639188402375075_n.jpg
scontent.fesb10-2.fna.fbcdn.net/v/t1.6435-1/ 3 KB
3 KB 185ms
59ms Image
image/jpeg 2a02:e0:3125:2:face:b00c:0:a7
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fesb10-2.fna.fbcdn.net/v/t1.6435-1/149722047_455214082298528_3034639188402375075_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=110&ccb=1-7&_nc_sid=2b6aad&_nc_ohc=TDtgqncvp0UAX_MrnvX&_nc_ht=scontent.fesb10-2.fna&oh=00_AfDMcbjeodnJ0rJBcp8R5Lt-cNfV2xIkiJo3n5NBxRBQ5Q&oe=659DC237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e0:3125:2:face:b00c:0:a7 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 3b1066c8d8149f1e373650f59fa1f56fc85515c2cc23f4b197712d28f409fd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 13 Feb 2021 08:12:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3669618494
thrift_fmhk: GBDOUgcYgUYz/KKEUm1KK8EkFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 345758308
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2581

GET
H2 200 315890902_6240979705920492_7777373568333429821_n.jpg
scontent.fesb10-5.fna.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 186ms
60ms Image
image/jpeg 2a02:e0:3125:5:face:b00c:0:a7
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fesb10-5.fna.fbcdn.net/v/t39.30808-1/315890902_6240979705920492_7777373568333429821_n.jpg?stp=cp0_dst-jpg_p60x60&_nc_cat=109&ccb=1-7&_nc_sid=5740b7&_nc_ohc=aw7SK8_YU7IAX__DPXU&_nc_ht=scontent.fesb10-5.fna&oh=00_AfBVHv-R4JTGYWXTLbgj7FobeHxyvzGlUMXs-SqupiUwGA&oe=657B47AA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e0:3125:5:face:b00c:0:a7 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: /
Resource Hash: 7c4f07ba44f291a5fa2d11fadbcfefff25bc818e2174d19009a4d9bc9f26c941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shadesquad.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 20 Nov 2022 10:03:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1546735539
thrift_fmhk: GBB713mN8nAg59l2hd5iFV6uFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 411736391
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2232

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=290aef15-87a5-49ec-badc-75bd567ce7f3&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&cache=1702514591437

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.stape.org/events/60efbedc568d1862fff7c80353b8321bda8d169fc23e80de6cad30212a906d10	1970-01-20 19:04:50	Name: cee Value: XJoGpRW%2BgbFwXeocVvq7ONCHJ0Zyqoq%2FXQkvfAYzqxM%3D.%7B%22cee_id%22%3A%22cee.1702514592412.93264%22%7D
.www.shadesquad.info/	1970-01-20 16:55:16	Name: __cf_bm Value: zSDC3SM2.ZSENGVCYKOdTnwk8eL0YgChsr7Jev4n7SM-1702514590-1-AUGYC6GuhXvIcQjd13sSIAhoH/agpXdm3kn0IJZ/D+Fx541Pvw23djd0aPeDQE+J3b/bA/SFkLSxJ4AZDpUs5xYwk07StCw+xY3XE18Bqkai
.www.shadesquad.info/	1969-12-31 23:59:59	Name: _cfuvid Value: VJK4Iev_X4BOLsZrnZl.jWXh.xNPhc3cun1IcovMqJE-1702514590812-0-604800000
.clickfunnels.com/	1970-01-20 16:55:16	Name: __cf_bm Value: sv_Rrqivs4bVN8h3IJkKlmgH0FfOs_guqyFciBfOWDI-1702514591-1-AR28YsbBT0aaeUDMfT0uOm8dtmVii2Fw8GtgKB+aUEln3BR3qC5zR/FWiVWXQgqbB8JVx/Ssab/YvVNlITHw2yL3spP/BVFwrt1iaNlX1sOJ
.clickfunnels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: yhrp6IwIE3CTjud.4O0OWinGdIELBDCfEukzGQvcaSA-1702514591375-0-604800000
www.shadesquad.info/	1970-01-21 01:40:50	Name: addevent_track_cookie Value: 290aef15-87a5-49ec-badc-75bd567ce7f3
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:aff_sub2 Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:aff_sub3 Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:aff_sub Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:affiliate_id Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:cf_affiliate_id Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:content Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:medium Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:name Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:source Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:term Value:
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:NTc5MTA3Mzg Value: :visited=true
www.shadesquad.info/	1970-01-21 01:40:50	Name: cf:visitor_id Value: 048af4f5-ce6c-4ecb-86d2-3128648b5f7f
.shadesquad.info/	1970-01-20 19:04:50	Name: _gcl_au Value: 1.1.2018905586.1702514591
.shadesquad.info/	1970-01-21 02:31:14	Name: _ga_33FQ2P37EN Value: GS1.1.1702514591.1.0.1702514591.0.0.0
.shadesquad.info/	1970-01-21 02:31:14	Name: _ga Value: GA1.1.201708556.1702514592
.doubleclick.net/	1970-01-21 02:16:50	Name: IDE Value: AHWqTUnFO-TAF7S02QZweh4k__Q-jRH7kK3gdhmrSrDWruSvK24zFzdXHSB-LJko
.shadesquad.info/	1970-01-20 19:04:50	Name: _fbp Value: fb.1.1702514591875.1941808137
.www.clickfunnels.com/	1970-01-20 16:55:16	Name: __cf_bm Value: 1t_uWdl8hFYwq7_AmfzowYcu2Mr3HOiO9Qftr.RZMEg-1702514592-1-AZG3vlfMCK3BrbH+dBeBNjOIi7jgUumjr6nMQLgKDpx93nPHFMQcxpX4lhCMMCZJDAnoJY93YZPDOJ4K2IefY+Q=
core.service.elfsight.com/	1970-01-20 16:55:14	Name: elfsight_viewed_recently Value: 1
www.shadesquad.info/	1969-12-31 23:59:59	Name: is_eu Value: true
www.shadesquad.info/	1970-01-21 01:40:50	Name: 8omnyp1vf0ln2i2a Value: true
www.shadesquad.info/	1970-01-21 01:40:50	Name: 12729109_viewed_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=290aef15-87a5-49ec-badc-75bd567ce7f3&url=https%3A%2F%2Fwww.shadesquad.info%2Fofferte&cache=1702514591437 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
apps.elfsight.com
capig.stape.org
cdnjs.cloudflare.com
classic.clickfunnels.com
connect.facebook.net
core.service.elfsight.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
scontent-atl3-1.xx.fbcdn.net
scontent-atl3-2.xx.fbcdn.net
scontent.fesb10-1.fna.fbcdn.net
scontent.fesb10-2.fna.fbcdn.net
scontent.fesb10-5.fna.fbcdn.net
service-reviews-ultimate.elfsight.com
shadesquad.info
static.cloudflareinsights.com
static.elfsight.com
track.addevent.com
use.fontawesome.com
www.clickfunnels.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.shadesquad.info
track.addevent.com
142.250.186.130
15.197.142.173
2001:4860:4802:34::36
2606:4700:10::6816:445f
2606:4700:10::6816:455f
2606:4700:10::ac43:1653
2606:4700:3031::ac43:d1b4
2606:4700:4400::ac40:944b
2606:4700::6810:3965
2606:4700::6810:cc2
2606:4700::6810:ec2
2606:4700::6811:190e
2606:4700:e2::ac40:8c0d
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a02:e0:3125:1:face:b00c:0:a7
2a02:e0:3125:2:face:b00c:0:a7
2a02:e0:3125:5:face:b00c:0:a7
2a03:2880:f011:100:face:b00c:0:3
2a03:2880:f011:8:face:b00c:0:1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
063947b39186b91f4d49909f51e9acbc85b8855f98a5fb6525090432a6b3e4ff
0a28743ed2253f69bd3206d1541fbb5d620defa6aa506106d998f211127f29c8
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
14d889b0c0f155e371252962bd724e34954008b6a75bfc3b2928c0eed135482a
158638f92c5dbf5270d3c1a12aa6e4df41e82c259337dc5df0d8d01e0d667df0
21184588cedefdba09e62c09a3ce08b48e052b34031ed442fd82019c4c66064e
214d97b87c9e76486d741c99ecf36317fa8268bfbc474951307c22db520f75d4
27dba4a8e10c120ec24f5587b49fbea82c1bf52dc930c7aed88696dae345f14a
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
2b3cf935c87336188addeb190d2aa46d32f12826ff0798ee419ac1289a46425f
38959173de7d450f3d288bff3a472bdea8ee09a7a0bba0d495403f28dfa41d8b
3b1066c8d8149f1e373650f59fa1f56fc85515c2cc23f4b197712d28f409fd5d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41cc65dc11272dfd57c00c3ca752f4f6dc3dfa1aae1513272c6ccd9c07d71a75
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
495745f8f6d6a894ab2bd65d9bd9ea8dd9267ae438b27cc1d54a3fe48695a832
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5e73d3419ecb0bc8f601a5e3c24ddd9159ade8b1650cd1e12320bbff8938dfb8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6b38afd352e3c2e7790373d54a02008617c551a8865eb488d22af53fd2aa9df1
6fea85b26f6b3cf1de4aef9e6d9c3aa318dd4d7ff349dc7ddd24a15f913b5cd6
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
791038c88c68dbd6ed4d406f723b085bc4acd2d39e1f3787197a938f3fe7c3c6
7c4f07ba44f291a5fa2d11fadbcfefff25bc818e2174d19009a4d9bc9f26c941
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8688980b91d979f65b1b4ac6cb84d355aac7eaba6a11c05dba09d4a3ae785302
8727a9d4ef218509c77d2d9df8ec67c5781ab3a219911a5b312ddd57bdb2b8d8
8aab5b44f636a8b64f2e334f18dcf1ff9e032422f66db005aec9c47a8766ebb8
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e7baf11cdba43b90a6ab3e69c8b56b56e07d17fa0b3c32402ec9f38074af7a7
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
acfafd5dde555f4cbb6009710ff98de04de2e689361ad24b92e149c25255add8
ae5b8a002f23a2f3f3ae940768d24df187c8173fad214be9a433b6b9fbb9f62b
b66a284490a5e55274dd75333b2057bbac0e6ef48ca2248fb2331edbc06a9618
c8ba38fddf3f0a8c5f265c841f464322a872659ee92bd148280da02888272307
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d7a6ca7cb40af95b0e8a33fcf88b717ec2388af84c95841083cfa9cab68209ec
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5baf0fe7badd17bb95d56bb74843db1b340f5544169f92a5c114621d0b8fe1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2776a5edcca321a45eb8992578b03b55bd08186812f3c97570dae087c8bf9d1
f2ed967c4cf180922745777c5c2de0811362bd9365f8997be651eb007b5acee3
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fbf25b8a41d337d313960a271454b6a21d791f61abd0be29fc2feb0fd4662b83
fd4fbb55600279bbae605d499372a4a1df988f84653ce97c47094e39f51ff6a9

www.shadesquad.info Open in urlscan Pro 2606:4700::6810:cc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

90 %HTTPS

92 %IPv6

19 Domains

29 Subdomains

25 IPs

3 Countries

4270 kBTransfer

8170 kBSize

28 Cookies

9 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.shadesquad.info Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

90 %
HTTPS

92 %
IPv6

19
Domains

29
Subdomains

25
IPs

3
Countries

4270 kB
Transfer

8170 kB
Size

28
Cookies

60 HTTP transactions
1 data transactions