urlscan.io logo urlscan.io
SecurityTrails logo

mpshark.com Open in urlscan Pro
2606:4700:3031::6815:e2b  Public Scan

Go To Rescan Add Verdict Report
URL: http://mpshark.com/
Submission: On September 17 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 16 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3031::6815:e2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is mpshark.com. The Cisco Umbrella rank of the primary domain is 302366.
This is the only time mpshark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 104.21.82.27 13335 (CLOUDFLAR...)
2 2 172.67.151.115 13335 (CLOUDFLAR...)
4 188.114.97.3 13335 (CLOUDFLAR...)
3 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.217.130.81 16509 (AMAZON-02)
2 2 51.161.115.163 16276 (OVH)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 51.83.143.92 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.86.65.27 14618 (AMAZON-AES)
36 11
10    2606:4700:3031::6815:e2b (United States)

ASN13335 (CLOUDFLARENET, US)
mpshark.com
4    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2606:4700:3034::ac43:d521 (United States)

ASN13335 (CLOUDFLARENET, US)
zap.buzz
2    104.21.82.27 (None, )

ASN13335 (CLOUDFLARENET, US)
egazedatthe.xyz
2    172.67.151.115 (United States)

ASN13335 (CLOUDFLARENET, US)
egazedatthe.xyz
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
lp.personalizedbackground.com
8    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
topictraff.com
trk122.zzzperform.com
my.ueive.com
1    2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
2    52.217.130.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
store-extension-lp-logos.s3.amazonaws.com
2    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.hightid.com
t2.blowingwnd.com
1    2604:9e00:1:129::2:b2a (United States)

ASN27257 (WEBAIR-INTERNET, US)
go.savethereef.xyz
1    51.83.143.92 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
t10.blowingwnd.com
1    2606:4700:3035::6815:3426 (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
1    52.86.65.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-65-27.compute-1.amazonaws.com
ps.popcash.net
Apex Domain
Subdomains		 Transfer
10 mpshark.com
mpshark.com — Cisco Umbrella Rank: 302366
4 MB
7 zap.buzz
zap.buzz — Cisco Umbrella Rank: 94804
1020 B
4 ueive.com
my.ueive.com — Cisco Umbrella Rank: 647799
6 KB
4 personalizedbackground.com
lp.personalizedbackground.com — Cisco Umbrella Rank: 935822
717 KB
4 egazedatthe.xyz
egazedatthe.xyz — Cisco Umbrella Rank: 462908
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
3 KB
3 zzzperform.com
trk122.zzzperform.com
14 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
48 KB
2 popcash.net
popcash.net — Cisco Umbrella Rank: 58921
ps.popcash.net — Cisco Umbrella Rank: 200436
871 B
2 blowingwnd.com
t2.blowingwnd.com
t10.blowingwnd.com — Cisco Umbrella Rank: 368640
563 B
2 amazonaws.com
store-extension-lp-logos.s3.amazonaws.com — Cisco Umbrella Rank: 345826
89 KB
2 gstatic.com
fonts.gstatic.com
70 KB
1 savethereef.xyz
go.savethereef.xyz — Cisco Umbrella Rank: 314988
290 B
1 hightid.com
t3.hightid.com — Cisco Umbrella Rank: 688231
523 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 423094
1 KB
1 topictraff.com
topictraff.com — Cisco Umbrella Rank: 356331
560 B
36 16
Domain Requested by
10 mpshark.com mpshark.com
7 zap.buzz 3 redirects mpshark.com
4 my.ueive.com 1 redirects trk122.zzzperform.com
mpshark.com
my.ueive.com
4 lp.personalizedbackground.com mpshark.com
lp.personalizedbackground.com
4 egazedatthe.xyz 4 redirects
4 fonts.googleapis.com mpshark.com
3 trk122.zzzperform.com 1 redirects mpshark.com
3 cdnjs.cloudflare.com mpshark.com
2 store-extension-lp-logos.s3.amazonaws.com lp.personalizedbackground.com
2 fonts.gstatic.com fonts.googleapis.com
1 ps.popcash.net my.ueive.com
1 popcash.net 1 redirects
1 t10.blowingwnd.com 1 redirects
1 t2.blowingwnd.com 1 redirects
1 go.savethereef.xyz 1 redirects
1 t3.hightid.com 1 redirects
1 cdn.addlnk.com my.ueive.com
1 topictraff.com 1 redirects
36 18

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
zap.buzz
GTS CA 1P5		 2023-08-06 -
2023-11-04		 3 months crt.sh
personalizedbackground.com
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
zzzperform.com
GTS CA 1P5		 2023-07-24 -
2023-10-22		 3 months crt.sh
ueive.com
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh

This page contains 9 frames:

Primary Page: http://mpshark.com/
Frame ID: 56C6A0ECC5C507DDBD98E66F5E38245E
Requests: 19 HTTP requests in this frame

Frame: https://zap.buzz/Gllbj6M
Frame ID: 62AD00A3466789DC022C1274235E9C89
Requests: 1 HTTP requests in this frame

Frame: https://zap.buzz/Gllbj6M
Frame ID: 25B90E3566434CE2A3E3FE86BE6D1DE2
Requests: 1 HTTP requests in this frame

Frame: https://zap.buzz/rpp5bqr
Frame ID: 6515A5EF7A08AD30E27935875901DD84
Requests: 1 HTTP requests in this frame

Frame: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Frame ID: 1477BEA8507A4969865D2706A7370A76
Requests: 6 HTTP requests in this frame

Frame: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Frame ID: D2BADB03125AE0C4945EBCD0140C7904
Requests: 6 HTTP requests in this frame

Frame: http://ps.popcash.net/go/134600/317194
Frame ID: B1DB6CD19A06E05C8E217DD68024C671
Requests: 5 HTTP requests in this frame

Frame: https://zap.buzz/RE33J4e
Frame ID: 14AB461CA53B897D4D04C5CB49752D6A
Requests: 1 HTTP requests in this frame

Frame: https://my.ueive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: 9B9BC8E24FABA0EEA76F820B115B4061
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best YouTube to MP3 Converter - MPShark

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

67 %
HTTPS

56 %
IPv6

16
Domains

18
Subdomains

11
IPs

6
Countries

5191 kB
Transfer

6003 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://zap.buzz/6YYQQG5 HTTP 302
  • http://egazedatthe.xyz/redirect?tid=989716 HTTP 301
  • https://egazedatthe.xyz/redirect?tid=989716 HTTP 302
  • https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Request Chain 22
  • https://zap.buzz/6YYQQG5 HTTP 302
  • http://egazedatthe.xyz/redirect?tid=989716 HTTP 301
  • https://egazedatthe.xyz/redirect?tid=989716 HTTP 302
  • https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Request Chain 23
  • https://zap.buzz/RE33J4e HTTP 302
  • https://topictraff.com/l/14186908dfdcec15aa8?sub={yourClickId}&source={yourSubPublisherId} HTTP 302
  • https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}
Request Chain 25
  • https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}&code=31Y3VvBDU7PztBPkA-QT1CQkMRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMHRkagQEbn0IOAlzcw09DnCHEkNJREUWeIAaS01MTR6TmiJPVFZVJomdko4sLJCZlDExAWVuZwY2B3d7eH8NDYR9dBJZgoN8gnw4Yoh.Sh2GkoaEI4mFkZmMKI.cmC2hoKSVAHZjBFF0gHB0dWs6QTs.Lzhoe4F4hI2KOGduO01NTE9bQXmMkltaYkihYF9VTW.foGxmWWhmUG97Nz49QjpARC84XFpnYWFCN4SChYA8ZIOCi5BLQ2eNmJaVjllcXWRcX141OjU7Mjs4J1tqcGx.dj1EQ0hARkoVd40ZURp-iR5OH4FVVSRUVVdXWFkqjGBhL19gAHRoBDQ1NjgIb3AMPT4.D3N5dhRFFXyDjhqAfIiQgx.DiY8kVFZXJ5SXkSxdXV5fMHN1dGoFNjc4OTo7Owx8gXKAhhMThId6io17G01MTVFPUVFZI4mbkpUpXF0rnpKUMJh0dXI9MzRzd3txa313O3F.fUAShXZ4eRhJSUxQTU5TUiCEkJeUJiaelpYrK6OUmqUxSW92aHAlT3VrNwpucHQPQEFBQkNERUZHSElLTExNT09RUlNUVVZXV1laW1tdXV9fYTEyMjQ1Njc4OTo6PD0.P0BBQkNERUZHSElKS0xMTR6CiZYjVFVWVlhZWltcXV5fYGExMjI0NDY3ODk6CoKBgQ.GPkFNikJuTG1uVJFJjlGMjY6PXZpSkVqVlpeYZqNbomWlO3gwSE9yPl0IdHZ5cw5zfT1mZU55gxaJjI0bSxyJf44hiZaXlF9VVpWZnZONn5ldk29uAmtweAc3CHd.DD0.Pj9BQUJDRRWNexlKS0t.Tx6CkpkjZoyXlZSNSXpvck1.m6VnanB-bXN6bHp3a3c5fXJ1PYd7eIt6iFJbgYyKiYI.b2RnQnmNip2MmqWXk5aTkJyUZ2RobWZndmhteHR6cnx2fnV3eXx5fYB4gVRofJCGlIRAZI6MiZOao5GXnpCem4.bXW5iZW8xdXJ8b3J4C39wchBCRRKGhHkXSUwZfouOHk8fjoSGJFVVJpScmStcYQ__&_tdf=17 HTTP 302
  • https://trk122.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmy.ueive.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2%26pubid%3D44219_%7ByourSubPublisherId%7D&vId=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&hash=14186908dfdcec15aa8&ete=true
Request Chain 36
  • https://my.ueive.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://my.ueive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Request Chain 38
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=3k4fcald&pid=pubf4c2d967262848008adb7d9ba88875c3 HTTP 302
  • https://go.savethereef.xyz/redirect?feed=491426&url=t3.hightid.com&subid=custom_11w034tpnx.it.windows.chrome&query=3k4fcald&pub_clickid=6506fba3c88b6a457c588b43&default_url=https%3A%2F%2Ft2.blowingwnd.com%2Fi.php%3Fp%3Dc%3An534zxkba54lmrgsv%26d%3D64d0bc6d3d658b55ac1eb5c4%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
  • https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.491426&d2=t3.hightid.com HTTP 302
  • https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.491426&d1=1217p3t0dz HTTP 302
  • https://popcash.net/world/go/134600/317194 HTTP 301
  • http://ps.popcash.net/go/134600/317194

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mpshark.com/ 		25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0074b3ce056e57b4926e3f569116538272f434e9586564d494456743d79158

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
80819c4d8f773a97-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Sep 2023 13:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIh8liirZC3TXjNGT3xpfB6Fichv5QKhcFnJNf4U7oA443i337GR0ogfJWgi48Lp3n%2B0d55wIACbG7YINlll%2BZmnWHtlHsBII%2F87X6V%2By6k4FgTL3hdk6YdSSpoTH2Cr0qtKLv8zZXdbcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Cookie
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
mpshark.com/static/vendor/bootstrap/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
939
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-27293"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSRYtINJ9z%2FSN1gSKo81uyW8a%2BVvjy4ntNCWfgR1deByJFNxyX8SsVE2RnGQDo71zUHtG11%2BKElsaTDJ%2BnwSB0tR%2F4Eq8qv06GHyK1Yo1WVFCicBuUFCLmsN2wUVM7MBOXTIwPZMLVds1A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
80819c4defe83a97-FRA
all.min.css
mpshark.com/static/vendor/fontawesome-free/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1729
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-e637"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vjhLIHqJsd3wGcu7LEdXrPiSOReLuexGFRukOfqA3QVojCMwbHqeiXuzr1S3%2FjnHso7RuKMWVN%2BFkVynFcAhbh2N3GC4KdZk%2BSjCvj%2BMY4MYYOzRTJ26iPOUYA44R9CYDOouKrDFFPFtw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
80819c4e1bf10071-CDG
simple-line-icons.css
mpshark.com/static/vendor/simple-line-icons/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/vendor/simple-line-icons/css/simple-line-icons.css
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1155
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-329e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf9vvFOR7N1A%2BKKzpeQUTpy5F7lL4z7OslTjW9WavmdfRBYfJqcCcgCnjnq9YMqA1zN%2BX2f%2BsEsnXwIvjNoVfgSifSggaITzLH7UTUMtRmTYNukHF%2BHb%2F8J19Xhx%2BrfDw1ISnY7ptUabqA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
80819c4e28523a97-FRA
css
fonts.googleapis.com/ 		4 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Sep 2023 13:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Sep 2023 12:33:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Sep 2023 13:14:09 GMT
css2
fonts.googleapis.com/ 		7 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap&family=Kanit:wght@200&display=swap
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd50ac935fb5fcda8978d189be4245514e60231a47bd466707ee354eb7b2478c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Sep 2023 13:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Sep 2023 11:29:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Sep 2023 13:14:09 GMT
css2
fonts.googleapis.com/ 		1 KB
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Itim&display=swap
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
155cb29f145297cd77a3c8b113ec50839dcc6ae74f67efd1859157706ed83f65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Sep 2023 13:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Sep 2023 11:58:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Sep 2023 13:14:09 GMT
css
fonts.googleapis.com/ 		9 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Sep 2023 13:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Sep 2023 11:42:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Sep 2023 13:14:09 GMT
landing-page.min.css
mpshark.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/css/landing-page.min.css
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f74804c9159254155f0227b54030743c99f9d6c77b4704e9bb39a1a4044c79

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1844
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-7d4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CauehMMM5TjxH5xXrhD8DGRvD23lknSVtcjMPaSSfOuT0yuXYJm67bMtml8EfjegP6CAL93R%2F7D%2BchCYUvzXPxt0df1Jc50MM3h8JUed0W8PB6wBGBTwK7UKwVev0j%2BfzufM1s8W%2FxvxA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
80819c4e3f9cb74e-AMS
nice-select.css
mpshark.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/css/nice-select.css
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
6988
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-fa7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynhEv%2BINlxjt2a3FYNYrB1NrFcGV2LTR8OjI4wyMo90d3%2Fdy%2B7l4t%2BjPg76OqIatQVkFxzTbeA62bOHLjOg97PR7gpc%2BjIHSMOSIt%2BOAAn1J4fufrWMNf1nc6Iv2jcPoTCKPheuwOfchTA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
80819c4e2cde90d6-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 13:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5067420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27755
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6c6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FXbCUtUZDlYMiWj98nlBBOHZsqrR6qwU25zI7huzu3VYtk4zTt%2BnNDReITscivHZ5eCJiK2%2BZAp%2FD9XfKX6NCULvxawXztRWOxE7B0BtzzEnpO%2Fq%2BNPxVZxtgU2KCgVb72VXVXAwerUMsDMPYU%2FvzrB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80819c4e1d6cba9a-MXP
expires
Fri, 06 Sep 2024 13:14:08 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 13:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8345396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6507
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnqxQQ7ec4H41OReSZ%2FlZrHOlhWTv5UA8kGr%2BZH8SG30w3b5stqbAh7mwJ4%2B%2FzMaSbq4%2Fndc1bGhAPJVH%2FZ56YZMAoOGnVvfhv8DyZpu1ZAjuKvS%2F9ce2ytzl2%2BHm5iSXDhr5KSEwZ%2BhKRQUNOw5N2wy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80819c4e1d6dba9a-MXP
expires
Fri, 06 Sep 2024 13:14:08 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 13:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
910883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13948
last-modified
Thu, 22 Jun 2023 11:21:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942eb1-367c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mV5hAwaiEh7uM8oAMFBozKh8ASWBmplWFbC7c6hF9rTQfwU%2Fz7XjKYOtAt%2Fge7h8KJqpi%2BqQPNbEiFHRc%2FlvePGEyxo1Z1L7ZEpzGVfob9JDenYjRYZDuCNmoTAT0gbyUFQeeP6d45UqrVBOfBees0Q8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80819c4e1d6eba9a-MXP
expires
Fri, 06 Sep 2024 13:14:08 GMT
jquery.nice-select.min.js
mpshark.com/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/js/jquery.nice-select.min.js
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c790ddb1f2f5b03f594f16c507038d3a569f514bdb5a4a65e5f2a2ab031d16

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2911
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-1491"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9%2FPC%2BL8fW6%2Bcy8GQ5P%2BgVdhfsKXM5ofTrynZ9F3kwumkFm%2BeB3CkRM0hKVVOi8RzpfaqrRYmQUr2bR4IPRM1cQCb5Gyx6B%2BVrbyXHMp3oeVGiFK%2FeFVqVzJWS%2Fh3H4yo6b7DJbxpkPsMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
80819c4e3f5b3c83-CDG
logo.png
mpshark.com/static/images/ 		552 KB
553 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mpshark.com/static/images/logo.png
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
230e8424c9c7539874de39b69c00edf8fee65613dbc32b4d999f0dd73adf9307

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1374
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
565352
Last-Modified
Wed, 15 Jul 2020 22:21:08 GMT
Server
cloudflare
ETag
"5f0f8154-8a068"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22jZNpIjoyw4jVzAIyO0E0zO5HwlDoTb1WJNQWlL3YfTGnE6wzLv%2BYX2kd7aQNUgwNpZvyQGIGksblYcczwxwsE%2BHgEdYtBd9QvCGuIBaXkCVTi4bJVLYnZM9qchjIBeeY5Qq%2FXjrwvKnw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
80819c4efda190d6-FRA
bg-masthead.jpg
mpshark.com/static/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mpshark.com/static/images/bg-masthead.jpg
Requested by
Host: mpshark.com
URL: http://mpshark.com/static/css/landing-page.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0007423ab131a26c3ff023d2046eea25bccaab1ae3420817b30c57ffe1f779

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://mpshark.com/static/css/landing-page.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5156
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3647423
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
"5f0cc963-37a7bf"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4tVvSWPa63Z23IJOkGZOimNlNH9GsiIoCdEO3U5P9GkTlr0LfOOp4qFp9ZS%2Fq6X27oA%2BHu1DYZxNyB815tLKdOPMcT%2Fos%2BM9Ss8V%2FZzEffWoFgzIjACC9tI1%2F4bRKifnuuu8wuhxS3QTw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
80819c4f286f3c83-CDG
fa-brands-400.woff2
mpshark.com/static/vendor/fontawesome-free/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://mpshark.com/static/vendor/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by
Host: mpshark.com
URL: http://mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288

Request headers

Referer
http://mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Origin
http://mpshark.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:09 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5f0cc963-12e84"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mAPQ3sI4CpKwzk%2F08K9N%2FWS7FoCAUDHJNYi9I2DJRXwSILErs2INq7O8Ut%2F9Y11xLBMAHTMeyOzyhU1sJ4LMU5SQavmFT3BggAuNXwT5wO254G3qGpYRczhS8ai%2Be%2FNoFBlgO2xSkH2Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80819c4f38feb74e-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
77444
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mpshark.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 21:18:33 GMT
x-content-type-options
nosniff
age
57336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 21:18:33 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap&family=Kanit:wght@200&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mpshark.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:16:19 GMT
x-content-type-options
nosniff
age
241070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:16:19 GMT
Gllbj6M
zap.buzz/ Frame 62AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zap.buzz/Gllbj6M
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80819c4fda10d62a-CDG
content-length
6291
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 13:14:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79JvpyS5lTW43em5szvY9eJJIR0L%2FLp1bxpXVDaPlh0zOWkzyWZqpK1thO33BVM%2FaLWqS1lI2LY4EaI08e2bpl7j53NegcvNsSmBCMENQYzz%2B7sVK4kj94cAKTc%2B13W257ZGlVTOjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
Gllbj6M
zap.buzz/ Frame 25B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zap.buzz/Gllbj6M
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80819c4fda1bd62a-CDG
content-length
6291
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 13:14:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NZCpHsyKNnATx3XU2akm1jqs6kYdqxMKplhtt6i7ylX0Ez7Qha8EF22o9mQ8S964FOtn00XlnG1PPiSZTr%2BMBWrKT5%2BUcr11kcOK2y67I0GmGzATiHlha1RD0SG9Y1qgoafT6WGCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
rpp5bqr
zap.buzz/ Frame 6515 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zap.buzz/rpp5bqr
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80819c4fda14d62a-CDG
content-length
6291
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 13:14:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GopITDcnZlKEcFXOPZjegmjeWkr85Q%2BQpR1hh2P6dBJASvagSb9gSgZQJOxdabUrUg7SK6R1lEmcWRb6bdWTNQMwQqKu0iJtGzgtU5ZRelGmWAn%2Fyt3takMiW8J0n7pi2brfN99W7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
extlp1
lp.personalizedbackground.com/ Frame 1477
Redirect Chain
  • https://zap.buzz/6YYQQG5
  • http://egazedatthe.xyz/redirect?tid=989716
  • https://egazedatthe.xyz/redirect?tid=989716
  • https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
537 KB
358 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87c4fc93b044ee4bb9ab06d478b627580c9dfefe0f234361f99fa8fdde82a46

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80819c5648160481-CDG
content-encoding
br
content-type
text/html
date
Sun, 17 Sep 2023 13:14:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwJysuFjq22ARkRJyeCU5Ro38e8B43IZFVClcWtQN%2BXv0NtA1nGnZ2Wa9X8cW%2FBZciJYx%2FbXprTbGJuABsyi%2BKFce7CMiaJ4wB%2Fa296%2Ffz3g7uqD7ZlTGMbhXy9U8XMJr7dCwTzivXge%2Bzrco%2Bho4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
80819c540ee406d8-AMS
content-length
0
content-type
text/plain
date
Sun, 17 Sep 2023 13:14:10 GMT
location
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NID DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4sxId39t2K6LWBJJOvoteZ4ALCL%2BwurFTW8NzWX8w0N0iHFZZwrg4eADpyv9Ig3yszF6NwQc%2FIB7%2BdeX5%2F%2B7vqJa4PlgCJ2xZgZoHfypuqpWhCILJRNUIGPblHXSiiPr4M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
extlp1
lp.personalizedbackground.com/ Frame D2BA
Redirect Chain
  • https://zap.buzz/6YYQQG5
  • http://egazedatthe.xyz/redirect?tid=989716
  • https://egazedatthe.xyz/redirect?tid=989716
  • https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
537 KB
358 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031656ab913f3812b69f7618d5775f618195459c35d779d8bedb79a1cc26367e

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80819c5648150481-CDG
content-encoding
br
content-type
text/html
date
Sun, 17 Sep 2023 13:14:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnxXh%2BxKN4LgqYr72Baq2iqwITOiBZr4vA8XqrL6whOW7gz2%2B%2FkauFr1OjJFNMVESXRHGtm6xRhmZPZQCRstYewLCK4PUo%2BKhchZWJEe23m7CkYynRMNh0SkKvDTotZXr6MABOEdBc6yav9Ssc50iw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
80819c540ee006d8-AMS
content-length
0
content-type
text/plain
date
Sun, 17 Sep 2023 13:14:10 GMT
location
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NID DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fy7PrLqaQ21%2BY8FZNEwYJAyNi%2B79sZbxuZ1lO8Nxo8w8KREMJijIu%2BtMFLaje%2F9ohH9fAje2namhERofdh9cVDkGIrxHlwt951MtpAhoQiTnxHL13mnk54H6uFUh7khwIU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
14186908dfdcec15aa8.js
trk122.zzzperform.com/l/ Frame B1DB
Redirect Chain
  • https://zap.buzz/RE33J4e
  • https://topictraff.com/l/14186908dfdcec15aa8?sub={yourClickId}&source={yourSubPublisherId}
  • https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
825
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
80819c54bb68f0d3-CDG
content-encoding
br
content-type
text/html
date
Sun, 17 Sep 2023 13:14:10 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 27 Mar 2020 14:29:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFR1VPunnDmqxQitg6DeqtvpuCxaeu3eravGF%2B7tyG%2FQWNG7nCnglr9SY299wy2aDVngFyrqYwx5jeShPD8m7ttdC9XS5m4QO4t3m5%2BFdxqMuSnFTjAqt6i4j0ps8zpjREVTrBwPQul%2FTYqqXiytmKuKoKI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80819c539a81b8c4-AMS
date
Sun, 17 Sep 2023 13:14:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZNlYNZbygRXZrlnTzalDbQ%2BLvoYeiXiAjGp007K5lV%2FlLWACqT04dYkwqx2tMboU0wati2yhWX%2BypOcUkJFhshh7Z4rQV562UmIkZ3eRst6oKrXzoWmz6oMaMv7mOe0aufYNoLRCq9zaahG4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
RE33J4e
zap.buzz/ Frame 14AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zap.buzz/RE33J4e
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80819c4fda17d62a-CDG
content-length
6291
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 13:14:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4KHloiFASwTGceNWxhCpdqNWuG6B%2BijXdYwD1qq0ff37qqL0mcJHdQKMhFthHg9W7Q6paSaBzM6dlq%2FPOLuPNhqxBPeiXH47TLtsd5wlJfUkAwc58ivyWSxTYN7Ca5oFRUBFJmktQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
gw.js
trk122.zzzperform.com/ Frame B1DB
Redirect Chain
  • https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}&code=31Y3VvBDU7PztBPkA-QT1CQkMRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMHRkagQEbn0IOAlzcw09DnCHE...
  • https://trk122.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmy.ueive.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20230917151410_08d6bdf2_961e_4bd3_82fc...
1 KB
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk122.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmy.ueive.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2%26pubid%3D44219_%7ByourSubPublisherId%7D&vId=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&hash=14186908dfdcec15aa8&ete=true
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Referer
https://trk122.zzzperform.com/l/14186908dfdcec15aa8.js?sub={yourClickId}&source={yourSubPublisherId}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
825
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
80819c57ff13f0d3-CDG
content-encoding
br
content-type
text/html
date
Sun, 17 Sep 2023 13:14:10 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 27 Mar 2020 14:30:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt9fKn8uRnlVF3hvIuSGbxwsgsLv6lohtKWYw2hT52AUrsiJ8mr5f2qsx5US7g%2FeRJ%2BhyBDiRK14B%2FTxrMtcZ%2Ft1Uq%2F5YLmvPpc6cb%2FYxFRSvDsDYHUDBwAtpgwZogIrcWrWulPftCLAmnLaqLeFMpd3884%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80819c577e80f0d3-CDG
date
Sun, 17 Sep 2023 13:14:10 GMT
location
https://trk122.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmy.ueive.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2%26pubid%3D44219_%7ByourSubPublisherId%7D&vId=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&hash=14186908dfdcec15aa8&ete=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y5ELl6EAIWF%2BMNKknRitzS2tXCf%2FSyRvrPDjJgz3tHe2oxkP5Djqmfd5M9Zn7sW29PyKzeub3Wc2EXy4LWTPEIwLaGBEojIepmoZjC%2BwQd38hwoK%2F5QlObgJsuxNrmESy3FR5Q1AbVyFuiLRUfgPgA6dbo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
3d8a3d97e5
my.ueive.com/rc/ Frame B1DB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.ueive.com/rc/3d8a3d97e5?affclick=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&pubid=44219_{yourSubPublisherId}
Requested by
Host: trk122.zzzperform.com
URL: https://trk122.zzzperform.com/l/14186908dfdcec15aa8?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmy.ueive.com%2Frc%2F3d8a3d97e5%3Faffclick%3Dbmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2%26pubid%3D44219_%7ByourSubPublisherId%7D&vId=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&hash=14186908dfdcec15aa8&ete=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ee3fc8a3a694632505841506d835008acd2acfa235e1ad3c7a6c324c45aba7

Request headers

Referer
https://trk122.zzzperform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80819c58fe46f0b7-CDG
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sun, 17 Sep 2023 13:14:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yax%2BuWwy1cK3RQzu%2B1zH88DI9jU9z9q7ImK7l3wa1n4uNambPQlDs8HVg8qIp37PQ7GKEPclYK%2BhoXdZfrEi4jooh9tDrTRrW7cfgdUlLNqleV%2FS2SGDaKwCyB4PxKWUjUGv1sHfOnBvu6k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ Frame B1DB 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: my.ueive.com
URL: https://my.ueive.com/rc/3d8a3d97e5?affclick=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&pubid=44219_{yourSubPublisherId}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 13:14:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SK3KBGMKJ4YWWVBV
age
6677
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Jvsk1smUXGUDaNhxRUXYDiq5bxipIyJL%2FKYtehXZOEbW1UhD6GyyDA%2BDcJDik6ccGgA3S8xanWUnEtVVNSLOtnE%2BLZC%2BMQbX925DKDKov%2F7lTp2qqMonAm0aqKM%2FMav8wExKwMl7oNFRBOWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80819c5a591e9176-FRA
personalizedbackground.png
store-extension-lp-logos.s3.amazonaws.com/ Frame D2BA 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-extension-lp-logos.s3.amazonaws.com/personalizedbackground.png
Requested by
Host: lp.personalizedbackground.com
URL: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.130.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c7492389efed58597c0dc80c624a8f443840811661d380ed14c24e6e1841e1a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://lp.personalizedbackground.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:12 GMT
x-amz-version-id
YQs6znC9EgBBMHoBxVgF1sjB5kNZgPkd
Last-Modified
Mon, 31 Jul 2023 10:48:28 GMT
Server
AmazonS3
x-amz-request-id
RMQ4J5MCPEBPGGY5
ETag
"1aaa965c3ecaaf29d023c192e942d38c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
44972
x-amz-id-2
BQPSVdeeR7uUMJRwy/o6xhv34Klk5XMLRTWfxS2hl+Qy8Hh4jOw/9RlUOhcEDJ6NWLY2zgLT0l4=
truncated
/ Frame D2BA 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2BA 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2BA 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
personalizedbackground.png
store-extension-lp-logos.s3.amazonaws.com/ Frame 1477 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-extension-lp-logos.s3.amazonaws.com/personalizedbackground.png
Requested by
Host: lp.personalizedbackground.com
URL: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.130.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c7492389efed58597c0dc80c624a8f443840811661d380ed14c24e6e1841e1a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://lp.personalizedbackground.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sun, 17 Sep 2023 13:14:12 GMT
x-amz-version-id
YQs6znC9EgBBMHoBxVgF1sjB5kNZgPkd
Last-Modified
Mon, 31 Jul 2023 10:48:28 GMT
Server
AmazonS3
x-amz-request-id
RMQBQBZZ9MEB9D8M
ETag
"1aaa965c3ecaaf29d023c192e942d38c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
44972
x-amz-id-2
maeBJfRoZwga+I8tYHHe+uUep0CT84ba3ngjNQ0Op2sjOaR5dJEGs3SXeUyM2MAMFyQUIvnIFUM=
truncated
/ Frame 1477 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1477 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1477 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
main.js
my.ueive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame 9B9B
Redirect Chain
  • https://my.ueive.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://my.ueive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.ueive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Requested by
Host: mpshark.com
URL: http://mpshark.com/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1125e91d1e146d91e6f124e1a0b95052c677f3cb1beffb8849e5f169822b0c41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 13:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93dBZYefDxwvquWhmAyqk0IU1paU6f74FaBLOkPV%2BkDlOzvvcROQgkTfxbu195gjlGh36bgbFxrT7EKWYoclzlTGV75sZV5m2FE1LPknLFH8krXf0SWN699%2BzNNgVq%2FKpEPjwf0%2F6r6g0rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80819c5b0900f0b7-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 17 Sep 2023 13:14:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCnvRulkfNF7FsV0rMWHpqmKQpyR%2B0%2FCGqEOd15oXcZwH%2FPXhnAb2LRxxeKjvqLCI72yWBD3lTaayLPmCtF1%2BAmpFnoLBDRiM3kS6G%2FntgDwPAiXuRrnwZw86zj4cPOgHeMdHK1UuxpPQ3Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
cache-control
max-age=300, public
cf-ray
80819c5ac89ef0b7-CDG
alt-svc
h3=":443"; ma=86400
80819c58fe46f0b7
my.ueive.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9B9B 		0
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.ueive.com/cdn-cgi/challenge-platform/h/b/jsd/r/80819c58fe46f0b7
Requested by
Host: my.ueive.com
URL: https://my.ueive.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Sep 2023 13:14:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGbGkmQ0xymgpWtWmZQKX%2FoK4pA9UXbUVl4hj1OaoT1pNlLXwdaeBuGtv8Fc1MPBumwa546Hi1FnLxakm%2BwxyChyT023fT7pzvgu6gXHpmKZGv5hZW4X6cIDdpBt26cJUnh%2BAPXOh2r0KqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
80819c5bbbb20257-CDG
alt-svc
h3=":443"; ma=86400
317194
ps.popcash.net/go/134600/ Frame B1DB
Redirect Chain
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=3k4fcald&pid=pubf4c2d967262848008adb7d9ba88875c3
  • https://go.savethereef.xyz/redirect?feed=491426&url=t3.hightid.com&subid=custom_11w034tpnx.it.windows.chrome&query=3k4fcald&pub_clickid=6506fba3c88b6a457c588b43&default_url=https%3A%2F%2Ft2.blowing...
  • https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.491426&d2=t3.hightid.com
  • https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.491426&d1=1217p3t0dz
  • https://popcash.net/world/go/134600/317194
  • http://ps.popcash.net/go/134600/317194
426 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/134600/317194
Requested by
Host: my.ueive.com
URL: https://my.ueive.com/rc/3d8a3d97e5?affclick=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&pubid=44219_{yourSubPublisherId}
Protocol
HTTP/1.1
Server
52.86.65.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-65-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f71be91945edede1a4f0a57e5951523979de94c2da80e13a02a405dc30a9f3f4

Request headers

Referer
https://my.ueive.com/rc/3d8a3d97e5?affclick=bmconv_20230917151410_08d6bdf2_961e_4bd3_82fc_8f64bb725ba2&pubid=44219_{yourSubPublisherId}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
272
Content-Type
text/html
Date
Sun, 17 Sep 2023 13:14:12 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
80819c648be43a67-FRA
content-length
162
content-type
text/html
date
Sun, 17 Sep 2023 13:14:12 GMT
location
http://ps.popcash.net/go/134600/317194
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr1GN5DscnE8se0MYZTf1cunqz%2Bt129K%2BKc4CZUVGb1kL9xXPQaW6VJRdVlCfFyLhjRR37Os1b2CMdjxLEsUzZSaJewXPCAKRcXbEuX2%2B92vlTYRHIK0h2blTcGfJAjCtHxDNguhuTzR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
extlp1
lp.personalizedbackground.com/ Frame D2BA 		0
328 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Requested by
Host: lp.personalizedbackground.com
URL: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=6943735221722738451
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Sep 2023 13:14:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBiwb9MEXfqi2E7Gtbpb72mOx9KshJcSbN%2FRvjKxciK1FdfzBNtO2QogLGOmrynKCnhRc0PhmS%2BD2aNv62OqALxZdxERYWGLoqLhpwgKc83xpVkamg3xUXU4sJrgAuYuP28qjQw0CX%2FQ58FbI04Hvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cf-ray
80819c5d28070481-CDG
access-control-allow-headers
x-requested-with
alt-svc
h3=":443"; ma=86400
extlp1
lp.personalizedbackground.com/ Frame 1477 		0
291 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Requested by
Host: lp.personalizedbackground.com
URL: https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lp.personalizedbackground.com/extlp1?sel_id=19&uid=8506349544901268660
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Sep 2023 13:14:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSUZYY2%2FETMbYQ%2FhguDWzOj6mWM5H8%2BmBE7v1wuOrWBMEyv%2FNjQl6UdNCbmd5gMVpAV39hIdFiujLTxyFwldsDFgJgp1WoM2sNzoJs3lXuZRxNOl2Khv0qMVW6E8pWlOLQR41hXqHVZDnnF%2F2aFWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cf-ray
80819c5d481c0481-CDG
access-control-allow-headers
x-requested-with
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery function| Popper object| bootstrap object| _0x4dc2 string| exNKSLa object| iDxncQLUYgs function| rFrx object| el

2 Cookies

Domain/Path Name / Value
mpshark.com/ Name: session
Value: eyJjc3JmX3Rva2VuIjoiNWE0NmQ3MTU5ZGY0YjIyYjBjMmJiMzgzMzE3MWJmZWRhZDM2NThhMSJ9.ZQb7oA.q088r0S8gkKOv-RKdBia2VuyOL4
.ueive.com/ Name: cf_clearance
Value: tNoGKVo8TdIIomAxuVo4p3wDUYk2SpFLEaUnJWKomdU-1694956451-0-1-2140645c.79f292b0.2e5951d1-0.2.1694956451

9 Console Messages

Source Level URL
Text
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 502 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://zap.buzz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 502 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://zap.buzz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 502 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://zap.buzz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 502 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://zap.buzz/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript error URL: http://ps.popcash.net/go/134600/317194(Line 11)
Message:
Unsafe attempt to initiate navigation for frame with URL 'http://mpshark.com/' from frame with URL 'http://ps.popcash.net/go/134600/317194'. The frame attempting navigation of the top-level window is sandboxed, but the flag of 'allow-top-navigation' or 'allow-top-navigation-by-user-activation' is not set.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.addlnk.com
cdnjs.cloudflare.com
egazedatthe.xyz
fonts.googleapis.com
fonts.gstatic.com
go.savethereef.xyz
lp.personalizedbackground.com
mpshark.com
my.ueive.com
popcash.net
ps.popcash.net
store-extension-lp-logos.s3.amazonaws.com
t10.blowingwnd.com
t2.blowingwnd.com
t3.hightid.com
topictraff.com
trk122.zzzperform.com
zap.buzz
104.21.82.27
172.67.151.115
188.114.97.3
2604:9e00:1:129::2:b2a
2606:4700:3031::6815:e2b
2606:4700:3034::6815:1362
2606:4700:3034::ac43:d521
2606:4700:3035::6815:3426
2606:4700::6811:180e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a06:98c1:3121::3
51.161.115.163
51.83.143.92
52.217.130.81
52.86.65.27
031656ab913f3812b69f7618d5775f618195459c35d779d8bedb79a1cc26367e
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
1125e91d1e146d91e6f124e1a0b95052c677f3cb1beffb8849e5f169822b0c41
155cb29f145297cd77a3c8b113ec50839dcc6ae74f67efd1859157706ed83f65
230e8424c9c7539874de39b69c00edf8fee65613dbc32b4d999f0dd73adf9307
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351
36ee3fc8a3a694632505841506d835008acd2acfa235e1ad3c7a6c324c45aba7
4d0074b3ce056e57b4926e3f569116538272f434e9586564d494456743d79158
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
98c790ddb1f2f5b03f594f16c507038d3a569f514bdb5a4a65e5f2a2ab031d16
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c7492389efed58597c0dc80c624a8f443840811661d380ed14c24e6e1841e1a
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
ac0007423ab131a26c3ff023d2046eea25bccaab1ae3420817b30c57ffe1f779
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55
bd50ac935fb5fcda8978d189be4245514e60231a47bd466707ee354eb7b2478c
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c87c4fc93b044ee4bb9ab06d478b627580c9dfefe0f234361f99fa8fdde82a46
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288
f1f74804c9159254155f0227b54030743c99f9d6c77b4704e9bb39a1a4044c79
f71be91945edede1a4f0a57e5951523979de94c2da80e13a02a405dc30a9f3f4