urlscan.io logo urlscan.io
SecurityTrails logo

www.mpshark.com Open in urlscan Pro
2606:4700:3031::6815:e2b  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.mpshark.com/
Submission: On October 24 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::6815:e2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mpshark.com. The Cisco Umbrella rank of the primary domain is 246266.
This is the only time www.mpshark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
4 4 172.67.151.115 13335 (CLOUDFLAR...)
2 104.21.82.222 13335 (CLOUDFLAR...)
2 172.67.211.145 13335 (CLOUDFLAR...)
2 52.216.62.137 16509 (AMAZON-02)
25 8
10    2606:4700:3031::6815:e2b (United States)

ASN13335 (CLOUDFLARENET, US)
www.mpshark.com
4    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:3034::ac43:d521 (United States)

ASN13335 (CLOUDFLARENET, US)
zap.buzz
4    172.67.151.115 (United States)

ASN13335 (CLOUDFLARENET, US)
egazedatthe.xyz
2    104.21.82.222 (None, )

ASN13335 (CLOUDFLARENET, US)
lp.artnewtabs.com
2    172.67.211.145 (United States)

ASN13335 (CLOUDFLARENET, US)
lp.wingmanclock.com
2    52.216.62.137 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
store-extension-lp-logos.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
10 mpshark.com
www.mpshark.com — Cisco Umbrella Rank: 246266
4 MB
4 egazedatthe.xyz
egazedatthe.xyz — Cisco Umbrella Rank: 443667
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
3 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
48 KB
2 amazonaws.com
store-extension-lp-logos.s3.amazonaws.com — Cisco Umbrella Rank: 313280
43 KB
2 wingmanclock.com
lp.wingmanclock.com
359 KB
2 artnewtabs.com
lp.artnewtabs.com
359 KB
2 zap.buzz
zap.buzz — Cisco Umbrella Rank: 122114
817 B
2 gstatic.com
fonts.gstatic.com
70 KB
25 9
Domain Requested by
10 www.mpshark.com www.mpshark.com
4 egazedatthe.xyz 4 redirects
4 fonts.googleapis.com www.mpshark.com
3 cdnjs.cloudflare.com www.mpshark.com
2 store-extension-lp-logos.s3.amazonaws.com lp.wingmanclock.com
lp.artnewtabs.com
2 lp.wingmanclock.com www.mpshark.com
lp.wingmanclock.com
2 lp.artnewtabs.com www.mpshark.com
lp.artnewtabs.com
2 zap.buzz 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
25 9

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
artnewtabs.com
E1		 2023-10-09 -
2024-01-07		 3 months crt.sh
wingmanclock.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh

This page contains 3 frames:

Primary Page: http://www.mpshark.com/
Frame ID: 1DCCCC2AE501FC37697BADFCCBCC934C
Requests: 19 HTTP requests in this frame

Frame: https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Frame ID: 8E851C2F7F699282D40460E34110B419
Requests: 6 HTTP requests in this frame

Frame: https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
Frame ID: 28CD53D3E09045CA91C1A6893F82D171
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best YouTube to MP3 Converter - MPShark

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

60 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

5125 kB
Transfer

5899 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://zap.buzz/6YYQQG5 HTTP 302
  • http://egazedatthe.xyz/redirect?tid=989716 HTTP 301
  • https://egazedatthe.xyz/redirect?tid=989716 HTTP 302
  • https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Request Chain 19
  • https://zap.buzz/6YYQQG5 HTTP 302
  • http://egazedatthe.xyz/redirect?tid=989716 HTTP 301
  • https://egazedatthe.xyz/redirect?tid=989716 HTTP 302
  • https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mpshark.com/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7c8e18967000401a2db383755be3d33096cf2bbcf53ee88bbda2c999b2992f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
81b39226cb519195-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Oct 2023 16:24:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvrGTT8lmDT6TquxaNSVslPQDGuFu85HuogJMOIET%2FOqaaWQXTc9b5sbuHqq7Liz5aq2Fbwqy9rSyRHZhg9IGFq0oTlTNXwBkBuesEuOZZGGKBzIl8wb8%2FdCvVvwh4%2F0%2B6bzjNOblI5wIDkNoX4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Cookie
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
www.mpshark.com/static/vendor/bootstrap/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1078
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-27293"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKZQxrfBq65tVzvK5xpBa3XKdKT77PQVsnAJkO4J56J2t1BFhwLb2jbQ4AfrWbeLp72KWUpjCqyV55cidsMkA%2FP8aJLHQKbILbqUpF%2BSrw%2F9rdvCtJXzADc3pJfx1CLLLhjy42z0JRhOHgHNano%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
81b392271b999195-FRA
all.min.css
www.mpshark.com/static/vendor/fontawesome-free/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
686
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-e637"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8NTyipA0BbpRSpsICO9YVv8beIS%2BczUJp0R36shpP6zF4SkeLpII7Dxt7b%2FvCvaPr9Dtu79iRPa%2FNqeT%2FAVsdc624jByB8VX5zvhKQhmx6qcEwu7ZZlkd7ovHzwMVpFNJkETzKAxl8Cc7POqYQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
81b3922718829226-FRA
simple-line-icons.css
www.mpshark.com/static/vendor/simple-line-icons/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/vendor/simple-line-icons/css/simple-line-icons.css
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1219
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-329e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE7BbXAYhWkzLWQbefD5L8Rddzk9mY3Aon5D%2FpBZ9hlQcs1DroOziCIntHal1UMia2Kn9H1HlgV9GUPLYfH8hPR5fpLT9XjCiDkXzWkZLAGh%2FE%2Fmw5Kt78lSiGXJTyYhHLzNlFL8hPISNLXEGfw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
81b392272890383a-FRA
css
fonts.googleapis.com/ 		4 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 16:05:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 16:24:35 GMT
css2
fonts.googleapis.com/ 		7 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap&family=Kanit:wght@200&display=swap
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd50ac935fb5fcda8978d189be4245514e60231a47bd466707ee354eb7b2478c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 16:08:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 16:24:35 GMT
css2
fonts.googleapis.com/ 		1 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Itim&display=swap
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
155cb29f145297cd77a3c8b113ec50839dcc6ae74f67efd1859157706ed83f65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 15:39:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 16:24:35 GMT
css
fonts.googleapis.com/ 		9 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 14:46:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 16:24:35 GMT
landing-page.min.css
www.mpshark.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/css/landing-page.min.css
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f74804c9159254155f0227b54030743c99f9d6c77b4704e9bb39a1a4044c79

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
638
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-7d4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0%2BhZu2rhCqczUHhFNdSmdYFzCfQvUjHw11n1mmoO69q84kypIrHl44tLyB%2FGrcS5dqZDHw0nOe3XKR9JJiVO0J8YUqtSsFYwvmhoQRV2dWk9AgmKoMMX9%2Bkgr815jIvolIPZv5xQ6D2Y%2B63Lgw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
81b392274bd36928-FRA
nice-select.css
www.mpshark.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/css/nice-select.css
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1072
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-fa7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfPlk1uonliQf0V57QapOctNWlQZJr%2FMRH6odSmJp4QkML3HCejj9Xl5D1QC9JdmS84Pscahk74HxUnDI6gRHfhxg4MYgMlbsAAf%2BcUErz1TNL6L4w3jeHW1nsEZWRqQEG6yT%2FxFvqNZWMxsmKI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
81b39227484b380d-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8273070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27755
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6c6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObovDI5p8gj5Vm62PpWO8vTYxPA3wUq9asSZVkDxiN%2BR6U4RS7IqYmJwTBkAXwcTzqc8XD8fqKj%2F93ku51VZIn0HAEVFmpEBa428TPcuGbATLo9V1TfVEqV%2FzkR83dKe%2FwSaJKDp2MMzOdwuPfGssWVE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b3922738da3826-FRA
expires
Sun, 13 Oct 2024 16:24:35 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6333464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6507
last-modified
Thu, 22 Jun 2023 11:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d85-196b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfTILpEVPqVew07SduhjjJ2PYLptNSb7dE%2BdBpfyrRqViXMn3iWOJqEq%2Bou8lCDhjinstgGh4AXp%2Ft1ameu1j7BOwcZsuZ3IRXjHbMnwn11x65sErhaW19feQ24S9Enu4XW9NM%2BvxMJmmtsvb3UM9TzK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b3922738dd3826-FRA
expires
Sun, 13 Oct 2024 16:24:35 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2937510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13947
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-ea6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BTYXr%2F1uf2tcWRvYz83hqxhQLwKbHdNsXhQ%2FeikiMZvxyzX5t1kTIq5sRT6EFpwVX3iGhDBWvc4igw8WoOieT7nOh3pbpE4M1L6e8%2FriqdquZ5YrbQA7zaZ4%2FTA6u41e%2FDVHr36%2FiZVaYXe1zmdNIP5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b3922738de3826-FRA
expires
Sun, 13 Oct 2024 16:24:35 GMT
jquery.nice-select.min.js
www.mpshark.com/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/js/jquery.nice-select.min.js
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c790ddb1f2f5b03f594f16c507038d3a569f514bdb5a4a65e5f2a2ab031d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
547
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
W/"5f0cc963-1491"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2JaK7x1FTt8RhuvOH94tYG25KvIsaRTWcuTE%2BHJdRkoNf4LksgPmHEg5EbfnhsJIJW3k%2F0MGS60R9QHy0XX%2FLYE%2BKTI9mAQOLkI2ycgkzUpMyHeMdTG2s9aCbdDCUvpGAvKKoywDfbena6XWUA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
81b39227490692b4-FRA
logo.png
www.mpshark.com/static/images/ 		552 KB
553 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mpshark.com/static/images/logo.png
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
230e8424c9c7539874de39b69c00edf8fee65613dbc32b4d999f0dd73adf9307

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
810
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
565352
Last-Modified
Wed, 15 Jul 2020 22:21:08 GMT
Server
cloudflare
ETag
"5f0f8154-8a068"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soe9ajooBjSpRfng8IYpmCFoe46JrBSVgdptnkBWZS1u%2B3PqeQGeZq85IJU%2BeHaZIaueneYTh2yKrgkRFtiZ4MLy2Ai2puTQjJH7ZRQVnEatCUrWgCaVOdrGqMSQxz9xKZvoVNKCkYB0dZ3EBcE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
81b392273bcd9195-FRA
bg-masthead.jpg
www.mpshark.com/static/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mpshark.com/static/images/bg-masthead.jpg
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/static/css/landing-page.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0007423ab131a26c3ff023d2046eea25bccaab1ae3420817b30c57ffe1f779

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mpshark.com/static/css/landing-page.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1088
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3647423
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
Server
cloudflare
ETag
"5f0cc963-37a7bf"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XlTf4AkFOwKlJfH0WiSBzHL63brB55n7wMvxgI9KHa1wzz3cB9X90mMmgMW9VIN3zuj7X7CkyBwiGdaAOhKEf1RxqtnZOAmy%2BFNPWCop6gJX2ghrBX%2F8nwwx2snODjbkDlS6bF%2FcvBliZC94Pg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
81b392278c2d9195-FRA
fa-brands-400.woff2
www.mpshark.com/static/vendor/fontawesome-free/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.mpshark.com/static/vendor/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:e2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288

Request headers

Referer
http://www.mpshark.com/static/vendor/fontawesome-free/css/all.min.css
Origin
http://www.mpshark.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:35 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 13 Jul 2020 20:51:47 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5f0cc963-12e84"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3jGI%2F7i8Jo72Wy7qMxQMDZy0XoQNwbmsipbw6veyt1Tw9p%2F1QMDCd5qyDOy92R146no6PFyr3TQ3PUgeIFwYU%2FHAcVd3695271H6RQ41jUd%2Fkw0%2BoeGMysOQFnprXoWcRf8QnV3lzMneeCEkRA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
81b39227996192b4-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
77444
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.mpshark.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 21:18:33 GMT
x-content-type-options
nosniff
age
241562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 21:18:33 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap&family=Kanit:wght@200&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.mpshark.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
425296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:16:19 GMT
extlp1
lp.artnewtabs.com/ Frame 8E85
Redirect Chain
  • https://zap.buzz/6YYQQG5
  • http://egazedatthe.xyz/redirect?tid=989716
  • https://egazedatthe.xyz/redirect?tid=989716
  • https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
537 KB
359 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3772bc7ce785cd5926469d47b7564b5ab4fa65b6985c8994967d6c71bef13675

Request headers

Referer
http://www.mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81b3922b1d572c73-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Oct 2023 16:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X359sLYO2po5wYGPyYoQgwNdoZqYnJhabUYfgF4FzfEsBDDk%2BeZFxjhtYjsFfG2fO2XuoeAM47RkrQsiMvP8WgrhM9JMIX4WrHElNvfRV0pwGZlbr36%2B36VGXrix9XO7OrOfhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
81b392293af5bb9e-FRA
content-length
0
content-type
text/plain
date
Tue, 24 Oct 2023 16:24:36 GMT
location
https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NID DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FyfOcqTYvC3Q50BDg682pAAWq25CC07ERPAs%2F34a8E6G3l1kMAVHcV8W7d7JEEGf9WBYOHRGa1TFRX2kOhupCzfGQFONz7rUN7HJ1dgWxwGDHDEO1BpUE%2BBio%2BJEbWXWIE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
extlp1
lp.wingmanclock.com/ Frame 28CD
Redirect Chain
  • https://zap.buzz/6YYQQG5
  • http://egazedatthe.xyz/redirect?tid=989716
  • https://egazedatthe.xyz/redirect?tid=989716
  • https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
537 KB
359 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
Requested by
Host: www.mpshark.com
URL: http://www.mpshark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.211.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb0c95ed5f05e7235bde1bf2b0e2b81a85dabdac3bbac4edbc1df4684061ce7

Request headers

Referer
http://www.mpshark.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81b3922b19dd35f6-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Oct 2023 16:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bCYeVkRudH1IECf8jB6YgxS44VpkXBQyp4Voli4XAM75XrwOymshYKtzcLayGZ7ASVtezbViPjh7YSqpADvSOdhepYd7AMdJRwSQDaB2Fja2InCWuIB1RbaqtD1XwkIGvXlEiB1"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
81b392293af7bb9e-FRA
content-length
0
content-type
text/plain
date
Tue, 24 Oct 2023 16:24:36 GMT
location
https://lp.Wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NID DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO9AHP%2F70134WXhEUGuLmCzX7l6UjDz6p6%2BBEwk8TE8moHb2HjKiv3X1DpKAG2TeO5w6Jxn2YVufEzxeago2A1OsfnJGgvCa8Q5etC6NhwE00Cw0nx24js1X6eq3Al9cq%2FA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Wingman+Clock.png
store-extension-lp-logos.s3.amazonaws.com/ Frame 28CD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-extension-lp-logos.s3.amazonaws.com/Wingman+Clock.png
Requested by
Host: lp.wingmanclock.com
URL: https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.62.137 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b4175d49c168376c386014db779b8d4f1d3b9a902c76cfd57b6264b745c9784d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.wingmanclock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:37 GMT
x-amz-version-id
null
Last-Modified
Mon, 17 Jul 2023 13:32:11 GMT
Server
AmazonS3
x-amz-request-id
HXFBG1SMCDZQS7JY
ETag
"7f88ff52b8a020be554a7f6db0af89c4"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
14063
x-amz-id-2
DAuMZk+BXRr7KP9Fv2oISklrvxOGPqI+dXKC1mGg9UEPJDcN2+SgDjwjoYwTH/Tj/Ovwr+7Xjhc=
truncated
/ Frame 28CD 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 28CD 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 28CD 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
ArtsNewTab.png
store-extension-lp-logos.s3.amazonaws.com/ Frame 8E85 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-extension-lp-logos.s3.amazonaws.com/ArtsNewTab.png
Requested by
Host: lp.artnewtabs.com
URL: https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.62.137 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2c95573f6dc3d7c632e2c909338c51e839c1197c6a7d320bee28f2920fdfd061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.artnewtabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 16:24:38 GMT
x-amz-version-id
eYd.abw5mxCf.727C4nDB5hwvVGfQDDb
Last-Modified
Mon, 16 Oct 2023 16:57:03 GMT
Server
AmazonS3
x-amz-request-id
4MBT3FY1C1SB4ECW
ETag
"e84f27574f3d1c783566c2b564a5387b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28596
x-amz-id-2
p/IT5hNUpi7eo3m6zvygLvp9b0m7I3XBFQynCRf4X9/dNylFEuaVa4wqaXmMC5aN53GfRXof0yY=
truncated
/ Frame 8E85 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E85 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E85 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
extlp1
lp.wingmanclock.com/ Frame 28CD 		0
309 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
Requested by
Host: lp.wingmanclock.com
URL: https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.211.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lp.wingmanclock.com/extlp1?sel_id=4&uid=6061285220105326500
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 24 Oct 2023 16:24:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB1FdMATfg6pBOaq2vLdr3zW03poFD9FIZ3nJ4mC3WabtiMgqt3agfM%2FMsTRYcGgfFGAjV70Smftg9Rq9d4WjU8SzAs0sZfSkBfE2SsjYPjnb2RCfPWN8ORE5KhpSDBhSRlp7UQD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cf-ray
81b3922fa80035f6-FRA
access-control-allow-headers
x-requested-with
alt-svc
h3=":443"; ma=86400
extlp1
lp.artnewtabs.com/ Frame 8E85 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Requested by
Host: lp.artnewtabs.com
URL: https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lp.artnewtabs.com/extlp1?sel_id=24&uid=2464908732943735514
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 24 Oct 2023 16:24:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKl4eeNFSLO%2FIteFwy7zHPmGfEGwTFJ6D2ANOXoqEfjuIcZyNugA78xuSR1B%2BPeBdNwoAwpviSc%2BkE03nPZ%2BN8QEZXhhWwtxhnbEkbiZ8xF8JTQTgGLpbzyhSeiSpJMyS8TIug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cf-ray
81b392305c8f2c73-FRA
access-control-allow-headers
x-requested-with
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| Popper object| bootstrap object| _0x6556 string| jIdAZoefpo object| epwakZTeOoX function| rFrx object| el

1 Cookies

Domain/Path Name / Value
www.mpshark.com/ Name: session
Value: eyJjc3JmX3Rva2VuIjoiY2Q5NzQ5ZjQ0YTBjNjcyM2FlMmE0YmVmNTc0N2FkY2UwMjA0ZDAxNiJ9.ZTfvww.Egm1I2GR8P4RdywIgqNKk5bc34Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
egazedatthe.xyz
fonts.googleapis.com
fonts.gstatic.com
lp.artnewtabs.com
lp.wingmanclock.com
store-extension-lp-logos.s3.amazonaws.com
www.mpshark.com
zap.buzz
104.21.82.222
172.67.151.115
172.67.211.145
2606:4700:3031::6815:e2b
2606:4700:3034::ac43:d521
2606:4700::6811:190e
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
52.216.62.137
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
155cb29f145297cd77a3c8b113ec50839dcc6ae74f67efd1859157706ed83f65
1bb0c95ed5f05e7235bde1bf2b0e2b81a85dabdac3bbac4edbc1df4684061ce7
230e8424c9c7539874de39b69c00edf8fee65613dbc32b4d999f0dd73adf9307
2c95573f6dc3d7c632e2c909338c51e839c1197c6a7d320bee28f2920fdfd061
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351
3772bc7ce785cd5926469d47b7564b5ab4fa65b6985c8994967d6c71bef13675
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
7d7c8e18967000401a2db383755be3d33096cf2bbcf53ee88bbda2c999b2992f
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
98c790ddb1f2f5b03f594f16c507038d3a569f514bdb5a4a65e5f2a2ab031d16
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
ac0007423ab131a26c3ff023d2046eea25bccaab1ae3420817b30c57ffe1f779
b4175d49c168376c386014db779b8d4f1d3b9a902c76cfd57b6264b745c9784d
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55
bd50ac935fb5fcda8978d189be4245514e60231a47bd466707ee354eb7b2478c
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288
f1f74804c9159254155f0227b54030743c99f9d6c77b4704e9bb39a1a4044c79