welovesharks.club Open in urlscan Pro
169.150.247.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://welovesharks.club/?bypass-cdn=1
Submission: On December 05 via api (December 5th 2023, 8:08:16 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 79 HTTP transactions. The main IP is 169.150.247.39, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is welovesharks.club.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time welovesharks.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	169.150.247.39 169.150.247.39	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	34.23.59.145 34.23.59.145	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100:78b::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 7	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.184.108.41 18.184.108.41	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2004	() ()
79	24

11 169.150.247.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-39.bunnyinfra.net

welovesharks.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.23.59.145 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 145.59.23.34.bc.googleusercontent.com

analytics.freshstore.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:78b::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.108.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	936 KB
16	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	60 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com	74 KB
11	welovesharks.club welovesharks.club	429 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	454 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	1 KB
2	freshstore.cloud analytics.freshstore.cloud	22 KB
2	gstatic.com fonts.gstatic.com	54 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	529 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1392	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	115 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	246 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	76 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	564 B
79	21

	Domain	Requested by
14	fundingchoicesmessages.google.com	welovesharks.club
14	pagead2.googlesyndication.com	welovesharks.club pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	welovesharks.club	welovesharks.club
7	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
7	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ib.adnxs.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	analytics.freshstore.cloud	welovesharks.club analytics.freshstore.cloud
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	secure.insightexpressai.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	welovesharks.club
1	fonts.googleapis.com	welovesharks.club
79	27

This site contains links to these domains. Also see Links.

Domain
store.welovesharks.club
www.facebook.com
www.youtube.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
welovesharks.club R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
analytics.freshstore.cloud R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://welovesharks.club/?bypass-cdn=1
Frame ID: 7C10F6A2852CC6937EB6AD0BBC6A7C8B
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html
Frame ID: F298DB510A5A6717D4542EADA6AEB33B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1701806892&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806891680&bpp=11&bdt=878&idt=585&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8029602632257&frm=20&pv=2&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=597
Frame ID: 208A8768F1A7F8EBC6BF8897A69F8BC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701806892&rafmt=1&to=qs&pwprc=7400251490&format=1200x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806891691&bpp=1&bdt=889&idt=588&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=589
Frame ID: FFD0250CC219DB71D77306F1750B2DCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 6005321FDAD82E5A99E2BE280609FDDF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3334818752~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=3&bdt=2396&idt=3&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=17
Frame ID: A18FACB1AB8BF755BF16FD4E74B25009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axir0sj-ATAB&v=APEucNVRkltO3BuF474yxCa5GYDWlU1RmkncWnq57-9dx5W7GHMPxQEeqvi_TfYaCs73VfMzCegUJY6akBsMDkOAlPjQX53Isu-ztN4UrW7siSD2kU4g7ppfM9FJMWxiycQUfBz9LxQHVsbQ2kc0LuHY0I66NLLazLs5poS6PZhojSGWt3SJTYE
Frame ID: 2498B048FF7814177A8EC0D7A8FCE34D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10400FA31717978343402C911B4998A4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E309DF812CB01CF652D5B16B0004C134
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E0E35C95FBDC2B0D6CD0202CF79355A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5BC53AB0610C3BB0DAC3D2BA505994C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We Love Sharks - Photos, Articles, Facts and Everything Shark!SearchFacebookFacebook GroupYouTubeTwitterInstagramToggle MenuContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueNextFacebookFacebook GroupYouTubeTwitterInstagramToggle Menu CloseSearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

79
Requests

90 %
HTTPS

54 %
IPv6

21
Domains

27
Subdomains

24
IPs

5
Countries

1835 kB
Transfer

2884 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://store.welovesharks.club/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WeLoveSharksPage/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/welovesharks
Title: Facebook Group

Search URL Search Domain Scan URL

URL: https://www.youtube.com/WeLoveSharks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/sharkinfotalk
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/welovesharksinsta/
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.DLijfxn6D3HhTjmpRwwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1&google_hm=2

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKse63T-LkcEuu5gkkv7KuQ&google_cver=1

Request Chain 67

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1&google_push=AXcoOmT5J8Y7qnG7rHTZFoPeJiLg-QzN3EDlNle1tVcVLFkIjpP62rlJ7pXcVZ23dpCW_W-cMvD_6wZg9soH7AEXSigok_CvqTZBYlI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODc0ODg1NTI2MzY3MjMwOTM0Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1

Request Chain 68

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 69

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEB-J4c4qstpVMijCn-mWY74&google_cver=1&google_push=AXcoOmQjPjXOEwhdA9JfR8hSnYwvG4O6vA2dGRATLZv7syxfU62ckr5yoCKpILs4oCKcVWJKERF5lACNz3mUfcbeosWTNp_aAFDSRys HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-J4c4qstpVMijCn-mWY74&google_push=AXcoOmQjPjXOEwhdA9JfR8hSnYwvG4O6vA2dGRATLZv7syxfU62ckr5yoCKpILs4oCKcVWJKERF5lACNz3mUfcbeosWTNp_aAFDSRys

Request Chain 73

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELg4wh1wBoR5v5Gm6s-Td0g&google_cver=1&google_push=AXcoOmSOHBAz-B7B4xZ6QK23ke1vGATw9AZXrMbPJYQEfmlIqctQB7hBRmapCILF5ON1XhRkBW6C4ZkJ2ZL4QVPNeGkAjAzZnb9zBDZv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSOHBAz-B7B4xZ6QK23ke1vGATw9AZXrMbPJYQEfmlIqctQB7hBRmapCILF5ON1XhRkBW6C4ZkJ2ZL4QVPNeGkAjAzZnb9zBDZv HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

79 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
welovesharks.club/ 329 KB
59 KB 3007ms
2904ms Document
text/html 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

f55c222a3ec0d6477c322c90b5e92232e78e849091691d132882b90a71369d9a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cdn-cache: BYPASS
cdn-cachedat: 12/05/2023 20:08:10
cdn-edgestorageid: 1081
cdn-proxyver: 1.04
cdn-pullzone: 1353133
cdn-requestcountrycode: DE
cdn-requestid: b8ae7fff38a17ec6005461f19db75a8b
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 20:08:10 GMT
link: <https://welovesharks.club/wp-json/>; rel="https://api.w.org/"
server: BunnyCDN-DE1-1082
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 454 B
564 B 250ms
87ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work%20Sans:regular,700&display=swap

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e111328c2517f59fbb6b8c48f4cdb63229b1f22c5f9d4576c13b6c921b3afd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 05 Dec 2023 20:08:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 251ms
94ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NNQW3NM

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fadcefb72de17f1369e5ec263a44ccebccf9d9c1aeccb9968c598524596cf56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 20:08:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 184 KB
184 KB 283ms
120ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198f6ead14104f623e948c55dec7d14891c1c63657c1141c41d113cea8d9c1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Origin: https://welovesharks.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188136
x-xss-protection: 0
server: cafe
etag: 18106808565075973375
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:08:11 GMT

GET
H2 200 pub-1870775526215126 Show response
fundingchoicesmessages.google.com/i/ 179 KB
58 KB 298ms
141ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-1870775526215126?ers=1

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a5e0643f8353f8e194f69e9cb186208f1e820d3844927a7b17bb06780ef1ca7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q6zpUjbP4ZIQalWWEYcGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q6zpUjbP4ZIQalWWEYcGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub-1870775526215126 Show response
fundingchoicesmessages.google.com/b/ 11 KB
6 KB 259ms
102ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-1870775526215126

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcf0013c8b956a0ce5adcd963a2176fa9fbac7be20dd433da0c8340447e9d55f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iWqZwSIlTbkAd8D6vG1DZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-iWqZwSIlTbkAd8D6vG1DZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Positive.png
welovesharks.club/wp-content/uploads/2021/04/ 22 KB
23 KB 48ms
48ms Image
image/png 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2021/04/Positive.png

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

0a29f6113bf955135d21c3919d843e4804e3ff29583c6634592bf32808564c14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/20/2023 20:46:08
cdn-pullzone: 1353133
content-length: 22762
last-modified: Thu, 06 Oct 2022 00:34:22 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "633e228e-58ea"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: ce26c108531fb285cb4480ec5f08933e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow.ttf
fonts.gstatic.com/s/worksans/v19/ 47 KB
26 KB 328ms
164ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work%20Sans:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc1800cc9aa2f2a7921a64a2b7e46d0ceaa4b3972fcf5aaab8a2f7f3d859284d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://welovesharks.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 04 Dec 2023 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26586
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:07:58 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf14835d8afe637561251c8d8e32d654eee20093edd87770cb57a3f288485635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58ec7a3cb2961dbab71f134baa7a07acbb6250f1623633f33c7a74672ec86426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0527b799cb6ea8b001ee5861d2944e9b79f0436529551f51a52435c188117e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b75c396cfa9a04df34ee2f285e1ebd83ed883d2f23243af4fd16054b110a02a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d95c710711cb1973d6a27ee6d18c65051582f6cfa10b4224a3af19b2475dbd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59cb5814624f670857b35d854b4ae392b9cead23bc751046b2b0e0558729fe47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39833f961cf193f3d708dd613ddbe670139eb6fe8e0984a51100ef3d54963801

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Type: image/svg+xml

GET
H2 200 lazysizes.min.js Show response
welovesharks.club/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 40ms
40ms Script
application/javascript 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://welovesharks.club/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.10

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 09/20/2023 20:46:08
cdn-pullzone: 1353133
last-modified: Thu, 22 Jun 2023 21:22:54 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6494bbae-2655"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: b340a65f33374f2f50c1ed57d7ff8c0f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 autoptimize_4c5aa53168df97f747e7baa1b89fb270.js Show response
welovesharks.club/wp-content/cache/autoptimize/js/ 22 KB
7 KB 44ms
44ms Script
application/javascript 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://welovesharks.club/wp-content/cache/autoptimize/js/autoptimize_4c5aa53168df97f747e7baa1b89fb270.js

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

accf52a4ef9a46194afb46b07fad469886707705d14b559387f1eab150b5232f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/25/2023 09:08:44
cdn-pullzone: 1353133
last-modified: Tue, 24 Oct 2023 06:54:09 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65376a11-5727"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 9dd43e895f43a0c73200634f68854eef
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8Jow.ttf
fonts.gstatic.com/s/worksans/v19/ 47 KB
28 KB 231ms
80ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8Jow.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work%20Sans:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689f16c953bb3f797bc6a118b1fadf6fa44c091ffbed32d8ddcab2c6b891c273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://welovesharks.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 04 Dec 2023 21:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27692
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:54:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 21:47:31 GMT

GET
H2 200 Screen-Shot-2023-11-27-at-6.57.23-AM-768x506.jpg
welovesharks.club/wp-content/uploads/2023/11/ 83 KB
83 KB 43ms
43ms Image
image/jpeg 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/11/Screen-Shot-2023-11-27-at-6.57.23-AM-768x506.jpg

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

efa8a13bc294c11f63cab67ce0856b3c0c2bf6adcfcace85cddb579645705a38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 11/29/2023 20:06:12
cdn-pullzone: 1353133
content-length: 84599
last-modified: Mon, 27 Nov 2023 11:58:38 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6564846e-14a77"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 8e4fa6aab6b519b7373ebe74558366e0
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 shark-fin-472685_1280-768x576.jpg
welovesharks.club/wp-content/uploads/2023/10/ 75 KB
76 KB 88ms
87ms Image
image/jpeg 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/10/shark-fin-472685_1280-768x576.jpg

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

6bb3d2fe0ce8bcc45ff0160a29b27ab1a45c4c7e5cf5ea426fd2a4c3925bdc9a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 11/05/2023 13:26:15
cdn-pullzone: 1353133
content-length: 76925
last-modified: Thu, 26 Oct 2023 11:20:43 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "653a4b8b-12c7d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 80ef4730df442cf369502cd3becf6cc7
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2023-10-19-at-7.59.22-AM-768x457.jpg
welovesharks.club/wp-content/uploads/2023/10/ 36 KB
36 KB 87ms
87ms Image
image/jpeg 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/10/Screen-Shot-2023-10-19-at-7.59.22-AM-768x457.jpg

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

17f33ff3e7969c55a61dded2724cc4eb3c02d75101a4cb73af25d72ca21f70d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 10/21/2023 13:20:25
cdn-pullzone: 1353133
content-length: 36691
last-modified: Thu, 19 Oct 2023 12:00:16 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65311a50-8f53"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 47c78678d56b20cdf11424d0b7737351
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mako-shark-beached-768x591.jpg
welovesharks.club/wp-content/uploads/2023/09/ 33 KB
34 KB 43ms
43ms Image
image/jpeg 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/09/mako-shark-beached-768x591.jpg

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

6ba3a89560e8ef46f06114e7b5cc9af89915288900255df7290640175d28c73c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 09/20/2023 20:46:09
cdn-pullzone: 1353133
content-length: 34274
last-modified: Wed, 20 Sep 2023 10:04:22 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "650ac3a6-85e2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 1531eb1f3a181f918b40fde740ce0c46
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 no-swimming-at-rockaway-beach-768x512.webp
welovesharks.club/wp-content/uploads/2023/08/ 37 KB
37 KB 87ms
86ms Image
image/webp 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/08/no-swimming-at-rockaway-beach-768x512.webp

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

24235cf55015d96a63e534d34de6f01c94d26f50a7d0d195b7e909de3427a928

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 11/20/2023 20:03:14
cdn-pullzone: 1353133
content-length: 37892
last-modified: Thu, 10 Aug 2023 11:27:31 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64d4c9a3-9404"
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 2f088d14b2da6ab945b49e75d6b6cd94
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Great-White-Shark-Trivia-Game-768x432.jpg
welovesharks.club/wp-content/uploads/2023/08/ 63 KB
64 KB 87ms
87ms Image
image/jpeg 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovesharks.club/wp-content/uploads/2023/08/Great-White-Shark-Trivia-Game-768x432.jpg

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

b8036a80bc24bfd85e4127fd0cd698cea56578ce0af86f9a27d86443d5ae19bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 09/20/2023 20:46:09
cdn-pullzone: 1353133
content-length: 64589
last-modified: Mon, 07 Aug 2023 11:50:02 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64d0da6a-fc4d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 3172fca2b7e92f53eb37ec54fe6bf324
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK matomo.js Show response
analytics.freshstore.cloud/ 65 KB
21 KB 389ms
129ms Script
application/javascript 34.23.59.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.freshstore.cloud/matomo.js
Requested by: Host: welovesharks.club
URL: https://welovesharks.club/wp-content/cache/autoptimize/js/autoptimize_4c5aa53168df97f747e7baa1b89fb270.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.23.59.145 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 145.59.23.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b4e85bf817418063c7bef172d47b552bf79e60e32dfe2f8783d487609c4b8b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

Date: Tue, 05 Dec 2023 20:08:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Sep 2023 10:47:16 GMT
Server: Apache
ETag: "102da-60577a1f5a3ae-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21609

GET
BLOB 200
OK 5f6e2c17-c486-4814-a902-1e93502b8ed1
https://welovesharks.club/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://welovesharks.club/5f6e2c17-c486-4814-a902-1e93502b8ed1
Requested by: Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 wp-emoji-release.min.js Show response
welovesharks.club/wp-includes/js/ 18 KB
6 KB 64ms
63ms Script
application/javascript 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://welovesharks.club/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/wp-content/cache/autoptimize/js/autoptimize_4c5aa53168df97f747e7baa1b89fb270.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-39.bunnyinfra.net

Software

BunnyCDN-DE1-1082 /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 11/17/2023 15:03:10
cdn-pullzone: 1353133
last-modified: Mon, 21 Aug 2023 16:09:00 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64e38c1c-4904"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 6922f5636174a6bd7104909aa673caa1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 AGSKWxUEW2NxRwWE374tcVG4pLE5R9m0z-fio_IKxX_qfnBpR0uO_4T-NQzT9aqSBo93LGtISyXYDC7CYshCbm79lTOYsQ== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 248ms
90ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUEW2NxRwWE374tcVG4pLE5R9m0z-fio_IKxX_qfnBpR0uO_4T-NQzT9aqSBo93LGtISyXYDC7CYshCbm79lTOYsQ==

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QC6OaPcnd-EN50P1Zk5-1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-QC6OaPcnd-EN50P1Zk5-1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://welovesharks.club
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 168ms
59ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZXLHSZW3W&gtm=45Pe3bt0v9101013274&_p=1701806891196&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=965731825.1701806892&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701806891&sct=1&seg=0&dl=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&dt=We%20Love%20Sharks%20-%20Photos%2C%20Articles%2C%20Facts%20and%20Everything%20Shark!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3765
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NNQW3NM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welovesharks.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWMLtE64z1IHG6rmoZ9XxnRtkrTfdnt5_4VDYNDo-_5OkP7ug_BYCrbBKY1bTNnimQy-VdhOy3oRQaJXWjVzMgGwe_kyTyOgC5h-2L6Pdpb9jGE5x8O-sJB8SAlG-VqnK8Fw4PiJA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 126ms
126ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWMLtE64z1IHG6rmoZ9XxnRtkrTfdnt5_4VDYNDo-_5OkP7ug_BYCrbBKY1bTNnimQy-VdhOy3oRQaJXWjVzMgGwe_kyTyOgC5h-2L6Pdpb9jGE5x8O-sJB8SAlG-VqnK8Fw4PiJA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxODA2ODkxLDU3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93ZWxvdmVzaGFya3MuY2x1Yi8iLG51bGwsW1s4LCJrZkRfWGlLZlhpSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kfD_XiKfXiI.es5.O/am=AAM/d=1/rs=AJlcJMzlVlsI_KhEg474QOPOjZ6pE5i0ZA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

966a2026a9133b35376a92098068e63eb0aa6e498b177286ff1ff93bb8c6d3c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_mLtWX-S4SeGWfUQN-9anA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_mLtWX-S4SeGWfUQN-9anA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 458 KB
458 KB 271ms
120ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=welovesharks.club

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe4b305e7a2e8692f3b331449f817c147f8b3330e294141072a40e823243b3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:11 GMT
x-content-type-options: nosniff
server: cafe
etag: 13571508987168819299
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 468989
x-xss-protection: 0
expires: Tue, 05 Dec 2023 20:08:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame F298 10 KB
5 KB 236ms
78ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 75082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:16:49 GMT
etag: 1201167979857287204
expires: Mon, 18 Dec 2023 23:16:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Response matomo.php
analytics.freshstore.cloud/ 0
232 B 207ms
207ms Ping
text/plain 34.23.59.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.freshstore.cloud/matomo.php?action_name=We%20Love%20Sharks%20-%20Photos%2C%20Articles%2C%20Facts%20and%20Everything%20Shark!&idsite=64&rec=1&r=234215&h=21&m=8&s=11&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&_id=a12140986c60bce7&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4ucmjv&pf_net=103&pf_srv=2905&pf_tfr=337&pf_dm1=355&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.freshstore.cloud
URL: https://analytics.freshstore.cloud/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.23.59.145 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 145.59.23.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin: https://welovesharks.club
Date: Tue, 05 Dec 2023 20:08:11 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 208A 53 KB
9 KB 573ms
570ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1701806892&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806891680&bpp=11&bdt=878&idt=585&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8029602632257&frm=20&pv=2&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=597

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=welovesharks.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

181d7f77cab8d690241535db7fbcd455dfcf5e1896761f0d4325c67a15cda5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 8549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:13 GMT
expires: Tue, 05 Dec 2023 20:08:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFD0 730 B
642 B 530ms
528ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701806892&rafmt=1&to=qs&pwprc=7400251490&format=1200x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806891691&bpp=1&bdt=889&idt=588&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=589

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb29addf433dfb66b11ccff8f4ba4d390fd356877e0a7b8c94eed4389dd380a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 417
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:13 GMT
expires: Tue, 05 Dec 2023 20:08:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
67 B 102ms
101ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.821091780831461

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Xj0wltmbZyIsw68hApCKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Xj0wltmbZyIsw68hApCKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
67 B 91ms
91ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.8029700664962505

Requested by

Host: welovesharks.club
URL: https://welovesharks.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-pFs2Pr3H4lEIGk9kA5whsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-pFs2Pr3H4lEIGk9kA5whsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 101ms
101ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LrSp2hb4Uya5Uzgvlr0iBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-LrSp2hb4Uya5Uzgvlr0iBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://welovesharks.club
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 126ms
126ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f00da885fe9f06f083ff7377c1d3af05a1592e9fd1334d6e14d91a28bddd5ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12196
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6005 91 KB
44 KB 687ms
686ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de89aa46a9cc04073ad73e58e31148b51f0ed5c8815e9da06d50c47f855b2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 45332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:13 GMT
expires: Tue, 05 Dec 2023 20:08:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A18F 436 B
290 B 552ms
551ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3334818752~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=3&bdt=2396&idt=3&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af45fc01bf6a3ab2e75e5300a1f186c91d6de16c96d8fd27f6fc0ffb303b6635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:13 GMT
expires: Tue, 05 Dec 2023 20:08:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&hl=en&pvc=1796167952991891

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2660ms
2507ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 20:08:15 GMT

GET
H3 200 dart_ads.&adnum= Show response
fundingchoicesmessages.google.com/f/AGSKWxWeCE2NNOPes3KTo8z-bmoy2IPo231fX7SxPwgIzNCu3-_n5WQ0xe5iAZq3W0QoNJyGGFIHg4pn7pAzKcWEYPbVOkTrg800MhsSWKaqolKpg5oifECmSJFR-J7dRHfKVVaPYaOi-KL93luOYjYUYqPpFujU7... 54 B
108 B 95ms
95ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWeCE2NNOPes3KTo8z-bmoy2IPo231fX7SxPwgIzNCu3-_n5WQ0xe5iAZq3W0QoNJyGGFIHg4pn7pAzKcWEYPbVOkTrg800MhsSWKaqolKpg5oifECmSJFR-J7dRHfKVVaPYaOi-KL93luOYjYUYqPpFujU7zw81F2PCj8kWOIfiq0JQB6kTtZBcWyc/__advertisement./adspace1./a7delivery_/dart_ads.&adnum=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kfD_XiKfXiI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwfeR_pqtIX86Jz4wDoHYGW98_p-g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28dbf9dc8dde0505ecbe610eeebe99cd4957e14deceb0dedc7d4f755237e5f80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UVxTz58x8c5tuynZ1Lz9Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-UVxTz58x8c5tuynZ1Lz9Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 184 KB
184 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252dd981a18132fe362b8c1d58b68bec40a81a95f8fe28ed0ebedd91c8f6a456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188093
x-xss-protection: 0
server: cafe
etag: 3919485023907466885
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:08:13 GMT

POST
H3 204 AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 88ms
87ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CB9RHxCftTDmJpvi7PVmDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-CB9RHxCftTDmJpvi7PVmDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://welovesharks.club
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 86ms
86ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVlpMi6_xVv1iq26zWmsCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVlpMi6_xVv1iq26zWmsCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://welovesharks.club
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 88ms
88ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gVoRhKjvj2aCi68dkL5PDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gVoRhKjvj2aCi68dkL5PDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://welovesharks.club
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 89ms
89ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV3GYd1GzBXprHYZB-X8BgIjLC46ALbxnKxq0_iQtBZCldpkTb5O06rFGCdcuch4YJ07biA9dgB4Ku-1L8IdsdVeaPHQXDNAneM3eBISZr0ybYum7zoZeOordzkRYKiH695-EB34Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h-bV_ytmsB5QqWUrIfUfFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h-bV_ytmsB5QqWUrIfUfFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://welovesharks.club
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUxiR4rprndvtViEq8qTDaTZYSYabTXLa_EswPDp0_XxaP23TmiqlTE0abNidSpq-IV2Hq3sA2TG_jz0oex9JTXZq_vX6nq57izQDlk5-7W9p07vwRI2LwFkPuVsBAK4SMzet5Ubw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 109ms
109ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUxiR4rprndvtViEq8qTDaTZYSYabTXLa_EswPDp0_XxaP23TmiqlTE0abNidSpq-IV2Hq3sA2TG_jz0oex9JTXZq_vX6nq57izQDlk5-7W9p07vwRI2LwFkPuVsBAK4SMzet5Ubw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxODA2ODkzLDY1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd2Vsb3Zlc2hhcmtzLmNsdWIvIixudWxsLFtbOCwia2ZEX1hpS2ZYaUkiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6168b9112f127850fb0451fcbc7b802d311cb2e230d417754fee65041a8290ed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OSgxbmIvyZ9fSCyv1BJ_qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovesharks.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OSgxbmIvyZ9fSCyv1BJ_qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWQGWURCuLgv3v4aFRb91PasqxxrW0tMTbNK4QDb-LRTf6taltQZdoageBGBJ9XPC7VBbapyvd9W8qpgG6ylh513_ox1O7U_yOf6CDF6QJbL6_0wNS6Q5k1oJBWwz8MEdUHgAQJ8A== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 91ms
90ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWQGWURCuLgv3v4aFRb91PasqxxrW0tMTbNK4QDb-LRTf6taltQZdoageBGBJ9XPC7VBbapyvd9W8qpgG6ylh513_ox1O7U_yOf6CDF6QJbL6_0wNS6Q5k1oJBWwz8MEdUHgAQJ8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f-YSNpyQYxatW8qjumaomw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 20:08:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-f-YSNpyQYxatW8qjumaomw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://welovesharks.club
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6005 42 B
63 B 111ms
111ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9RCIXMeDJK48SJ2pJfwlWzAT6BmjVfe6CCnz2DrSa72TybpqiBzZYiDdYhnGh9GfeBPnZAG8P2uzeh5ZNyDLIfunVDzdhQol53noVUVGckNQFMCE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2498 624 B
297 B 120ms
119ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axir0sj-ATAB&v=APEucNVRkltO3BuF474yxCa5GYDWlU1RmkncWnq57-9dx5W7GHMPxQEeqvi_TfYaCs73VfMzCegUJY6akBsMDkOAlPjQX53Isu-ztN4UrW7siSD2kU4g7ppfM9FJMWxiycQUfBz9LxQHVsbQ2kc0LuHY0I66NLLazLs5poS6PZhojSGWt3SJTYE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 6005 31 KB
12 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 12:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11937
x-xss-protection: 0
server: cafe
etag: 9249472389583843189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:07:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 6005 11 KB
4 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 19:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 19:05:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6005 0
0 257ms
103ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL7WTAyNGnDl2lGyH2PPWMKoFWrVCopd2BKCmE1j3R0hdhuk-pZj59qf2FfE0yxjeD6uie7DG9WnBODgfVwQIZXWRFo-CJSADT528oXd8MhJ5F6zToD4dCMs4Ve7orHAO5BOfRKl0KXJS2Y1vjGxAUxSpgeRsiRTrRf-u1zjL_AoVRRrHHDILhF-xt_x-dk3h9H3sLzwnZyDohYxbUsFiyjdXkiVXRGAPEkImiYWFAumeF3Dd_rtxgiu3RmeGV17fn3nNVTyjHboYoyKm0LO2PGR77cgOMdJ3DRAlz5gaJ-bUpo6dA4Xw9KPHMpzDiZgBbaD1gePl32VQ-A3Ccy8ywDx8arYJllIfecqbPDrxui3DthJNNq355DdYsavJdZcb-m455lHZjfrdzH7HkMTaa2nA9gKwo1UDzdkWRmG6I_fh6qew2vBoZWqVasDR3BGowjCb2CUlZmY0MZnuwA_jp9KJNpGJ9E0C2Hwrp8BjjYtczvjrma8qHLKoXXY6zrfFhNeG55XCHSQf_iiRW4ZmP64QEu8SVgsVqN-M4KKX8J6AfjfMe8fB4UFXB3YSpjKGB1t2CbZrVZcNlrT8AEr_TMNa-vfjb_j_WPawyJRBk52IQS2FV2zuip6WZv9BbU5llnwG7d23Adow-CEEEYkHZBwauzF40Hsb7KMiYNY0YrmotI517m65y6_LKu5C82rkvgy_L4XAelwwDxjAQsYf9XKpi2VcdV_FkHhJMDitV498Imp_4YyNav9Gh_5JRITMIE7CJnkaIsFBLUZ-9P4PK26lmT3tVxcOdYDsCX6sPQjbyEEVkcC2G0Rq4eB4eh3MNWQ-BRQzF9C-Ulbpd24ggVn2nYkC5TVb0j1moi7PPBBdZpXxXK57-s6772F33691OjrsNgI4zgujH_Iqm978lbQP6TGZwxp0ab9TwH6KoVlwuHloONTtAJS3Ocguj9IbsHooR829OJ0G3b8ubOhzvFN_9ohLrzjdfIwKkPnM1MVK6pLcXbepwBghVeRg9w8ezwhG2x6qeWvyNWW93A_5lB97QGNL01s9pPem5kjLHSdrku8GeUgkbrGlRNnZChC9i_YjAoteE8bGYktz5X0Q8XtIw4Yi4pmO_uoVeweq3uHnNnvwp71ygQ7YnFG5dCFh4dNPjmzPAa-FYvfHuh---de8W5Yvf9t1XHkKn---g0rKhid7E-gIZBEsdVjBPYe7NQj1omb4ApHzRq1jQVWzdTs61ChlqR517UZb1Av5tmSLF-7iqp0QI7rQak67mAw0XrDvkcWSU_Zh3iemkGuTdTWssk24MQcdPH4MJI5-M1VfDipXmrOKVBi_VX-c&sai=AMfl-YSnoKs-4T1Wt0l6kGtBQqD96zMvC5SYUpTlaHp1gjS5cgEfw1rXzJBii3Yfv0uPI17JAK_laHJqkXmQgHwNHku-MrZMBfcbsm_pwHDnCPzKdPtcN5XnTvcnX2dfHVUibcudE7U-7yq8BGhbfVB8jZV9j14df_1BdfhjTQXn-pmPsuNczmXyVXjLB_licqMcT_YVBtXNQv6v8BD2JpVPzrVbtOdGRVvne6moYqGJdEHLSjC6bIk8JNXCcA27-Fw4QDevLuCtoufyICeJ7Qp5Y1lLBiX1RKkGKe2Bckiw56H0_vQDPyy3WdzmqmuIaPR3vIDm7kAJbBoxYDNRrTInxOTEXlyrjvBdQ9erbbulb1q7D6AdzASAD6tztrUfsPf0C6__MFKVdgtdUNBPx1KlC-qq&sig=Cg0ArKJSzM6rV1y0w7awEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231130.07585&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 20:08:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6005 41 KB
14 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 8952355470329858515
s0.2mdn.net/simgad/ Frame 6005 114 KB
115 KB 262ms
81ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8952355470329858515

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8aa1e5595e30ef06a4004e07487cd71354b66c94e399be6922b0a1c03fcb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 04 Dec 2023 22:34:09 GMT
x-content-type-options: nosniff
age: 77645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116885
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 11:34:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:34:09 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 6005 295 B
319 B 79ms
79ms Image
image/png 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 04 Dec 2023 22:06:07 GMT
x-content-type-options: nosniff
server: cafe
age: 79326
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 22:06:07 GMT

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 6005 35 B
2 KB 192ms
89ms Image
image/gif 2a02:26f0:3100:78b::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=11857683&siteID=N192603.1972103DOUBLECLICKBIDMAN&creativeID=204958673&placementID=381635094&rnd=2636663063&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100:78b::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Tue, 05 Dec 2023 20:08:14 GMT
P3P: CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires: Tue, 05 Dec 2023 20:08:14 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 6005 3 KB
2 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 18:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 18:55:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1040 1 KB
643 B 78ms
77ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 13803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 6005 30 KB
12 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a9715e1af7ac7b2f65f32a853e2da82c6a584a53f45cec9061ba96e2d11949a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 11:45:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11813
x-xss-protection: 0
server: cafe
etag: 8271195172753506022
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 11:45:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6005 202 KB
64 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:08:14 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2498
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1

43 B
767 B

58ms
58ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axir0sj-ATAB&v=APEucNVRkltO3BuF474yxCa5GYDWlU1RmkncWnq57-9dx5W7GHMPxQEeqvi_TfYaCs73VfMzCegUJY6akBsMDkOAlPjQX53Isu-ztN4UrW7siSD2kU4g7ppfM9FJMWxiycQUfBz9LxQHVsbQ2kc0LuHY0I66NLLazLs5poS6PZhojSGWt3SJTYE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxRcEc8piBvr8EFFLujFijh3FVd69t8bQUjM09IabgbTQIct0Q0Pu%2FZfKQFsMYHXWk6O8gQKP%2FHRIrtbvKBrCuEeZaVKsdE6fjZizCiajZz4jUo63sn0H8oaC4MyeCJLxQzJySVz3L4WDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830eeb80fb9544f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2498
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.DLijfxn6D3HhTjmpRwwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1&google_hm=2

43 B
734 B

82ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axir0sj-ATAB&v=APEucNVRkltO3BuF474yxCa5GYDWlU1RmkncWnq57-9dx5W7GHMPxQEeqvi_TfYaCs73VfMzCegUJY6akBsMDkOAlPjQX53Isu-ztN4UrW7siSD2kU4g7ppfM9FJMWxiycQUfBz9LxQHVsbQ2kc0LuHY0I66NLLazLs5poS6PZhojSGWt3SJTYE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUiGTZPHGul2HZ9H35LfsfqwSvXksCLGAysCaes4utewUEswt2q4jbwjXFK9LMBf0Ic7kd6PsHnqhZ3zurRuFeir12U8iN%2B21F1DZ8YgxX4%2FNTVLsVWf%2Bxk2Ct%2FP5ySIDEXYAzs6ikKJhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830eeb812c0444f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjh3tPTKd3GxjZqXsaMESE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2498
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKse63T-LkcEuu5gkkv7KuQ&google_cver=1

43 B
524 B

32ms
32ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKse63T-LkcEuu5gkkv7KuQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axir0sj-ATAB&v=APEucNVRkltO3BuF474yxCa5GYDWlU1RmkncWnq57-9dx5W7GHMPxQEeqvi_TfYaCs73VfMzCegUJY6akBsMDkOAlPjQX53Isu-ztN4UrW7siSD2kU4g7ppfM9FJMWxiycQUfBz9LxQHVsbQ2kc0LuHY0I66NLLazLs5poS6PZhojSGWt3SJTYE

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
an-x-request-uuid: ec68fee6-38c4-44ab-b634-cd05afed0dce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.237; 193.32.248.237; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKse63T-LkcEuu5gkkv7KuQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuid
ib.adnxs.com/ Frame 2498 43 B
576 B 114ms
32ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
an-x-request-uuid: ef8904de-f8a2-425f-b514-4261b7320894
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.237; 193.32.248.237; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1040
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1&google_push=AXcoOmT5J8Y7qnG7rHTZFoPeJiLg-QzN3EDlNle1tVcVLFkIjpP62rlJ7pXcVZ23dpCW_W-cMvD_6wZg9soH7AEXSigok_CvqTZBYlI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODc0ODg1NTI2MzY3MjMwOTM0Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1

43 B
398 B

91ms
32ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 20:08:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKfsBFqMpQh7nWEFWuWp6Qs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1040
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLE...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJw...

43 B
424 B

247ms
228ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830eeb81dd57bfb7-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 4527
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEe5KiO-XL-Tll8vFXRBq2o&google_cver=1&google_push=AXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTec_0M4oSv7LPa8ccpoklTAZli2GcZR_09aIoglwa65FbHgWclLix2rTbqJaP1ldqj3vfpOtsqX9e5cDHr47LnavTzbJwLEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830eeb805aaebfb7-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1040
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-J4c4qstpVMijCn-mWY74&google_push=AXcoOmQjPjXOEwhdA9JfR8hSnYwvG4O6vA2dGRATLZv7syxfU62ckr5yoC...

170 B
243 B

67ms
67ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-J4c4qstpVMijCn-mWY74&google_push=AXcoOmQjPjXOEwhdA9JfR8hSnYwvG4O6vA2dGRATLZv7syxfU62ckr5yoCKpILs4oCKcVWJKERF5lACNz3mUfcbeosWTNp_aAFDSRys

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230021-FRA
pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701806894.143096,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-J4c4qstpVMijCn-mWY74&google_push=AXcoOmQjPjXOEwhdA9JfR8hSnYwvG4O6vA2dGRATLZv7syxfU62ckr5yoCKpILs4oCKcVWJKERF5lACNz3mUfcbeosWTNp_aAFDSRys
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1040 0
173 B 116ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPujc5fKg-bJt3cXRnsRbyw&google_cver=1&google_push=AXcoOmRpt9TUX-ov1lhLnXLg5OJyLbO0h--eHQ5sbEEtTJjZhFumxitsNmPG5DK6o3H2mYxWwEEWEU1da1K81OrHPvIRRJMC0h-4znY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 1040 43 B
146 B 102ms
29ms Image
image/gif 18.184.108.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHB3AEXQavpQ5cLx3T5i8ig&google_cver=1&google_push=AXcoOmStzDNvnPc2-Eehc3ROUDjVo8_wBfMUX-3Zuj6XRUnjYPbknUsEjVffhTAT179f7ywWFfu0CVgqZl26GqRXTH9oFNyrJyRwhM8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1040 43 B
363 B 109ms
32ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQANQFUc3xpl_e9q0s2DOdLbVvTsV9rz6hL_YCGQcKWPBGpjZx43KiJDkF1FILD0Lv68O7hS7h-n8GPrkcB3IgBGMxSbhk5azE&google_gid=CAESEMuHQyuwUp8gXTfGJzfFfU0&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219000
expires: Tue, 05 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 1040
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELg4wh1wBoR5...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSOHBAz-B7B4xZ6QK23ke1vGATw9AZXrMbPJYQEfmlIqctQB7hBRmapCILF5ON1XhRkBW6C4ZkJ2ZL4QVPNeGkAjAzZnb9zBDZv
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

54ms
54ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2619350739~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1701806893&rafmt=1&to=qs&pwprc=7400251490&format=387x280&url=https%3A%2F%2Fwelovesharks.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701806893198&bpp=2&bdt=2396&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8b0c6909c545d8%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw&gpic=UID%3D00000ce346149ed9%3AT%3D1701806892%3ART%3D1701806892%3AS%3DALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8029602632257&frm=20&pv=1&ga_vid=965731825.1701806892&ga_sid=1701806892&ga_hid=1578827295&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079865%2C44807405%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=1796167952991891&tmod=976470483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

expires: Tue, 05 Dec 2023 20:08:14 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1040 0
130 B 178ms
67ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImX0Uz3HC7Tpr3v9EOhQzd1eWpYXm_75x1pmWMG87GDLIlUNFvZLwLeP7dTzcQw1DWNXEMDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E309 38 KB
13 KB 76ms
75ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E309 39 KB
15 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 15:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 15:11:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E309 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BK46lLYNvZYyoGae4vcAPg9ui2AUAAAAAOAHgBAI&bg=!WFulWxTNAAY3kmNgF5I7ADQBe5WfOJu_iJjxJmg3wdGxDW2y8Pkjw_pMDLAgSwgmxs7kiKEfaJ_NvAumJGwf3V3YtQ6HAgAAADNSAAAAAmgBBwoADk--jOhFNOnbq_KT2Cp5mQLY7Src1aRHpkt7ASNYnmVPLXYKpjX7gyjwXJTtiHouTpFV1ZEXs4j988gg7tHTaUZxpF6JwS1eLXlVluEBI7OAttOu1xserxaQFducPjuZVRxJ2CAJWA0gQ3YGmKazI8DThw98mm2zJKM-9KicUiX2uHnVryM2tmj5Q-nXXScAi_sT5Y3Icmt3VruhaRrVu07dsa4HZKpD75jx8Sj08oBCF6zdb9UZC-sl9tdF7s0Ga3UNvYwIzIPeuhg2NMsVdE1q2Yk5jkU_0BXkfoUsgiUNySO7aqBIAfa6RTkvlmTVGqF9gXAxFkDAnObPmf_gvtCVOdgdWi7BROZFf87BZV_1Zp3so2LtgbHDkWJtMKXuAD67ByJorbL8wDCUwBIPKkgvuqzL2FM9rOznPDLl_XM87Cn5dX4_ySJrw4obLz6VJCISneejS_sOWJXIWnB5LLIgv4ElWAPtH9MNqtSyLvmgHYO3tgwMhzQZP8aIGNacXCc5kwGiso9AIyqunHG1xFr9S27NBr8QIu0rYanTS-KiWBa-eKCDvHZVSplh8Yp6x9TJs9BN-sCNrnFsAmWT4dWO7Ic3n44OiFK6LWgb00hN-91rNMwjClky3JVhgGW8YD8-aqG6JMd8rtBrVS78FYDI6DonEPmLw2rmddd_hX1an79tyQhMuU3Tf-nebXyBMqwP--oqOjQW2byiB6h-dUywofoLEIQ7gkBMbW9gj0EkHGpLQWQz5ni1PIIKlroEP0O4cRxl25SKcEcj3LUgkkJGpjM0rJ3GzmtAg4ePT4Q-XziYsZL9lMpMWO6rVIoAj6lNfojFSGEp848OsvFEFQ7n9A_wFI0pI5tyk4cRNjTz0O6NRbNgi_fNIuoOKms96ePso_H5OSt0AfjJyvAmp0BCd_-Oizua4KSr6wZbbdYo_ZHf8ezTY1aE0kGddq-DA6SGogpalh_Nn6No0Wf_JDqmhqjdakyAkZc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6005 0
0 95ms
95ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL7WTAyNGnDl2lGyH2PPWMKoFWrVCopd2BKCmE1j3R0hdhuk-pZj59qf2FfE0yxjeD6uie7DG9WnBODgfVwQIZXWRFo-CJSADT528oXd8MhJ5F6zToD4dCMs4Ve7orHAO5BOfRKl0KXJS2Y1vjGxAUxSpgeRsiRTrRf-u1zjL_AoVRRrHHDILhF-xt_x-dk3h9H3sLzwnZyDohYxbUsFiyjdXkiVXRGAPEkImiYWFAumeF3Dd_rtxgiu3RmeGV17fn3nNVTyjHboYoyKm0LO2PGR77cgOMdJ3DRAlz5gaJ-bUpo6dA4Xw9KPHMpzDiZgBbaD1gePl32VQ-A3Ccy8ywDx8arYJllIfecqbPDrxui3DthJNNq355DdYsavJdZcb-m455lHZjfrdzH7HkMTaa2nA9gKwo1UDzdkWRmG6I_fh6qew2vBoZWqVasDR3BGowjCb2CUlZmY0MZnuwA_jp9KJNpGJ9E0C2Hwrp8BjjYtczvjrma8qHLKoXXY6zrfFhNeG55XCHSQf_iiRW4ZmP64QEu8SVgsVqN-M4KKX8J6AfjfMe8fB4UFXB3YSpjKGB1t2CbZrVZcNlrT8AEr_TMNa-vfjb_j_WPawyJRBk52IQS2FV2zuip6WZv9BbU5llnwG7d23Adow-CEEEYkHZBwauzF40Hsb7KMiYNY0YrmotI517m65y6_LKu5C82rkvgy_L4XAelwwDxjAQsYf9XKpi2VcdV_FkHhJMDitV498Imp_4YyNav9Gh_5JRITMIE7CJnkaIsFBLUZ-9P4PK26lmT3tVxcOdYDsCX6sPQjbyEEVkcC2G0Rq4eB4eh3MNWQ-BRQzF9C-Ulbpd24ggVn2nYkC5TVb0j1moi7PPBBdZpXxXK57-s6772F33691OjrsNgI4zgujH_Iqm978lbQP6TGZwxp0ab9TwH6KoVlwuHloONTtAJS3Ocguj9IbsHooR829OJ0G3b8ubOhzvFN_9ohLrzjdfIwKkPnM1MVK6pLcXbepwBghVeRg9w8ezwhG2x6qeWvyNWW93A_5lB97QGNL01s9pPem5kjLHSdrku8GeUgkbrGlRNnZChC9i_YjAoteE8bGYktz5X0Q8XtIw4Yi4pmO_uoVeweq3uHnNnvwp71ygQ7YnFG5dCFh4dNPjmzPAa-FYvfHuh---de8W5Yvf9t1XHkKn---g0rKhid7E-gIZBEsdVjBPYe7NQj1omb4ApHzRq1jQVWzdTs61ChlqR517UZb1Av5tmSLF-7iqp0QI7rQak67mAw0XrDvkcWSU_Zh3iemkGuTdTWssk24MQcdPH4MJI5-M1VfDipXmrOKVBi_VX-c&sai=AMfl-YSnoKs-4T1Wt0l6kGtBQqD96zMvC5SYUpTlaHp1gjS5cgEfw1rXzJBii3Yfv0uPI17JAK_laHJqkXmQgHwNHku-MrZMBfcbsm_pwHDnCPzKdPtcN5XnTvcnX2dfHVUibcudE7U-7yq8BGhbfVB8jZV9j14df_1BdfhjTQXn-pmPsuNczmXyVXjLB_licqMcT_YVBtXNQv6v8BD2JpVPzrVbtOdGRVvne6moYqGJdEHLSjC6bIk8JNXCcA27-Fw4QDevLuCtoufyICeJ7Qp5Y1lLBiX1RKkGKe2Bckiw56H0_vQDPyy3WdzmqmuIaPR3vIDm7kAJbBoxYDNRrTInxOTEXlyrjvBdQ9erbbulb1q7D6AdzASAD6tztrUfsPf0C6__MFKVdgtdUNBPx1KlC-qq&sig=Cg0ArKJSzM6rV1y0w7awEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=466&vt=11&dtpt=465&dett=2&cstd=0&cisv=r20231130.07585&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6005 42 B
64 B 121ms
120ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5Pf80VowhBaT5BITpUAHDaptzGadK2mKuc9p5DgkiPEKanO6VA6d06tTb6TCoydi8szAQUE_8-Cuy4ptNrB54ofMN2nsdgKBGBYAXy_tR2REUz-WsjIXAPfPjpJ4BCSh41USHzFofY6-y&sai=AMfl-YS2oEaTBWqioWZvG_N2b2whhPRQ1zhOSNLuzHoAk4f58uup35PRwy3jprp95mx3OQuayqM3A5KIpYI9DmEK6vmEoeMzpCpZRyM1lfPKS8kLbXcXF3sdn9S8oVLgUxnGBOE235k_RA&sig=Cg0ArKJSzEcZBD1coRtUEAE&cid=CAQSOwDICaaN6VRk2NMPOhed-CbXK26TG4zGuEwBTyUbVD59WxOgfI08HtEOVJxPfYlCJ-xIQu2L8EkiYjRqGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4110419616&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701806893205&rpt=1210&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 20:08:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E0E 13 KB
5 KB 79ms
75ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:18:13 GMT
expires: Wed, 04 Dec 2024 17:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5BC 829 B
1 KB 253ms
87ms Document
text/html 2a00:1450:4001:813::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

e5ecb98bc821d3f39d663e23c4b8409e96b10934ca4573f04ed2d75d872ce45f

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-F-_T1S5VnCXIat7I7dZJPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://welovesharks.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-F-_T1S5VnCXIat7I7dZJPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:08:16 GMT
expires: Tue, 05 Dec 2023 20:08:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E0E 39 KB
15 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 15:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 15:11:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E0E 0
10 B 75ms
75ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vw2keQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 05 Dec 2023 20:08:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5BC 0
0 111ms
111ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=1796167952991891&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: FreshStoreAva/1.0

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.welovesharks.club/	1970-01-21 02:19:26	Name: _ga_KZXLHSZW3W Value: GS1.1.1701806891.1.0.1701806891.0.0.0
.welovesharks.club/	1970-01-21 02:19:26	Name: _ga Value: GA1.1.965731825.1701806892
welovesharks.club/	1970-01-21 02:09:22	Name: _pk_id.64.5f3a Value: a12140986c60bce7.1701806892.
welovesharks.club/	1970-01-20 16:43:28	Name: _pk_ses.64.5f3a Value: 1
.welovesharks.club/	1970-01-21 02:05:02	Name: __gads Value: ID=1e8b0c6909c545d8:T=1701806892:RT=1701806892:S=ALNI_MZ-WFGELVBMKOYsuZqRQNjhcCxrLw
.welovesharks.club/	1970-01-21 02:05:02	Name: __gpi Value: UID=00000ce346149ed9:T=1701806892:RT=1701806892:S=ALNI_MYLaR1LvMhyUiHrWy2X4Mi8a5DDFg
.welovesharks.club/	1970-01-21 01:29:02	Name: FCNEC Value: %5B%5B%22AKsRol9bux2Ka-B1wEFvr2DzlsmHn7tglqz1wk5PJAw575pRH2D9SiCrla_WQ7ouP6pDOR8Kz-o5J7a6HrhvjYKlbF4Bglvn3AO2O9-xZBCsHIc5OJEpn96DlXwzHUSKZ0EoAljplqPf-2-yDyk2qoGg-NWS6pld4A%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-21 02:05:02	Name: IDE Value: AHWqTUl1rvXJZEe-mWfhXJUQXMhRCfzb4jAMRMQ1x68QZE13ntx39jo24oOAs0kBDpw
.casalemedia.com/	1970-01-21 01:29:02	Name: CMID Value: ZW.DLijfxn6D3HhTjmpRwwAA
.casalemedia.com/	1970-01-20 18:53:02	Name: CMPS Value: 2234
.casalemedia.com/	1970-01-20 18:53:02	Name: CMPRO Value: 2234
.insightexpressai.com/	1970-01-21 01:29:02	Name: DW Value: 00000000-0000-0014-8e1a-a31701806894
.insightexpressai.com/	1970-01-21 02:19:26	Name: IXAI71129 Value: FTF
.insightexpressai.com/	1970-01-21 01:29:02	Name: DW_Time Value: 1701806894
.insightexpressai.com/	1970-01-21 01:29:02	Name: TID Value: 00000000-0000-0014-8e1a-a31701806894
.blismedia.com/	1970-01-21 01:29:06	Name: b Value: 656F832E66A49FAE6D5237C5BLIS
.turn.com/	1970-01-20 21:02:38	Name: uid Value: 8748855263672309346
.tribalfusion.com/	1970-01-20 18:53:02	Name: ANON_ID Value: aUntuJON6Je8ZbUxralUAw5NJZakynYlbALVg0L90cY8Js3vXqC10VXwsTQZdFWkty4yhu2JmGZbxuTGRZbh9d5B2tpQG

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
analytics.freshstore.cloud
cm.g.doubleclick.net
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
secure.insightexpressai.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
welovesharks.club
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.36.155
142.250.184.194
151.101.2.49
169.150.247.39
178.250.1.9
18.184.108.41
185.89.210.46
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.34
23.32.185.35
2606:4700::6812:18ad
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200a
2a02:26f0:3100:78b::1ec4
34.23.59.145
34.96.105.8
0527b799cb6ea8b001ee5861d2944e9b79f0436529551f51a52435c188117e3b
0a29f6113bf955135d21c3919d843e4804e3ff29583c6634592bf32808564c14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
17f33ff3e7969c55a61dded2724cc4eb3c02d75101a4cb73af25d72ca21f70d4
181d7f77cab8d690241535db7fbcd455dfcf5e1896761f0d4325c67a15cda5bb
198f6ead14104f623e948c55dec7d14891c1c63657c1141c41d113cea8d9c1ba
1a9715e1af7ac7b2f65f32a853e2da82c6a584a53f45cec9061ba96e2d11949a
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
24235cf55015d96a63e534d34de6f01c94d26f50a7d0d195b7e909de3427a928
252dd981a18132fe362b8c1d58b68bec40a81a95f8fe28ed0ebedd91c8f6a456
28dbf9dc8dde0505ecbe610eeebe99cd4957e14deceb0dedc7d4f755237e5f80
2a5e0643f8353f8e194f69e9cb186208f1e820d3844927a7b17bb06780ef1ca7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39833f961cf193f3d708dd613ddbe670139eb6fe8e0984a51100ef3d54963801
424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ec7a3cb2961dbab71f134baa7a07acbb6250f1623633f33c7a74672ec86426
59cb5814624f670857b35d854b4ae392b9cead23bc751046b2b0e0558729fe47
5a8aa1e5595e30ef06a4004e07487cd71354b66c94e399be6922b0a1c03fcb87
6168b9112f127850fb0451fcbc7b802d311cb2e230d417754fee65041a8290ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
689f16c953bb3f797bc6a118b1fadf6fa44c091ffbed32d8ddcab2c6b891c273
6ba3a89560e8ef46f06114e7b5cc9af89915288900255df7290640175d28c73c
6bb3d2fe0ce8bcc45ff0160a29b27ab1a45c4c7e5cf5ea426fd2a4c3925bdc9a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8de89aa46a9cc04073ad73e58e31148b51f0ed5c8815e9da06d50c47f855b2f7
966a2026a9133b35376a92098068e63eb0aa6e498b177286ff1ff93bb8c6d3c1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b75c396cfa9a04df34ee2f285e1ebd83ed883d2f23243af4fd16054b110a02a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
accf52a4ef9a46194afb46b07fad469886707705d14b559387f1eab150b5232f
af45fc01bf6a3ab2e75e5300a1f186c91d6de16c96d8fd27f6fc0ffb303b6635
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e85bf817418063c7bef172d47b552bf79e60e32dfe2f8783d487609c4b8b19
b8036a80bc24bfd85e4127fd0cd698cea56578ce0af86f9a27d86443d5ae19bd
bc1800cc9aa2f2a7921a64a2b7e46d0ceaa4b3972fcf5aaab8a2f7f3d859284d
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cb29addf433dfb66b11ccff8f4ba4d390fd356877e0a7b8c94eed4389dd380a9
cf14835d8afe637561251c8d8e32d654eee20093edd87770cb57a3f288485635
d95c710711cb1973d6a27ee6d18c65051582f6cfa10b4224a3af19b2475dbd6f
dcf0013c8b956a0ce5adcd963a2176fa9fbac7be20dd433da0c8340447e9d55f
e111328c2517f59fbb6b8c48f4cdb63229b1f22c5f9d4576c13b6c921b3afd48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ecb98bc821d3f39d663e23c4b8409e96b10934ca4573f04ed2d75d872ce45f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa8a13bc294c11f63cab67ce0856b3c0c2bf6adcfcace85cddb579645705a38
f00da885fe9f06f083ff7377c1d3af05a1592e9fd1334d6e14d91a28bddd5ea3
f55c222a3ec0d6477c322c90b5e92232e78e849091691d132882b90a71369d9a
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
fadcefb72de17f1369e5ec263a44ccebccf9d9c1aeccb9968c598524596cf56c
fe4b305e7a2e8692f3b331449f817c147f8b3330e294141072a40e823243b3b8

welovesharks.club Open in urlscan Pro 169.150.247.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

90 %HTTPS

54 %IPv6

21 Domains

27 Subdomains

24 IPs

5 Countries

1835 kBTransfer

2884 kBSize

18 Cookies

6 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

welovesharks.club Open in urlscan Pro
169.150.247.39 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

90 %
HTTPS

54 %
IPv6

21
Domains

27
Subdomains

24
IPs

5
Countries

1835 kB
Transfer

2884 kB
Size

18
Cookies

79 HTTP transactions
7 data transactions