URL: https://mshares.co/file/PnjT1icg
Submission: On April 26 via api from US

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 65 HTTP transactions. The main IP is 2606:4700:3037::681b:b904, located in United States and belongs to CLOUDFLARENET, US. The main domain is mshares.co.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 25th 2020. Valid for: 7 months.
This is the only time mshares.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
33 mshares.co mshares.co
pagead2.googlesyndication.com
6 www.google.com 1 redirects mshares.co
www.gstatic.com
5 pagead2.googlesyndication.com mshares.co
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 use.fontawesome.com mshares.co
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 connect.facebook.net mshares.co
connect.facebook.net
2 fonts.gstatic.com mshares.co
1 www.google.de mshares.co
1 stats.g.doubleclick.net 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ajax.googleapis.com yoads.network
1 www.gstatic.com www.google.com
1 fonts.googleapis.com mshares.co
1 www.googletagmanager.com mshares.co
1 yoads.network mshares.co
65 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
mshare.io
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-02-25 -
2020-10-09
7 months crt.sh
www.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.google.de
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-04-15 -
2020-07-14
3 months crt.sh
www.google.de
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh

This page contains 9 frames:

Primary Page: https://mshares.co/file/PnjT1icg
Frame ID: 9794C3C18C5918E0DE1201E547B10A38
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/zrt_lookup.html
Frame ID: BCFBED128C5C2E84D2A1FA65BF017380
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=f3coa4epw72p
Frame ID: 99489519BCD2B42F5C8171F4F607D899
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=vcl544w0ebrq
Frame ID: F486C24D534F3345C0CDCFED565F36D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2611488754353132&output=html&h=280&slotname=6034925466&adk=3647293160&adf=3152640392&w=336&lmt=1587875642&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&flash=0&wgl=1&adsid=NT&dt=1587875642703&bpp=25&bdt=148&idt=280&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3414777180016&frm=20&pv=2&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=826&ady=447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UTJWMGYkVc&p=https%3A//mshares.co&dtd=299
Frame ID: 488F9708929EFCEA901B6F7AE3EBC1BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2611488754353132&output=html&adk=1812271804&adf=3025194257&lmt=1587875643&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587875642871&bpp=1&bdt=316&idt=283&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3414777180016&frm=20&pv=1&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
Frame ID: B646E31C5F9D4AED77A55FA36BBC74F7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&cb=jadxvznnbonc
Frame ID: BFBE76E0913A0572FDDC21CEAE9D7CC3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&cb=68020gpd0w68
Frame ID: 0FB34A41923B03B3931A3860F1744CC9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 293E7ED7D19CA7BDE245CEC344EF96B6
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i


Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

65
Requests

100 %
HTTPS

93 %
IPv6

13
Domains

19
Subdomains

14
IPs

4
Countries

911 kB
Transfer

2530 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=819862422&t=pageview&_s=1&dl=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&ul=en-us&de=UTF-8&dt=Physiology.rar%20-%20Mshares&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=541804676&gjid=1658196040&cid=1853409560.1587875643&tid=UA-114571019-4&_gid=1713616884.1587875643&_r=1&gtm=2ou4f0&z=1143356886 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_gid=1713616884.1587875643&gjid=1658196040&_v=j81&z=1143356886 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886&slf_rd=1&random=1486701722

65 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request PnjT1icg
mshares.co/file/
23 KB
7 KB
Document
General
Full URL
https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
b8874a1a280da987d0a8996ab4f76102477f15f72a6106f2e1d745821ee28ebb

Request headers

:method
GET
:authority
mshares.co
:scheme
https
:path
/file/PnjT1icg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 26 Apr 2020 04:34:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df57bc846294c7366086cb14be60639d91587875641; expires=Tue, 26-May-20 04:34:01 GMT; path=/; domain=.mshares.co; HttpOnly; SameSite=Lax; Secure PHPSESSID=r3ies3m5ve3sp05sd9em6q3sc0; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info=1; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_brand_name=generic+web+browser; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_model_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ device_info_marketing_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ device_info_preferred_markup=html_web_4_0; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_is_wireless_device=false; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_resolution_width=800; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_resolution_height=600; expires=Tue, 26-May-2020 04:34:02 GMT; Max-Age=2592000; path=/ device_info_device_os=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ visitor_info=a%3A1%3A%7Bs%3A2%3A%22ip%22%3Bs%3A20%3A%222a01%3A4f8%3A192%3A5414%3A%3A2%22%3B%7D; expires=Mon, 27-Apr-2020 04:34:02 GMT; Max-Age=86400; path=/
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
589d96c95c4b05e4-FRA
content-encoding
br
cf-request-id
02565c91d8000005e4c61de200000001
font-awesome.min.css
mshares.co/templates/default/default/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/font-awesome.min.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796476
etag
W/"5ac5fcf1-7186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cea05e4-FRA
cf-request-id
02565c94c1000005e4c6215200000001
expires
Tue, 05 May 2020 09:32:46 GMT
flaticon.css
mshares.co/templates/default/default/css/
2 KB
633 B
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/flaticon.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a8cf81e8bb9e65576b34a05cf9f69548d60fcb153ca6e606bce80c08b1911f

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
171644
etag
W/"5ac5fcf1-756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0ceb05e4-FRA
cf-request-id
02565c94c1000005e4c6216200000001
expires
Sun, 24 May 2020 04:53:18 GMT
bootstrap.min.css
mshares.co/templates/default/default/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/bootstrap.min.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
171644
etag
W/"5ac5fcf1-1d970"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cec05e4-FRA
cf-request-id
02565c94c1000005e4c6217200000001
expires
Sun, 24 May 2020 04:53:18 GMT
animate.css
mshares.co/templates/default/default/css/
75 KB
4 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/animate.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1a099a4cb205b5a29d47b4ba845ab5a38d8f76d493c1d0152afa64e0c7d45a

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:44 GMT
server
cloudflare
age
1796475
etag
W/"5ac5fcf0-12bef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cee05e4-FRA
cf-request-id
02565c94c1000005e4c6218200000001
expires
Tue, 05 May 2020 09:32:47 GMT
owl.carousel.css
mshares.co/templates/default/default/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/owl.carousel.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796374
etag
W/"5ac5fcf1-1206"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cef05e4-FRA
cf-request-id
02565c94c1000005e4c6219200000001
expires
Tue, 05 May 2020 09:34:28 GMT
owl.theme.css
mshares.co/templates/default/default/css/
1 KB
512 B
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/owl.theme.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ef53019af4cbfa0a182d8f2791d2fbec540625555ed842f768961166011b8f

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796475
etag
W/"5ac5fcf1-41f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf205e4-FRA
cf-request-id
02565c94c2000005e4c621a200000001
expires
Tue, 05 May 2020 09:32:47 GMT
slick.css
mshares.co/templates/default/default/css/
2 KB
570 B
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/slick.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796474
etag
W/"5ac5fcf1-6c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf305e4-FRA
cf-request-id
02565c94c2000005e4c621b200000001
expires
Tue, 05 May 2020 09:32:47 GMT
slick-theme.css
mshares.co/templates/default/default/css/
3 KB
865 B
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/slick-theme.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8fb0e23ba6eab72a9870e13f9efdabd39edd8db83e01d30134ce9f7d9944ec

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
171644
etag
W/"5ac5fcf1-c56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf405e4-FRA
cf-request-id
02565c94c2000005e4c621c200000001
expires
Sun, 24 May 2020 04:53:18 GMT
owl.transitions.css
mshares.co/templates/default/default/css/
5 KB
769 B
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/owl.transitions.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c63e19392696c9ccbce249541b5b7edeb46ca35679a5f91ed4f6779c0dfdbc

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796474
etag
W/"5ac5fcf1-121e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf605e4-FRA
cf-request-id
02565c94c2000005e4c621d200000001
expires
Tue, 05 May 2020 09:32:48 GMT
jquery.fancybox.css
mshares.co/templates/default/default/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/jquery.fancybox.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d38ba94d6881f24572fe89d1c9986483dfed05a1e9e82b338ef267f63ab940

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:39:45 GMT
server
cloudflare
age
1796474
etag
W/"5ac5fcf1-13bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf705e4-FRA
cf-request-id
02565c94c2000005e4c621e200000001
expires
Tue, 05 May 2020 09:32:48 GMT
style.css
mshares.co/templates/default/default/css/
127 KB
16 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/style.css?v=1?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9334b213f7fbe5dc516d414d97078a450cfa676b7d642c5596a02db01ce91a7

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 03:09:04 GMT
server
cloudflare
age
1796373
etag
W/"5b2f0b50-1fa59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf805e4-FRA
cf-request-id
02565c94c2000005e4c621f200000001
expires
Tue, 05 May 2020 09:34:29 GMT
mystyle.css
mshares.co/templates/default/default/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://mshares.co/templates/default/default/css/mystyle.css?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3609327503a608ead6f99e42eaf9d22fba4a6cbf52547fc9546d98d3f0ac1d53

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 09:16:21 GMT
server
cloudflare
age
1796373
etag
W/"5e6214e5-127c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce0cf905e4-FRA
cf-request-id
02565c94c2000005e4c6220200000001
expires
Tue, 05 May 2020 09:34:29 GMT
api.js
www.google.com/recaptcha/
740 B
563 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e9d0d4a293873be3385fdd53df54dbece7c4645da613186f200001e8cfa215f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
466
x-xss-protection
1; mode=block
expires
Sun, 26 Apr 2020 04:34:02 GMT
logo-2.png
mshares.co/templates/default/default/images/
8 KB
8 KB
Image
General
Full URL
https://mshares.co/templates/default/default/images/logo-2.png
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3fd9e985dde586a7239d83621ee43a30d94c09b7e9f8238296982f972065d7

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
cf-cache-status
HIT
age
5177847
status
200
content-length
8245
cf-request-id
02565c9506000005e4c6234200000001
last-modified
Mon, 09 Apr 2018 02:39:03 GMT
server
cloudflare
etag
"5acad247-2035"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
589d96ce7dcd05e4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
yoads.network/widget/
9 KB
3 KB
Script
General
Full URL
https://yoads.network/widget/script.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8fdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
d766c84c688963f0d655a53c315c9eb11b6af35b61205ed51f9202b0218e9765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6373
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=14400
strict-transport-security
max-age=31536000
cf-ray
589d96ceafcb062d-FRA
cf-request-id
02565c95270000062df8ae1200000001
facebook.png
mshares.co/images/icons/
603 B
734 B
Image
General
Full URL
https://mshares.co/images/icons/facebook.png
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
cf-cache-status
HIT
age
5177846
status
200
content-length
603
cf-request-id
02565c9506000005e4c6235200000001
last-modified
Fri, 15 Jun 2018 07:20:05 GMT
server
cloudflare
etag
"5b2368a5-25b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
589d96ce7dce05e4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter.png
mshares.co/images/icons/
710 B
832 B
Image
General
Full URL
https://mshares.co/images/icons/twitter.png
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
cf-cache-status
HIT
age
5177847
status
200
content-length
710
cf-request-id
02565c9507000005e4c6236200000001
last-modified
Fri, 15 Jun 2018 07:20:16 GMT
server
cloudflare
etag
"5b2368b0-2c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
589d96ce7dcf05e4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vk.png
mshares.co/images/icons/
1 KB
1 KB
Image
General
Full URL
https://mshares.co/images/icons/vk.png
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
158d3d319fb79d040001d51e8f74bad1471995d82e9a790855a16f5411e6c587

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
cf-cache-status
HIT
age
5177847
status
200
content-length
1133
cf-request-id
02565c9507000005e4c6237200000001
last-modified
Fri, 15 Jun 2018 07:20:12 GMT
server
cloudflare
etag
"5b2368ac-46d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
589d96ce7dd005e4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ee24571df9bff632625eece6598e8ae8c5749228a935cce27059ee7a4bd7a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39074
x-xss-protection
0
server
cafe
etag
10571670388425089980
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Apr 2020 04:34:02 GMT
js
www.googletagmanager.com/gtag/
80 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114571019-4
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e826eff6ae57b7cf0cc3961e4df9872fb3d07422cfde1d192a0014023e4832f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30163
x-xss-protection
0
last-modified
Sun, 26 Apr 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Apr 2020 04:34:02 GMT
jquery.min.js
mshares.co/templates/default/default/js/
95 KB
32 KB
Script
General
Full URL
https://mshares.co/templates/default/default/js/jquery.min.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:42:36 GMT
server
cloudflare
age
2585477
etag
W/"5ac5fd9c-17b8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6da805e4-FRA
cf-request-id
02565c94fd000005e4c6226200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
bootstrap.min.js
mshares.co/templates/default/default/js/
36 KB
9 KB
Script
General
Full URL
https://mshares.co/templates/default/default/js/bootstrap.min.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:42:35 GMT
server
cloudflare
age
2585477
etag
W/"5ac5fd9b-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6db805e4-FRA
cf-request-id
02565c9504000005e4c6228200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
jquery-plugin-collection.js
mshares.co/templates/default/default/js/
243 KB
65 KB
Script
General
Full URL
https://mshares.co/templates/default/default/js/jquery-plugin-collection.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4834fdadb1e162d9814a5a3e59b01a9e4ee7cdbd42e2a326a6888f6049e8141f

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 10:42:37 GMT
server
cloudflare
age
2585477
etag
W/"5ac5fd9d-3cc8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6db905e4-FRA
cf-request-id
02565c9504000005e4c6229200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
script.js
mshares.co/templates/default/default/js/
17 KB
4 KB
Script
General
Full URL
https://mshares.co/templates/default/default/js/script.js?ver=3
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834610065c851dd9ff3d85bc3b255df971b3c22e0d1f9c68b1d60f54f139ba58

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jun 2018 10:23:25 GMT
server
cloudflare
age
2585477
etag
W/"5b28d99d-423b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6dbc05e4-FRA
cf-request-id
02565c9504000005e4c622a200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
all.css
use.fontawesome.com/releases/v5.0.13/css/
40 KB
10 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg
Origin
https://mshares.co

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 15:10:14 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
modernizr-2.6.2.min.js
mshares.co/templates/default/default/js/
15 KB
6 KB
Script
General
Full URL
https://mshares.co/templates/default/default/js/modernizr-2.6.2.min.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 02:12:16 GMT
server
cloudflare
age
2585477
etag
W/"5b232080-3c36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6dbe05e4-FRA
cf-request-id
02565c9504000005e4c622b200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
ads.js
mshares.co/js/
129 B
288 B
Script
General
Full URL
https://mshares.co/js/ads.js?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e4fa4be07f3d9147fec82b58733927d3ca7631cd5eab77296fa1bfac3b6cb8

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Nov 2018 02:45:16 GMT
server
cloudflare
age
1791103
etag
W/"5bef80bc-81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce6dbf05e4-FRA
cf-request-id
02565c9504000005e4c622c200000001
expires
Tue, 05 May 2020 11:02:19 GMT
downloader_new.js
mshares.co/js/
13 KB
3 KB
Script
General
Full URL
https://mshares.co/js/downloader_new.js?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3485f89f41cd75caf6ef27c8842075c9cb0dbfe303d69068d2773b96140702f2

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 May 2019 02:01:14 GMT
server
cloudflare
age
1796468
etag
W/"5ce4ad6a-33aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dc405e4-FRA
cf-request-id
02565c9506000005e4c622d200000001
expires
Tue, 05 May 2020 09:32:54 GMT
index.js
mshares.co/js/default/Download/
6 KB
2 KB
Script
General
Full URL
https://mshares.co/js/default/Download/index.js?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe06240d46f053c60ca0bc348ce1b5aef4d0228b56122c7f074ce9db35f9405

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 07:26:07 GMT
server
cloudflare
age
1796372
etag
W/"5c10b80f-171a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dc605e4-FRA
cf-request-id
02565c9506000005e4c622e200000001
expires
Tue, 05 May 2020 09:34:30 GMT
index-download.js
mshares.co/js/default/Download/
19 KB
5 KB
Script
General
Full URL
https://mshares.co/js/default/Download/index-download.js?ver=201809041221
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db9739f1c4062db47781a7bf83383df24ae9aa3da9ce34e4ccc3fb5d51b2087

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 01:48:24 GMT
server
cloudflare
age
1796471
etag
W/"5e4b4268-4d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dc805e4-FRA
cf-request-id
02565c9506000005e4c622f200000001
expires
Tue, 05 May 2020 09:32:51 GMT
Config.js
mshares.co/push/
8 KB
3 KB
Script
General
Full URL
https://mshares.co/push/Config.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ba9d008ba25a080852706fbd7f6e0fbfadba43ad51d2c3617537b83be379a2

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Apr 2019 07:14:14 GMT
server
cloudflare
age
2585477
etag
W/"5cb823c6-217e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dc905e4-FRA
cf-request-id
02565c9506000005e4c6230200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
registrer-push.js
mshares.co/push/
21 KB
5 KB
Script
General
Full URL
https://mshares.co/push/registrer-push.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbb9cacb0ee62628d918c65513a41c4cb65dd415de1b3c31d813cade2a2e4a8

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jul 2017 02:32:50 GMT
server
cloudflare
age
2585477
etag
W/"595c4fd2-54f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dca05e4-FRA
cf-request-id
02565c9506000005e4c6231200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
socket.io.js
mshares.co/push/socket.io/
60 KB
18 KB
Script
General
Full URL
https://mshares.co/push/socket.io/socket.io.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2334957dce6337f415f2c178ba85b82a2487eadfd55848fde6a73dbce57543

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 May 2017 05:07:52 GMT
server
cloudflare
age
171680
etag
W/"59154328-ee8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dcb05e4-FRA
cf-request-id
02565c9506000005e4c6232200000001
expires
Sun, 24 May 2020 04:52:42 GMT
run.js
mshares.co/push/
713 B
365 B
Script
General
Full URL
https://mshares.co/push/run.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56b24a828211ff5860bb62e1cbfcadf329e4a46e0beeb9989a7df193d7fdac8

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Jul 2017 10:35:39 GMT
server
cloudflare
age
2585477
etag
W/"595a1dfb-2c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96ce7dcc05e4-FRA
cf-request-id
02565c9506000005e4c6233200000001
expires
Sun, 26 Apr 2020 06:22:45 GMT
css
fonts.googleapis.com/
5 KB
762 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=vietnamese
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 Apr 2020 04:34:02 GMT
server
ESF
date
Sun, 26 Apr 2020 04:34:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Apr 2020 04:34:02 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/
299 KB
121 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 16:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 04:05:48 GMT
server
sffe
age
473702
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
124243
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:59:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=vietnamese
Origin
https://mshares.co

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
965508
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=vietnamese
Origin
https://mshares.co

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
968823
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: yoads.network
URL: https://yoads.network/widget/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 Apr 2020 11:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1098683
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Apr 2021 11:22:39 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mshares.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mshares.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/
217 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5940cce884179e3fe35babb32a8dad574f56dd03d76e6189d9c4f31c9d778cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
83571
x-xss-protection
0
server
cafe
etag
1371397039064648979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Apr 2020 04:34:02 GMT
fontawesome-webfont.woff2
mshares.co/templates/default/default/fonts/
63 KB
63 KB
Font
General
Full URL
https://mshares.co/templates/default/default/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/templates/default/default/css/font-awesome.min.css?ver=201809041221
Origin
https://mshares.co

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
cf-cache-status
HIT
last-modified
Thu, 05 Apr 2018 11:02:44 GMT
server
cloudflare
age
3652
etag
"5ac60254-fbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
589d96ceeefd05e4-FRA
content-length
64464
cf-request-id
02565c9555000005e4c623d200000001
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/ Frame BCFB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200422/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 23 Apr 2020 07:01:44 GMT
expires
Thu, 07 May 2020 07:01:44 GMT
content-type
text/html; charset=UTF-8
etag
4094386822458569044
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4444
x-xss-protection
0
cache-control
public, max-age=1209600
age
250338
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
sdk.js
connect.facebook.net/vi_Vn/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/vi_Vn/sdk.js
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4510a0c8abc92c07bf84a6b9cc90a86b7079235f25b8e41a4c7d9a7148f67b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QIW4SuyMXLQCQuGmWSv3Ig==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1781
etag
"f65a60c3f26c053b905499588ec07007"
x-fb-debug
JUrmon5cwglhb4Z8BbG+/uGq4j6NMsJABYwjrfuIzPn9wKU556YFXLN7QlMN0iwOKgklzgYw062avR1CAHbNuw==
x-fb-trip-id
420120009
x-fb-content-md5
fcd2abbc3b4566476edd1a84648e4c40
x-frame-options
DENY
date
Sun, 26 Apr 2020 04:34:02 GMT, Sun, 26 Apr 2020 04:34:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 Apr 2020 04:41:38 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/
49 KB
50 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://mshares.co

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
last-modified
Thu, 10 May 2018 15:10:31 GMT
server
NetDNA-cache/2.2
status
200
etag
"8a8c0474283e0d9ef41743e5e486bf05"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
50372
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/
60 KB
60 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://mshares.co

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
last-modified
Thu, 10 May 2018 15:10:25 GMT
server
NetDNA-cache/2.2
status
200
etag
"3654744dc6d6c37c9b3582b57622df5e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
61336
check-file
mshares.co/download/
65 B
410 B
XHR
General
Full URL
https://mshares.co/download/check-file?file_id=5d48042147c4da1d618b5116
Requested by
Host: mshares.co
URL: https://mshares.co/templates/default/default/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
a0d3646211ed885c171c58827df3eb759a309f3d269fce5eba83a43ec0b214c8

Request headers

Accept
*/*
Referer
https://mshares.co/file/PnjT1icg
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Apr 2020 04:34:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
589d96d008d105e4-FRA
cf-request-id
02565c9600000005e4c624c200000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
blockadblock.js
mshares.co/js/
7 KB
2 KB
Script
General
Full URL
https://mshares.co/js/blockadblock.js
Requested by
Host: mshares.co
URL: https://mshares.co/js/default/Download/index.js?ver=201809041221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d2a6273a1a98975768d23a1723a6edb6eb046328a6cea5cb45511a8a2e39e6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg
Origin
https://mshares.co

Response headers

date
Sun, 26 Apr 2020 04:34:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Nov 2018 04:48:43 GMT
server
cloudflare
age
2585472
etag
W/"5bf786ab-1b22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
589d96d008d305e4-FRA
cf-request-id
02565c9601000005e4c624d200000001
expires
Sun, 26 Apr 2020 06:22:50 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9948
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=f3coa4epw72p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N8BN5gWY3XpyxGBpmeNFnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=f3coa4epw72p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Apr 2020 04:34:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-N8BN5gWY3XpyxGBpmeNFnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9885
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame F486
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=vcl544w0ebrq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-moQTQ2UZRn/8yAJJJMjOEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&co=aHR0cHM6Ly9tc2hhcmVzLmNvOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=vcl544w0ebrq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Apr 2020 04:34:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-moQTQ2UZRn/8yAJJJMjOEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10187
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114571019-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6927
date
Sun, 26 Apr 2020 02:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sun, 26 Apr 2020 04:38:35 GMT
sdk.js
connect.facebook.net/en_US/
394 KB
115 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d08736f340b1aa4074854b91e1674e26&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_Vn/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50936a76ab4e64963199797afd060c20b04065e0119bd1d0b065710b10da9694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg
Origin
https://mshares.co

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kw/Zvzawxih9oy1uH9XQNQ==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
116980
etag
"8e952d02bc4d954a98b6b29b9bf760b6"
x-fb-debug
Kbcgyun+NouB1erxF64/sKBP+WRDgj6AqDcB+DlneWkUObpWSrKUvOmJYI+MvuDhvziIJ1wlCbjXOlw9cl+wiQ==
x-fb-trip-id
420120009
x-fb-content-md5
b3317cb515acf34e68eaab26908730d6
x-frame-options
DENY
date
Sun, 26 Apr 2020 04:34:02 GMT, Sun, 26 Apr 2020 04:34:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 26 Apr 2021 04:21:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 488F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2611488754353132&output=html&h=280&slotname=6034925466&adk=3647293160&adf=3152640392&w=336&lmt=1587875642&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&flash=0&wgl=1&adsid=NT&dt=1587875642703&bpp=25&bdt=148&idt=280&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3414777180016&frm=20&pv=2&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=826&ady=447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UTJWMGYkVc&p=https%3A//mshares.co&dtd=299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2611488754353132&output=html&h=280&slotname=6034925466&adk=3647293160&adf=3152640392&w=336&lmt=1587875642&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&flash=0&wgl=1&adsid=NT&dt=1587875642703&bpp=25&bdt=148&idt=280&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3414777180016&frm=20&pv=2&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=826&ady=447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UTJWMGYkVc&p=https%3A//mshares.co&dtd=299
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Apr 2020 04:34:03 GMT
server
cafe
content-length
198
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Apr-2020 04:49:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Sun, 26 Apr 2020 04:34:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587573036175118"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27875
x-xss-protection
0
expires
Sun, 26 Apr 2020 04:34:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B646
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2611488754353132&output=html&adk=1812271804&adf=3025194257&lmt=1587875643&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587875642871&bpp=1&bdt=316&idt=283&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3414777180016&frm=20&pv=1&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2611488754353132&output=html&adk=1812271804&adf=3025194257&lmt=1587875643&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1587875642871&bpp=1&bdt=316&idt=283&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3414777180016&frm=20&pv=1&ga_vid=1853409560.1587875643&ga_sid=1587875643&ga_hid=819862422&ga_fc=0&iag=0&icsg=141476826710015&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531&oid=3&pvsid=1178294853891090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 26 Apr 2020 04:34:03 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Apr-2020 04:49:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Sun, 26 Apr 2020 04:34:03 GMT
cache-control
private
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=819862422&t=pageview&_s=1&dl=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&ul=en-us&de=UTF-8&dt=Physiology.rar%20-%20Mshares&sd=24-bit&sr=1600x1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_gid=1713616884.1587875643&gjid=1658196040&_v=j81&z=1143356886
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886&slf_rd=1&random=1486701722
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886&slf_rd=1&random=1486701722
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Apr 2020 04:34:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Apr 2020 04:34:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-114571019-4&cid=1853409560.1587875643&jid=541804676&_v=j81&z=1143356886&slf_rd=1&random=1486701722
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame BFBE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&cb=jadxvznnbonc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-46VOrqOEmVTJEhwC7X1RJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcGpKQUAAAAAAMbz6xaX5PK6giufS5YWpo2JWzt&cb=jadxvznnbonc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Apr 2020 04:34:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-46VOrqOEmVTJEhwC7X1RJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1181
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/
0
68 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=3152640392&client=ca-pub-2611488754353132&eid=21065531%2C21065474&et=2&io=0&saldr=aa&oa=0.00&qid=CI_snd2hhekCFU_JuwgdTocLQw&roa=0&slot=6034925466&sp=0%2C0&tgt=ins%2Faswift_0_expand.0&tr=825.5%2C447%2C1161.5%2C727&url=https%3A%2F%2Fmshares.co%2Ffile%2FPnjT1icg&vp=1585x1200
Requested by
Host: mshares.co
URL: https://mshares.co/file/PnjT1icg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Apr 2020 04:34:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0FB3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&cb=68020gpd0w68
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eC/yuPhI0z/GJZbEB5vhYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcM5U8UAAAAALI6EFw9hPbLly373UYFr9AFJ75d&cb=68020gpd0w68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Apr 2020 04:34:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-eC/yuPhI0z/GJZbEB5vhYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1179
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/
6 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200422&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a72f3436f07ad4650638fca4e4cc411c044c9e7949412e5268faf3a4f8047871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Apr 2020 04:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5041
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 04:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Sun, 26 Apr 2020 04:34:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 293E
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mshares.co/file/PnjT1icg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mshares.co/file/PnjT1icg

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sun, 26 Apr 2020 02:38:24 GMT
expires
Mon, 26 Apr 2021 02:38:24 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6940
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/
0
68 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200422&jk=1178294853891090&bg=!QkGlQVlYlIwzjVP7vr8CAAAAP1IAAAAKmQFWfRPaitE6r6Ip2vxsRwO_lD4x_U6Ke1U1rSQ8l6AmuyBPeLxNsqFfSMIwOMePhVUIHo8tyFoRu1uoRB2Ei05DaHWuDDI50gg_-sl6yQjhuN5WJrM-_gAW1ix24puZde2UkdpxfDHhN69WvR7M1PCVKCfp4r6je5bQOp1EloUzIEma8UOaUJsnHZstSAFlYBsHqoE4Dx7NvJChMDaoRKlExMOxgBf16S2KqM1GrfIXSYSueJOYbLyZE2G7Vd6ZfWPZtCVcDGNCkwnJe-eJ5K-fUAhNanbQI5rlGZNC8QvarDUI41QXGPf50HmI4QmC2kOcTXlWgjjr2B-KPCxNHHXn1o4O6nKhPh-vB_mkxJuMMjWfcX__F6qR3HouqckXxfhGIwRQej4ZFEtGaXfDTOwYDT4gGYrarTV9CeJM-zRf2_vHk6WrYooJCSuiVk6atjKNCZwusSTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mshares.co/file/PnjT1icg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Apr 2020 04:34:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client boolean| ads_block object| initYoAdsNetworkScript object| adsbygoogle object| recaptcha object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| gtag object| dataLayer function| $ function| jQuery object| jQuery112407596516128779953 function| EvEmitter function| imagesLoaded object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| jQueryBridget function| JQClass function| WOW object| google_tag_manager object| html5 object| Modernizr function| yepnope object| e function| downloader function| onloadRecaptchaCallback boolean| enable_btn function| enableBtn undefined| adblock_alert_modal string| force_disable_adblock function| getCookie function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode function| showAdblockAlert function| onSubmit undefined| file_data undefined| wait_time boolean| downloading boolean| error_report undefined| new_downloader number| get_download_info_false number| max_get_download_info_times boolean| count_download_times function| filemime function| fileext function| handleBrowserFocus function| onBrowserChange function| getDownloadInfo object| extmime string| user_domain object| RegisterPushConfig object| RegisterPush function| io object| closure_lm_883840 string| GoogleAnalyticsObject function| ga object| FB number| width number| height object| jscd function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| BlockAdBlock object| blockAdBlock object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
mshares.co/ Name: visitor_info
Value: a%3A1%3A%7Bs%3A2%3A%22ip%22%3Bs%3A20%3A%222a01%3A4f8%3A192%3A5414%3A%3A2%22%3B%7D
.mshares.co/ Name: _ga
Value: GA1.2.1853409560.1587875643
mshares.co/ Name: device_info_resolution_height
Value: 600
mshares.co/ Name: device_info_resolution_width
Value: 800
mshares.co/ Name: device_info_is_wireless_device
Value: false
.mshares.co/ Name: __cfduid
Value: df57bc846294c7366086cb14be60639d91587875641
mshares.co/ Name: device_info_preferred_markup
Value: html_web_4_0
.mshares.co/ Name: _gid
Value: GA1.2.1713616884.1587875643
.mshares.co/ Name: _gat_gtag_UA_114571019_4
Value: 1
mshares.co/ Name: device_info_brand_name
Value: generic+web+browser
mshares.co/ Name: device_info
Value: 1
mshares.co/ Name: PHPSESSID
Value: r3ies3m5ve3sp05sd9em6q3sc0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mshares.co
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yoads.network
23.111.9.35
2606:4700:3031::681b:8fdb
2606:4700:3037::681b:b904
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:802::2008
2a00:1450:4001:808::2001
2a00:1450:4001:814::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
00ba9d008ba25a080852706fbd7f6e0fbfadba43ad51d2c3617537b83be379a2
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ee24571df9bff632625eece6598e8ae8c5749228a935cce27059ee7a4bd7a4a
11d2a6273a1a98975768d23a1723a6edb6eb046328a6cea5cb45511a8a2e39e6
158d3d319fb79d040001d51e8f74bad1471995d82e9a790855a16f5411e6c587
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
20ef53019af4cbfa0a182d8f2791d2fbec540625555ed842f768961166011b8f
2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386
3485f89f41cd75caf6ef27c8842075c9cb0dbfe303d69068d2773b96140702f2
3609327503a608ead6f99e42eaf9d22fba4a6cbf52547fc9546d98d3f0ac1d53
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3dbb9cacb0ee62628d918c65513a41c4cb65dd415de1b3c31d813cade2a2e4a8
3e9d0d4a293873be3385fdd53df54dbece7c4645da613186f200001e8cfa215f
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4510a0c8abc92c07bf84a6b9cc90a86b7079235f25b8e41a4c7d9a7148f67b36
46c63e19392696c9ccbce249541b5b7edeb46ca35679a5f91ed4f6779c0dfdbc
4834fdadb1e162d9814a5a3e59b01a9e4ee7cdbd42e2a326a6888f6049e8141f
4f8fb0e23ba6eab72a9870e13f9efdabd39edd8db83e01d30134ce9f7d9944ec
50936a76ab4e64963199797afd060c20b04065e0119bd1d0b065710b10da9694
535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5940cce884179e3fe35babb32a8dad574f56dd03d76e6189d9c4f31c9d778cf9
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75e4fa4be07f3d9147fec82b58733927d3ca7631cd5eab77296fa1bfac3b6cb8
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7e2334957dce6337f415f2c178ba85b82a2487eadfd55848fde6a73dbce57543
7f3fd9e985dde586a7239d83621ee43a30d94c09b7e9f8238296982f972065d7
834610065c851dd9ff3d85bc3b255df971b3c22e0d1f9c68b1d60f54f139ba58
8db9739f1c4062db47781a7bf83383df24ae9aa3da9ce34e4ccc3fb5d51b2087
9a1a099a4cb205b5a29d47b4ba845ab5a38d8f76d493c1d0152afa64e0c7d45a
a0d3646211ed885c171c58827df3eb759a309f3d269fce5eba83a43ec0b214c8
a1d38ba94d6881f24572fe89d1c9986483dfed05a1e9e82b338ef267f63ab940
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a72f3436f07ad4650638fca4e4cc411c044c9e7949412e5268faf3a4f8047871
a8a8cf81e8bb9e65576b34a05cf9f69548d60fcb153ca6e606bce80c08b1911f
a9334b213f7fbe5dc516d414d97078a450cfa676b7d642c5596a02db01ce91a7
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
b8874a1a280da987d0a8996ab4f76102477f15f72a6106f2e1d745821ee28ebb
bfe06240d46f053c60ca0bc348ce1b5aef4d0228b56122c7f074ce9db35f9405
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0
d766c84c688963f0d655a53c315c9eb11b6af35b61205ed51f9202b0218e9765
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b24a828211ff5860bb62e1cbfcadf329e4a46e0beeb9989a7df193d7fdac8
e826eff6ae57b7cf0cc3961e4df9872fb3d07422cfde1d192a0014023e4832f3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c