shrinke.me/Y3s4tx
172.67.162.135301 Moved Permanently 0 B IP 172.67.162.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y3s4tx HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 03:13:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 06 Oct 2022 04:13:59 GMT
Location: https://shrinke.me/Y3s4tx
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYykg3xkAKxswkgRew%2BxHYJlDaXufxkOnp4knjunnigZWTS%2Bp5lgG8w%2FyeXK3IGURb%2BbdUEmWXqSDOXfz%2FhSwXnh8JUWIqAFABvf5DDk1fb4Ht80agdxz79QQSnD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b396b0f73b4e8-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3029
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 03:13:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: g0y9XpQg-6x-Zoc878egzoEqsiwxfF_tq13VzGPP_l1uGqCGfrCwnQ==
Age: 41201
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4227
Expires: Thu, 06 Oct 2022 04:24:26 GMT
Date: Thu, 06 Oct 2022 03:13:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MKE4eiwBIX0ic4gMZPvthw2xPC+WO6N/dtTT571cQhL5HcSusYpv1Pt3v1NElm6h6m0yPY0e+zY=
x-amz-request-id: Y6B0G44XBZZ67F3Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 02:58:34 GMT
age: 925
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:13:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
shrinkme.io/logo-sm.webp
104.21.65.225200 OK 31 kB IP 104.21.65.225:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 53658e8a7ae22169e5b89744bfa9f9cc
157a684bdf8e3be19cbfabc80cf3a53bfbeaa175
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
GET /logo-sm.webp HTTP/1.1
Host: shrinkme.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:00 GMT
content-type: image/webp
content-length: 31236
x-frame-options: SAMEORIGIN
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
etag: "7a04-5a22587d62000"
cache-control: max-age=31536000
expires: Sat, 26 Aug 2023 06:24:09 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 3530991
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88iahIP1oZ8E%2FDq3AIykjMb7oiVe%2BwunjS284FsuFxaf1r9bVuJSNSSDIms86l7bF%2FdovdSyqnMQHyzJXOnXP4dW%2BfNukjlCDvnE8DQOk3QIso7rW5dH4yD8v1KYYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b396e8be4b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d301cxwfymy227.cloudfront.net/?fwxcd=792297
54.230.245.180200 OK 98 kB URL HTTP/2 d301cxwfymy227.cloudfront.net/?fwxcd=792297
IP 54.230.245.180:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash edebe864291e0492508dad50112d8fd6
c20a0f2668ee69590605952f6c8ec175d091816c
022f65d5c68436df0d1329280905c2ff4c62a28d726ed6a22599716b053d1721
GET /?fwxcd=792297 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 97888
date: Thu, 06 Oct 2022 03:14:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S-chrbvT3ZUWLyLwghn3HKYCCOvfoRU0JDupEsmCh_Q6XQAvX3f3LA==
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
172.67.144.172200 OK 80 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 172.67.144.172:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 99af706e1b4ecf495ddaac6d13c88bcf
cb9e4dcf38ce429cf344d6ed26f4a1020d26ecdf
fe7f094a5364fa5995df64785f99d9ebd0d1bae249c1f6f8bb8ae0634a8fe989
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:00 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 602860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXSWb8%2F4zYIBXUfEPMV6A4f0vHxDsnU3OuLZlXpd%2BKFwrn6sg9FuJ%2Br%2FafpwHV934GMpiPLEKvMhH1RFfPLT3aMNYk6OdCJw4Cp35%2FOLXbvXgOGWIQeXDfTTKmFqK4gqzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b396e6c81b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438bf7a3319159d1fb0947aba281e93
d4e7ec95b28dd5bca1c8f226104d3fbba82dd621
f5ddbc04cbfe4e9a39a313ba2794e549411ef4383c032e5fab7927cf11782f28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5DDBC04CBFE4E9A39A313BA2794E549411EF4383C032E5FAB7927CF11782F28"
Last-Modified: Wed, 05 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Thu, 06 Oct 2022 06:03:23 GMT
Date: Thu, 06 Oct 2022 03:14:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438bf7a3319159d1fb0947aba281e93
d4e7ec95b28dd5bca1c8f226104d3fbba82dd621
f5ddbc04cbfe4e9a39a313ba2794e549411ef4383c032e5fab7927cf11782f28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5DDBC04CBFE4E9A39A313BA2794E549411EF4383C032E5FAB7927CF11782F28"
Last-Modified: Wed, 05 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Thu, 06 Oct 2022 06:03:23 GMT
Date: Thu, 06 Oct 2022 03:14:00 GMT
Connection: keep-alive
code.jquery.com/jquery-2.2.4.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:00 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665026040.dop003.sk1.t,1665026040.cds202.sk1.hn,1665026040.cds214.sk1.c
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 02:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 02:56:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lv2b6PRGVN4AgzkjQj8JHnG73ZICRt8uOMtmMJ3f5sieAqpekxMf3Q==
Age: 2659
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438bf7a3319159d1fb0947aba281e93
d4e7ec95b28dd5bca1c8f226104d3fbba82dd621
f5ddbc04cbfe4e9a39a313ba2794e549411ef4383c032e5fab7927cf11782f28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5DDBC04CBFE4E9A39A313BA2794E549411EF4383C032E5FAB7927CF11782F28"
Last-Modified: Wed, 05 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Thu, 06 Oct 2022 06:03:23 GMT
Date: Thu, 06 Oct 2022 03:14:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438bf7a3319159d1fb0947aba281e93
d4e7ec95b28dd5bca1c8f226104d3fbba82dd621
f5ddbc04cbfe4e9a39a313ba2794e549411ef4383c032e5fab7927cf11782f28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5DDBC04CBFE4E9A39A313BA2794E549411EF4383C032E5FAB7927CF11782F28"
Last-Modified: Wed, 05 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Thu, 06 Oct 2022 06:03:23 GMT
Date: Thu, 06 Oct 2022 03:14:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66fe6726cfd27efe46207f7ddb151ef4
079c2700d99bc247229382bc9436d08d93b5d111
bca33047d8c3d62efe9d8d536c59edf1505c61e18affd0d682f059ce81a4eed6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.orquideassp.com/tag/12656
54.230.111.91200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/12656
IP 54.230.111.91:0
File type HTML document, ASCII text, with CRLF line terminators
Hash bc65c26fa1b876fd29afc620a24231f8
a89fbe8ebde7d38236dbf3aed37ec906fa7a30a2
2f7278404edca136bf89b7f73199f14c662e1fd6468a4d4f72ec8bcfbfa3d84a
GET /tag/12656 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Thu, 06 Oct 2022 03:06:22 GMT
etag: W/"337-qJ++jr3n04I22/Ou037JBvp6MKI"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QqWZYNzdeL2qQa0p8Xdbi3gHlH1DcLP9IetI4qwjcSdOas3Yj4XtSQ==
age: 2488
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 585 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash f88552f4fb93b90aefb41434525cc80f
427b50cec78eadb0632666a3b9fec5791360a93e
9b4489d51153daf660af1ad13fe14e8b9949e34f04f756dbe179988c1ce76234
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 06 Oct 2022 03:14:00 GMT
date: Thu, 06 Oct 2022 03:14:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gsinspiring.xyz/popunder.gif
172.67.151.158200 OK 506 B URL HTTP/2 gsinspiring.xyz/popunder.gif
IP 172.67.151.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9693253ca38c710621c78aabb105eab5
539e2ca7b719dc50af2ff44edb4986d50f5da928
5cd9121a1359a3fe56c99e13d853fa3f56d624e5da0521a0412592efbec4fa30
GET /popunder.gif HTTP/1.1
Host: gsinspiring.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:00 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 128332
last-modified: Tue, 04 Oct 2022 15:35:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zINJYF8ZFGJJ5xzj%2BHnymG11xxztZvnNSjmDvq9d%2F4nCx7UG%2B3oQkOscvgUIJOJYhzDrQsjAOvWViHX7QH7QtBU7JZRjG2y%2BjDGZbSA2U0%2BxS909UalMwLl59Ak%2BYmGu5hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39721a67b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438bf7a3319159d1fb0947aba281e93
d4e7ec95b28dd5bca1c8f226104d3fbba82dd621
f5ddbc04cbfe4e9a39a313ba2794e549411ef4383c032e5fab7927cf11782f28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5DDBC04CBFE4E9A39A313BA2794E549411EF4383C032E5FAB7927CF11782F28"
Last-Modified: Wed, 05 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10163
Expires: Thu, 06 Oct 2022 06:03:23 GMT
Date: Thu, 06 Oct 2022 03:14:00 GMT
Connection: keep-alive
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 556422
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/11628
54.230.111.91200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/11628
IP 54.230.111.91:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 2e18ffb86f956634ec5dc4a6c2e13301
6f5a9fe45942e1a6ed1d4f33c915667ab87a6c53
ce36f676ef8ce52a9213048f1a08b0bb84d9c42597d327d4844feb68f368ab44
GET /tag/11628 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Thu, 06 Oct 2022 03:14:00 GMT
etag: W/"337-b1qf5FlC4abtHU8zyRVmerh6bFM"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zwk9YUBsqL6ksxMCIfXX2yCbZvxd09TRiwnxhFzLrZ8AzIvdWLUPQQ==
age: 100
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:56 GMT
expires: Fri, 29 Sep 2023 06:19:56 GMT
cache-control: public, max-age=31536000
age: 593644
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-137383949-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-137383949-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 0d119fb1ac820ed7187aabb174b42d30
866d6f9daf76953ddd28ed211d8920d0bfe93efb
08cacbbf42728907b098cb287f6c343a3e9cfe7b7153c7430157b9c852fe1a3d
GET /gtag/js?id=UA-137383949-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 03:14:00 GMT
expires: Thu, 06 Oct 2022 03:14:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
avellingand.xyz/OUZHbnRYJCQDS1h7JUgBSyp6S0Z/Y3UoEAp2dg0MTiA+Aw0LdHBAF1UpMgoSSykpGlpXIzNLRn8eEwVNVRUCPwBwBzQbEUMpKi8sb34hJi5oIB8sG3MUHgA/U3M+LzZRfwMWLXQgIAE3cxcKPDxUIXAmDUFzIQMfcw0UAQRaLQoaP1B3PjgzDSoMB0VgIAAnQmkxKAQRbRcrLA5eNQs9JV8WBBYbdiEVXz9qA3YqN2gpC1wEYQIpKBNfdgVYEH4fdDg8VS4hP0V4Iyk/HXMhNFckfjJ+OCB7fiIsNm0gAChNfRMFWBB9MXI/PEoAI10YdSMAXwZfEGo7AnAVdwU3VHd1LTwIECI2Jhx0BQgYb3MeNgwcdAEvDXx0DBcfcgsAKEx6ED9LRnsnKVsEfA4RX1JTNSgABAQjF1c1YC9xIDhTIB40
54.230.111.58200 OK 1.2 kB URL HTTP/2 avellingand.xyz/OUZHbnRYJCQDS1h7JUgBSyp6S0Z/Y3UoEAp2dg0MTiA+Aw0LdHBAF1UpMgoSSykpGlpXIzNLRn8eEwVNVRUCPwBwBzQbEUMpKi8sb34hJi5oIB8sG3MUHgA/U3M+LzZRfwMWLXQgIAE3cxcKPDxUIXAmDUFzIQMfcw0UAQRaLQoaP1B3PjgzDSoMB0VgIAAnQmkxKAQRbRcrLA5eNQs9JV8WBBYbdiEVXz9qA3YqN2gpC1wEYQIpKBNfdgVYEH4fdDg8VS4hP0V4Iyk/HXMhNFckfjJ+OCB7fiIsNm0gAChNfRMFWBB9MXI/PEoAI10YdSMAXwZfEGo7AnAVdwU3VHd1LTwIECI2Jhx0BQgYb3MeNgwcdAEvDXx0DBcfcgsAKEx6ED9LRnsnKVsEfA4RX1JTNSgABAQjF1c1YC9xIDhTIB40
IP 54.230.111.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Hash d03ff9616b60619626d685e11f932ba1
245fff693540df194a3921bc5cfd222ee1df2797
36c769dc578dd0867a4b91e00772adc49e31fe3da8b670f4a8f0a8c5cf945b5d
GET /OUZHbnRYJCQDS1h7JUgBSyp6S0Z/Y3UoEAp2dg0MTiA+Aw0LdHBAF1UpMgoSSykpGlpXIzNLRn8eEwVNVRUCPwBwBzQbEUMpKi8sb34hJi5oIB8sG3MUHgA/U3M+LzZRfwMWLXQgIAE3cxcKPDxUIXAmDUFzIQMfcw0UAQRaLQoaP1B3PjgzDSoMB0VgIAAnQmkxKAQRbRcrLA5eNQs9JV8WBBYbdiEVXz9qA3YqN2gpC1wEYQIpKBNfdgVYEH4fdDg8VS4hP0V4Iyk/HXMhNFckfjJ+OCB7fiIsNm0gAChNfRMFWBB9MXI/PEoAI10YdSMAXwZfEGo7AnAVdwU3VHd1LTwIECI2Jhx0BQgYb3MeNgwcdAEvDXx0DBcfcgsAKEx6ED9LRnsnKVsEfA4RX1JTNSgABAQjF1c1YC9xIDhTIB40 HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Thu, 06 Oct 2022 03:14:00 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yoAxEyVpXmzpnCE_iDokt3xY4RGV6gMOiQmn8XOGwfhSsqUBWJptgQ==
X-Firefox-Spdy: h2
avellingand.xyz/Q3dUMlMiFTdfbCJKNhQmMRtpF2EFUmZ0N3BHZVErNBEtXypxRWMcMC8YIVY1MRg6Rn0tEiAXYQUcN2U/LSYDQQABED9cBQIiFXNgOxQHdCcVEhJ8CwIPBUcREjEBdxIaPwRzFjE4I1EZBzYRfgM7GDFjBxYlEmQBGy0jUQIBABYKBxEmHHAbOxYCRTQHPmVoFRcPHVUFKwATegAkPxxjOwAULQMWEUYwWQQWMRZ6YAEWAnQ8Ly0SXhEBJmBEGyQbGWQLBiMHZGt3E2ULBhQeAlkEFjI2dwQRLhl0EREVZUYKFzECShcBJh92EHY4BUtqFRQCQhEUIXloKxQbBlAFOhQXcyQ0NRhaHRYgLXRnGyFtaAIXJQNjEmUdJ109M0ojdT8OHxhIPzsSMngHKAA
54.230.111.58200 OK 1.2 kB URL HTTP/2 avellingand.xyz/Q3dUMlMiFTdfbCJKNhQmMRtpF2EFUmZ0N3BHZVErNBEtXypxRWMcMC8YIVY1MRg6Rn0tEiAXYQUcN2U/LSYDQQABED9cBQIiFXNgOxQHdCcVEhJ8CwIPBUcREjEBdxIaPwRzFjE4I1EZBzYRfgM7GDFjBxYlEmQBGy0jUQIBABYKBxEmHHAbOxYCRTQHPmVoFRcPHVUFKwATegAkPxxjOwAULQMWEUYwWQQWMRZ6YAEWAnQ8Ly0SXhEBJmBEGyQbGWQLBiMHZGt3E2ULBhQeAlkEFjI2dwQRLhl0EREVZUYKFzECShcBJh92EHY4BUtqFRQCQhEUIXloKxQbBlAFOhQXcyQ0NRhaHRYgLXRnGyFtaAIXJQNjEmUdJ109M0ojdT8OHxhIPzsSMngHKAA
IP 54.230.111.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3004), with no line terminators
Hash 7157991824a9ffc0d596a845c3db7ca2
c614b3284b1996e85195f6ae09989115f91ebaa0
61b5c05cdc7d5a2cf3d9c72133c1d9ee858df4690e6e67dbe1e6b176e1f5b73f
GET /Q3dUMlMiFTdfbCJKNhQmMRtpF2EFUmZ0N3BHZVErNBEtXypxRWMcMC8YIVY1MRg6Rn0tEiAXYQUcN2U/LSYDQQABED9cBQIiFXNgOxQHdCcVEhJ8CwIPBUcREjEBdxIaPwRzFjE4I1EZBzYRfgM7GDFjBxYlEmQBGy0jUQIBABYKBxEmHHAbOxYCRTQHPmVoFRcPHVUFKwATegAkPxxjOwAULQMWEUYwWQQWMRZ6YAEWAnQ8Ly0SXhEBJmBEGyQbGWQLBiMHZGt3E2ULBhQeAlkEFjI2dwQRLhl0EREVZUYKFzECShcBJh92EHY4BUtqFRQCQhEUIXloKxQbBlAFOhQXcyQ0NRhaHRYgLXRnGyFtaAIXJQNjEmUdJ109M0ojdT8OHxhIPzsSMngHKAA HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1161
date: Thu, 06 Oct 2022 03:14:00 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sAaoZpU9YrZbtUFisVUcuhvcJ75GwetslD90lV7Wja7I34SEuwGt7w==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
142.250.74.10200 OK 655 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
IP 142.250.74.10:0
Hash 05bdf8c5b3df1a2459d2e6b5f56f6420
36da06784ce398e7b06b1f3b010865ca5ac5f383
f20ecb726f0bb866be8c78c7267834740bc26331ba798b33de832f0131285967
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 03:14:00 GMT
date: Thu, 06 Oct 2022 03:14:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gsinspiring.xyz/cnVSVHpdSjEnRyFHGGIZNi9mAUpDMxMMQxMhOQ0+ERkUHigFUyY9Hk9NYG1PR0F0JBMWSGBtXAEBMyAPAUhjchMcEz1pXARIY3pKXENiekpUAG9lXAYFMzNHQ1MiIA4eSGNiTEdFYGJKRkVmZUs
172.67.151.158204 No Content 0 B URL HTTP/2 gsinspiring.xyz/cnVSVHpdSjEnRyFHGGIZNi9mAUpDMxMMQxMhOQ0+ERkUHigFUyY9Hk9NYG1PR0F0JBMWSGBtXAEBMyAPAUhjchMcEz1pXARIY3pKXENiekpUAG9lXAYFMzNHQ1MiIA4eSGNiTEdFYGJKRkVmZUs
IP 172.67.151.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cnVSVHpdSjEnRyFHGGIZNi9mAUpDMxMMQxMhOQ0+ERkUHigFUyY9Hk9NYG1PR0F0JBMWSGBtXAEBMyAPAUhjchMcEz1pXARIY3pKXENiekpUAG9lXAYFMzNHQ1MiIA4eSGNiTEdFYGJKRkVmZUs HTTP/1.1
Host: gsinspiring.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5EbQ1gGscD%2BUGTV4QdY1JphNXgN%2FkVVsYXoXveKxHwFQXmWyG9wiiiyynuO%2FcTeSeODmMJCjNHEII2ql6SzyVWoQ6tf0blYao%2BxD3vFGD21MCb4uJbHKoHHniEnCSOAFz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b39722a73b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66fe6726cfd27efe46207f7ddb151ef4
079c2700d99bc247229382bc9436d08d93b5d111
bca33047d8c3d62efe9d8d536c59edf1505c61e18affd0d682f059ce81a4eed6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
avellingand.xyz/S05XREsqLDQpdCpzNWI+OSJqYXkNa2UCL3h+ZiczPCguKTJ5fGBqKCchIiAtOSE5MGUlKyNheQ0WGAESehQQFikAGCQHHHs5IREdJxoWHBoDFgEJLgcLDggIICZgHTMdLTZ3GgYPPScEKBwaFQMnNmAGHgIHABcjGBkCDi8ACA0eHRl6OREaERQTAwkJCBYwHy5+bwsJICkiEixzKwMHfx8LBhENAH84IQ8dHyYSDg0ZMSoGKRgSAQAvJmcnHRoiPQYiEQwUKhERCgY0BRsmFRMdDgxydgkKNCMXDwwDEA4gDgUzLygYHwY3Aw8IHQ8IDHYGEicZKB51ZhIeFDx6ey1mHh4IFg4CHR0fHR08LxsWKA57GxYNBxoJGgwCJ34YJQodDRIVHXhoPTckJT5qEjpzHWV9LRh4YA
54.230.111.58200 OK 1.2 kB URL HTTP/2 avellingand.xyz/S05XREsqLDQpdCpzNWI+OSJqYXkNa2UCL3h+ZiczPCguKTJ5fGBqKCchIiAtOSE5MGUlKyNheQ0WGAESehQQFikAGCQHHHs5IREdJxoWHBoDFgEJLgcLDggIICZgHTMdLTZ3GgYPPScEKBwaFQMnNmAGHgIHABcjGBkCDi8ACA0eHRl6OREaERQTAwkJCBYwHy5+bwsJICkiEixzKwMHfx8LBhENAH84IQ8dHyYSDg0ZMSoGKRgSAQAvJmcnHRoiPQYiEQwUKhERCgY0BRsmFRMdDgxydgkKNCMXDwwDEA4gDgUzLygYHwY3Aw8IHQ8IDHYGEicZKB51ZhIeFDx6ey1mHh4IFg4CHR0fHR08LxsWKA57GxYNBxoJGgwCJ34YJQodDRIVHXhoPTckJT5qEjpzHWV9LRh4YA
IP 54.230.111.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash 7a3e088bd94f8a59a8aed57e11f26837
64b843aa6c8e4e7a316801353bccf5ab7a909d07
4f6e72f608ce14845d6ffc512009716aa728227ccf847f67bcb99c49872c7a56
GET /S05XREsqLDQpdCpzNWI+OSJqYXkNa2UCL3h+ZiczPCguKTJ5fGBqKCchIiAtOSE5MGUlKyNheQ0WGAESehQQFikAGCQHHHs5IREdJxoWHBoDFgEJLgcLDggIICZgHTMdLTZ3GgYPPScEKBwaFQMnNmAGHgIHABcjGBkCDi8ACA0eHRl6OREaERQTAwkJCBYwHy5+bwsJICkiEixzKwMHfx8LBhENAH84IQ8dHyYSDg0ZMSoGKRgSAQAvJmcnHRoiPQYiEQwUKhERCgY0BRsmFRMdDgxydgkKNCMXDwwDEA4gDgUzLygYHwY3Aw8IHQ8IDHYGEicZKB51ZhIeFDx6ey1mHh4IFg4CHR0fHR08LxsWKA57GxYNBxoJGgwCJ34YJQodDRIVHXhoPTckJT5qEjpzHWV9LRh4YA HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Thu, 06 Oct 2022 03:14:00 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cMC9_UwurSjl2K-OGiWmN-PCgf0SsfAZui4enyXvD4rzJA2jzZdF2w==
X-Firefox-Spdy: h2
gsinspiring.xyz/WnpIZzN1RSsUDhQiDVVpDz8NNVQ+LSsmcRA7JCUDGBEBIWYSO24TWj5Hf14BaEN/QUMzHnVWFSkOKRNGKUd5QVo0HCdaFSxHeUkAblR6Xh1qXD1aAnwOOAZUZ0tuF0cuFnVWBWxPeFUFak54VAVi
172.67.151.158204 No Content 34 kB URL HTTP/2 gsinspiring.xyz/WnpIZzN1RSsUDhQiDVVpDz8NNVQ+LSsmcRA7JCUDGBEBIWYSO24TWj5Hf14BaEN/QUMzHnVWFSkOKRNGKUd5QVo0HCdaFSxHeUkAblR6Xh1qXD1aAnwOOAZUZ0tuF0cuFnVWBWxPeFUFak54VAVi
IP 172.67.151.158:0
Hash ea4edb7446791657621e7028d1108e43
ba59971b723fff84bccccb32def50d0ebca3a087
170a9305ad06d893d54d61335d9dc31113907d8c5a0375ccc6485013c114e1ab
GET /WnpIZzN1RSsUDhQiDVVpDz8NNVQ+LSsmcRA7JCUDGBEBIWYSO24TWj5Hf14BaEN/QUMzHnVWFSkOKRNGKUd5QVo0HCdaFSxHeUkAblR6Xh1qXD1aAnwOOAZUZ0tuF0cuFnVWBWxPeFUFak54VAVi HTTP/1.1
Host: gsinspiring.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:00 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEOBB7LRh1pg9bCPxcbBXy4UZkLX20LLlEE28LLCnM2XXeCJfK6XTTZ9qfbzl0vlRuHtaE5dc%2FncU2AlPa7Ybk4YpQcZCW%2BSbx0rVD2DCjboTq0bQMCMsyp6dpa0bn88NZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b39722a75b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cap3/JxYezgj92t0yFC5IA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8doVFjjjJ4El2P0un0ETWRECUqA=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1884
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Last-Modified: Thu, 06 Oct 2022 02:42:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
d301cxwfymy227.cloudfront.net/kcWlnQWsSBgknVAUAA3xcSFtVeFNXAxQuBQFUEAYHPAErOwcJDAELPxoeQTURFVRXZwcQBwB8TRQHBHxaVwgDI1ZFTxIgVhwGHSgHHQhCcy1ER1dkWUFBH3BaVFolZFlBBQ4vHglMVXETSV84d19UWiVkWUEbEWRYMFBRb1tYTFVxDBQKDC5OQy9VcVpBWV-ZxWlRbVycCAwwBLhNUWyF4XV9ZQTRWQA
54.230.245.180200 OK 179 B URL HTTP/2 d301cxwfymy227.cloudfront.net/kcWlnQWsSBgknVAUAA3xcSFtVeFNXAxQuBQFUEAYHPAErOwcJDAELPxoeQTURFVRXZwcQBwB8TRQHBHxaVwgDI1ZFTxIgVhwGHSgHHQhCcy1ER1dkWUFBH3BaVFolZFlBBQ4vHglMVXETSV84d19UWiVkWUEbEWRYMFBRb1tYTFVxDBQKDC5OQy9VcVpBWV-ZxWlRbVycCAwwBLhNUWyF4XV9ZQTRWQA
IP 54.230.245.180:0
File type ASCII text, with no line terminators
Hash b84798a94dd5b0bb2ddcaaeb4b51d49b
37c38e54ecde38d05dd7429ab3e96bce5e0eacab
21d44b4394708c4a2b0387f2495ce0655fb79719983c837292a6e48aaef43d4b
GET /kcWlnQWsSBgknVAUAA3xcSFtVeFNXAxQuBQFUEAYHPAErOwcJDAELPxoeQTURFVRXZwcQBwB8TRQHBHxaVwgDI1ZFTxIgVhwGHSgHHQhCcy1ER1dkWUFBH3BaVFolZFlBBQ4vHglMVXETSV84d19UWiVkWUEbEWRYMFBRb1tYTFVxDBQKDC5OQy9VcVpBWV-ZxWlRbVycCAwwBLhNUWyF4XV9ZQTRWQA HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avellingand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 179
date: Thu, 06 Oct 2022 03:14:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QvNwUXympQ_S_kcwizosrf-RgJb1DnOFZtnK0TI-Z2QJHfyVnnsIIg==
X-Firefox-Spdy: h2
d301cxwfymy227.cloudfront.net/XOEY1ZGRbKVsCW0wvUVlTAXQHXVMeLEYLCkh7YxVca3QMAjcOcRMQHlx7BUIIWShSWUJdKFZZVR4nUQZZDGBBFAtTe08OBkguVg8eTC4TEQUFK1oeDVQqVEFWfnMbVEEKdh0cVQljBiZBCnZZDQpNPhBWVEB+AztSDGMGJkEKdkcSQQsHDFJKCG8QVlRfI1-YPCx10c1ZUCXYFVVQJYwdUAlE0UAILQGMHIl0OaAVCEQV3
54.230.245.180200 OK 545 B URL HTTP/2 d301cxwfymy227.cloudfront.net/XOEY1ZGRbKVsCW0wvUVlTAXQHXVMeLEYLCkh7YxVca3QMAjcOcRMQHlx7BUIIWShSWUJdKFZZVR4nUQZZDGBBFAtTe08OBkguVg8eTC4TEQUFK1oeDVQqVEFWfnMbVEEKdh0cVQljBiZBCnZZDQpNPhBWVEB+AztSDGMGJkEKdkcSQQsHDFJKCG8QVlRfI1-YPCx10c1ZUCXYFVVQJYwdUAlE0UAILQGMHIl0OaAVCEQV3
IP 54.230.245.180:0
File type ASCII text, with very long lines (754), with no line terminators
Hash 0e11303e18c1b1370a9912d670efcc19
aca3e9c98d37146f8fc14ac00bd70176106953cc
96dab0ccecda993c7017a4950f22df6b6fd4c6b3ef1c6bf7ac60af42c4c39342
GET /XOEY1ZGRbKVsCW0wvUVlTAXQHXVMeLEYLCkh7YxVca3QMAjcOcRMQHlx7BUIIWShSWUJdKFZZVR4nUQZZDGBBFAtTe08OBkguVg8eTC4TEQUFK1oeDVQqVEFWfnMbVEEKdh0cVQljBiZBCnZZDQpNPhBWVEB+AztSDGMGJkEKdkcSQQsHDFJKCG8QVlRfI1-YPCx10c1ZUCXYFVVQJYwdUAlE0UAILQGMHIl0OaAVCEQV3 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avellingand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 545
date: Thu, 06 Oct 2022 03:14:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sBpHuCghcL_0eVfHQf9KQgwOsauUYSOWGi6ijzZXgSW99H-p7vP1-g==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2580d09bc1d6cdee1a88f55fe3bfd929
ac090013cf9d7ed808c3da980e281d6a3e5612c0
26f7ce5552a90dd8b176b5a47b3d4ec5170e82c7c77dc29ffa68d147b3cfb75c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "26F7CE5552A90DD8B176B5A47B3D4EC5170E82C7C77DC29FFA68D147B3CFB75C"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11867
Expires: Thu, 06 Oct 2022 06:31:48 GMT
Date: Thu, 06 Oct 2022 03:14:01 GMT
Connection: keep-alive
d301cxwfymy227.cloudfront.net/XTk9lSEQtIAsuezomAXV8fHZQfXBoJRYnKj5yABh9DxYMfgoCJQMRHmg7Hyx5fmkJKSopckMtKi1yVG4lKi1YfGI6PwojeTQlBzgsLSQfPCxoOgR1KSE1DCQoL2pXDnFgf0B6dGY3VHlhfQ1AenQiJgs9PGt9VTB8eBBTfGF9DUB6dDw5QHsFd3lLeG1rfV-UvIS0kCm12CH1VeXR+flV5YXx/AyE2KykKMGF8CVx+an5pEHV1
54.230.245.180200 OK 454 B URL HTTP/2 d301cxwfymy227.cloudfront.net/XTk9lSEQtIAsuezomAXV8fHZQfXBoJRYnKj5yABh9DxYMfgoCJQMRHmg7Hyx5fmkJKSopckMtKi1yVG4lKi1YfGI6PwojeTQlBzgsLSQfPCxoOgR1KSE1DCQoL2pXDnFgf0B6dGY3VHlhfQ1AenQiJgs9PGt9VTB8eBBTfGF9DUB6dDw5QHsFd3lLeG1rfV-UvIS0kCm12CH1VeXR+flV5YXx/AyE2KykKMGF8CVx+an5pEHV1
IP 54.230.245.180:0
File type ASCII text, with very long lines (597), with no line terminators
Hash 478ea0271f7c369e42f20ff9a1015b3e
029bfa9c469d2bbcef3b429f1d3d6169b7f84143
655b35ce37b4a0f5a305f5db6153aa157c2d22ee93b32157de64f48488119b94
GET /XTk9lSEQtIAsuezomAXV8fHZQfXBoJRYnKj5yABh9DxYMfgoCJQMRHmg7Hyx5fmkJKSopckMtKi1yVG4lKi1YfGI6PwojeTQlBzgsLSQfPCxoOgR1KSE1DCQoL2pXDnFgf0B6dGY3VHlhfQ1AenQiJgs9PGt9VTB8eBBTfGF9DUB6dDw5QHsFd3lLeG1rfV-UvIS0kCm12CH1VeXR+flV5YXx/AyE2KykKMGF8CVx+an5pEHV1 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avellingand.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 454
date: Thu, 06 Oct 2022 03:14:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LgXEVH55r2vVUNfEAhwUx2N1qpDVZa5k50HLEPOLkxpcb3mLEcxZ8A==
X-Firefox-Spdy: h2
avellingand.xyz/utx?cb=XJg4JcErpoRW&top=shrinke.me&tid=829554
54.230.111.58204 No Content 110 B URL HTTP/2 avellingand.xyz/utx?cb=XJg4JcErpoRW&top=shrinke.me&tid=829554
IP 54.230.111.58:0
Hash 150a7f6c79a39399d9cc831d156ead1f
7e0572eacf8489bc92861cf06a20813abde2c8cc
9c7dab2c31cea87f364f3489523edc737f8bbb78bfc74eb612a9a7068df048fe
GET /utx?cb=XJg4JcErpoRW&top=shrinke.me&tid=829554 HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 06 Oct 2022 03:15:01 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qr7NEyGJMJTBjVxOIamjsnWuQISbj2WbWrxfHM8AJc65lesQ2-Inkg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2580d09bc1d6cdee1a88f55fe3bfd929
ac090013cf9d7ed808c3da980e281d6a3e5612c0
26f7ce5552a90dd8b176b5a47b3d4ec5170e82c7c77dc29ffa68d147b3cfb75c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "26F7CE5552A90DD8B176B5A47B3D4EC5170E82C7C77DC29FFA68D147B3CFB75C"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11867
Expires: Thu, 06 Oct 2022 06:31:48 GMT
Date: Thu, 06 Oct 2022 03:14:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2580d09bc1d6cdee1a88f55fe3bfd929
ac090013cf9d7ed808c3da980e281d6a3e5612c0
26f7ce5552a90dd8b176b5a47b3d4ec5170e82c7c77dc29ffa68d147b3cfb75c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "26F7CE5552A90DD8B176B5A47B3D4EC5170E82C7C77DC29FFA68D147B3CFB75C"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11867
Expires: Thu, 06 Oct 2022 06:31:48 GMT
Date: Thu, 06 Oct 2022 03:14:01 GMT
Connection: keep-alive
avellingand.xyz/utx?cb=pVLzWSgU7emx&top=shrinke.me&tid=792297
54.230.111.58204 No Content 655 B URL HTTP/2 avellingand.xyz/utx?cb=pVLzWSgU7emx&top=shrinke.me&tid=792297
IP 54.230.111.58:0
File type gzip compressed data, from Unix\012- data
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /utx?cb=pVLzWSgU7emx&top=shrinke.me&tid=792297 HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 06 Oct 2022 03:15:01 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kDuAXW5kGa5pfL-31eJWxsLUhNLoyhbQudWLglQBr82GWQvcJGZlEQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash a06a072e3cae07d6ecfa1d7e38b69807
e2ef37b5c2df0c312950176ef5fbe24e35f7d6d7
64d8d33adeb2594ec4a49d71eefd3e040b5cea05ef6b284ef93bbd18235e0a3a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 03:14:01 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-837956465%3A1665026041040574&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr3eMbWpiXcasSHsVsEwy2yefOP1oqlTe5PVzv8pdLTnFRS2JOyi-zJCFBRnzkwZGP8osIr
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-NC0UUHGh6PKWnLhFBp5_CA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:EratctRwfS0ulB4VN3ZepsauhOjsaA:8ZoXed74Sa3Xh4Y7;Path=/;Expires=Sat, 05-Oct-2024 03:14:01 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
avellingand.xyz/multi?cs=MDg5MFoDCQ4FbQQADQZvCQsKBw&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.0&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FY3s4tx&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_8S34=1665026040667&crc=1
54.230.111.58200 OK 1.6 kB URL HTTP/2 avellingand.xyz/multi?cs=MDg5MFoDCQ4FbQQADQZvCQsKBw&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.0&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FY3s4tx&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_8S34=1665026040667&crc=1
IP 54.230.111.58:0
File type ASCII text, with very long lines (3298), with no line terminators
Hash 85fe6599297be2d836e07ccf43066309
39b968f1fc40a72ae47a1413bd3bf3782add698e
31807495ae46eb1b13b7dfba7cf29dfbae8f97f045aaec7882635780354ea186
GET /multi?cs=MDg5MFoDCQ4FbQQADQZvCQsKBw&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.0&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FY3s4tx&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_8S34=1665026040667&crc=1 HTTP/1.1
Host: avellingand.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1598
date: Thu, 06 Oct 2022 03:14:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=66a52a13-cfc2-4576-ae89-69192b1f5b3d
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K6yw2LFrMDlo35qzscmeaYu0N9tle1CsusERcSecCxFLBW0DHpO_qg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3074d373b099b43ddce4e2973ccbf47
c1bb3ef02740c0367f04547d2a59c28840f2a3a2
f8aff4d4d7dc353ce87841226f36c4c3e3b5eb7cd78ea0fc052bd41c4996831f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8AFF4D4D7DC353CE87841226F36C4C3E3B5EB7CD78EA0FC052BD41C4996831F"
Last-Modified: Wed, 05 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13953
Expires: Thu, 06 Oct 2022 07:06:34 GMT
Date: Thu, 06 Oct 2022 03:14:01 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 1cb09b3ac7b19bd19a1bcd3f822fdfe4
b0e7d869be28fa9e59ff3240e8a9685c26d544a1
2bcd1b4b247dbc07f83dd0f7c6dc7558f7d17969b1d31b7e0bdac89348a2a567
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 03:14:01 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1643323977%3A1665026041088760&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrjR08Rv52-dCkJGrBz62K8xakwkc8773erEHJrQbNlUBJi0kaTJ56UkR0Oh4n4t3OyfcCq
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-4fFBcKIfqUfh26FkyfpPZw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:VqC_r7DOXiHsAgnvfd9xL0OOtaJVCw:xFGG3npsHqSZeV1S;Path=/;Expires=Sat, 05-Oct-2024 03:14:01 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1884
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Last-Modified: Thu, 06 Oct 2022 02:42:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2580d09bc1d6cdee1a88f55fe3bfd929
ac090013cf9d7ed808c3da980e281d6a3e5612c0
26f7ce5552a90dd8b176b5a47b3d4ec5170e82c7c77dc29ffa68d147b3cfb75c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "26F7CE5552A90DD8B176B5A47B3D4EC5170E82C7C77DC29FFA68D147B3CFB75C"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11867
Expires: Thu, 06 Oct 2022 06:31:48 GMT
Date: Thu, 06 Oct 2022 03:14:01 GMT
Connection: keep-alive
accounts.google.com/v3/signin/identifier?dsh=S-837956465%3A1665026041040574&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr3eMbWpiXcasSHsVsEwy2yefOP1oqlTe5PVzv8pdLTnFRS2JOyi-zJCFBRnzkwZGP8osIr
216.58.207.237403 Forbidden 804 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-837956465%3A1665026041040574&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr3eMbWpiXcasSHsVsEwy2yefOP1oqlTe5PVzv8pdLTnFRS2JOyi-zJCFBRnzkwZGP8osIr
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash 5e8a545ff5ba793e987405ceef3c2808
c24016c0d8baafa8dc1451a300e75534837e63a8
af8ecc53de8b59b6b7109d090f0f0d7e0937e46df950ed22c57cc48f025c2450
GET /v3/signin/identifier?dsh=S-837956465%3A1665026041040574&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr3eMbWpiXcasSHsVsEwy2yefOP1oqlTe5PVzv8pdLTnFRS2JOyi-zJCFBRnzkwZGP8osIr HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 03:14:01 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-xiHHw0-hZI0bNPR1ZBRAlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=kKkviQxoWy2sSrQ6OtJC5K5f5WJE-a4kFjF5GGqojrSQiQXvYz0VxbImIisAUd074GY9fYGwYKFuOkiJn86f1D3qhuCUyxxoqu42qxRbx5KLOrrq2LlfK91jgnPbwi3VldANtTOZ06oI07p4tqfZh_LWWN__-b1MbRGjIlGyrmk; expires=Fri, 07-Apr-2023 03:14:01 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assurednesssalesmanmaud.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 assurednesssalesmanmaud.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37143), with no line terminators
Hash 80b8a2f24356a0aaa8e92ce431132e19
92838547bc4835cea7262f718a3bd85ed4e80130
cc56d5456e533e2f9392dfa3a2cdc933d3cc16d731a96b709eec006b315ccc14
Analyzer Verdict Alert quad9 Sinkholed
GET /18/44/b8/1844b8e470c024a415cff51a0843d71c.js HTTP/1.1
Host: assurednesssalesmanmaud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c299a2cca6d763f773408d09bc43cbc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.clarity.ms/tag/6j3srg4zo7
13.107.213.53200 OK 1.3 kB URL HTTP/2 www.clarity.ms/tag/6j3srg4zo7
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1318), with no line terminators
Hash c7dba40fda2f23008b1ed3d46472e6ba
fc5def2711aa42dac4dff456639e6aa0f61c3be6
3c9fa4be0fab18471a1e4811de42e8f17b0deaea35b3d256d65e3b51f92244de
GET /tag/6j3srg4zo7 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1318
content-type: application/x-javascript
expires: -1
set-cookie: CLID=c68936c12e3e4742931c3f9676a4699c.20221006.20231006; expires=Fri, 06 Oct 2023 03:14:01 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-cache: CONFIG_NOCACHE
x-azure-ref: 0+Uc+YwAAAAA/vFfzX2scT56bgujuyjk7U1ZHMjBFREdFMDUwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 06 Oct 2022 03:14:01 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b2f846c37619c646c6164f4293aa696a
7f57a0e1eb799abad4d8f7dba2e023100de527e3
3823148e60eda2c18f8b59150fc70e9eb8a6afbd59f0b590a020c4a4ab53a6fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 03:14:01 GMT
Last-Modified: Thu, 06 Oct 2022 01:48:33 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PVphTTbaWYhqu85dvgZVqsnO-hWl58LKr0ioBbcw50D1U9Y-D0CfMQ==
Age: 5128
pogothere.xyz/
172.64.107.19200 OK 130 B IP 172.64.107.19:0
File type ASCII text, with no line terminators
Hash a1234bd5b0b6f15bb1e710f66fb9131f
6d26d3eafb80c29326cbd33de4297d6ec6fa34dd
866badd81b2e704cf7bf41969af61b249432ed6f573a7e4b335828545d73ef36
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: text/plain
set-cookie: csu=824908366002459@1@1665026041; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81WRhQQJS6T%2FNq0faPh1ZWjeQsA9UobFRpIJa1tfv7fkGSH9tAzFqtO2q8ycGKxG1cb5PeUyhy%2BUk3t1Q2Cy2wxixJ59OsHUJO5LgOx%2Fs4A0isY1cHRrx9iNEl31rGFC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b3974bedc732c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache
etag: "1241a12-3fca8-5cf4eee137dd8"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 80538
cache-control: max-age=88503
expires: Fri, 07 Oct 2022 03:49:04 GMT
date: Thu, 06 Oct 2022 03:14:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 0b58effab9f30078a0ab3443b8f031c9
8724eaec08e2a5dd11d8954efdc640a229668299
a5f48cdd7ba5202efd31b52f6470d2bbe4ddbf44ce9ca04f5550aa3a4bfb2839
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
set-cookie: uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; expires=Sun, 03 Oct 2032 03:14:01 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 12f8e1f64bfbef5b5d4a68f554556ef7
0e41ce09b1003ddbc1da39166d752c7b62646b91
60b7a5732f0a14b7779788f03122280be77d71017fcb469db90915fefad8499e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Last-Modified: Thu, 06 Oct 2022 02:02:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
supertruco.com/icon.svg
192.0.78.218200 OK 2.0 kB IP 192.0.78.218:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e700f114d6908533e2256a49ff5ffe50
56267210f3543c0d396b136903eb0d1e82a0b9f2
ca5877750b579782ab48585cee8e2f65b2abf6a77bbb86f47e9c5f26a380d40c
GET /icon.svg HTTP/1.1
Host: supertruco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: image/svg+xml
strict-transport-security: max-age=31536000
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
vary: Accept-Encoding
etag: W/"630e2208-102b"
expires: Thu, 13 Oct 2022 03:14:01 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 61ae6934ee47263b9eda9dd080815f9f
3d4f2df2249f1da1f62adf3d554d2722a9224de1
14c120ba267cb3c7f45e81afb8e363e545248601f0575614936db327ce8dcb18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5834
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:01 GMT
Last-Modified: Thu, 06 Oct 2022 01:36:47 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
313 B IP :0
Hash 61ae6934ee47263b9eda9dd080815f9f
3d4f2df2249f1da1f62adf3d554d2722a9224de1
14c120ba267cb3c7f45e81afb8e363e545248601f0575614936db327ce8dcb18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 947
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
date: Thu, 06 Oct 2022 03:14:01 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.12200 OK 42 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 821c8141b8f7c192072ca7730d09e6ec
85f9a621087ac2a6c7ecad3f3c245d89003b987c
dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 554
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 06 Oct 2022 03:14:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
AN-X-Request-Uuid: 0241e4d4-86a1-452f-81ae-fdf38a8ae638
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 1.7 kB URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash 6979a3e933e87e533a227309a5ce5b7e
6989520978d7ba2501633ae3c4cdfb45450a2b6a
428bf8f864467c80a7f1373b536b192bbbfd9635cfc96ad6db6b340069c7dbc4
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 946
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
date: Thu, 06 Oct 2022 03:14:01 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.12200 OK 42 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 821c8141b8f7c192072ca7730d09e6ec
85f9a621087ac2a6c7ecad3f3c245d89003b987c
dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 554
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 06 Oct 2022 03:14:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
AN-X-Request-Uuid: 833a1251-2c84-4375-a950-372a58167365
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=34119742750&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=34119742750&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=34119742750&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 407
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:01 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://shrinke.me
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
assurednesssalesmanmaud.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 assurednesssalesmanmaud.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27004), with no line terminators
Hash ce13f3f1715dc538ad8a859f0138a39f
ff9e92d71c4c4a33f8c68b89cc680eb2f7d42b8a
551e7f9fb063c4e0144b0ce9a0c9e28942261a5655caef8a1b176c9f2db6d9e0
Analyzer Verdict Alert quad9 Sinkholed
GET /2b7825b40010ad17ac7b5777c664449c/invoke.js HTTP/1.1
Host: assurednesssalesmanmaud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63d4252d4b3d048188b525b9b678042b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
oblongseller.com/7f/be/21/7fbe21196a9f67678de4540ff58299fd.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 oblongseller.com/7f/be/21/7fbe21196a9f67678de4540ff58299fd.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 37bdb4e41f6f48ef542c0eb4c7c3fc6a
e9553dd85091ffcf816fd1b5193c3383734383e7
d0b792f17bb462b867942d1b5338af4f63a707ec893b4f64310a6ff19867e4d2
Analyzer Verdict Alert quad9 Sinkholed
GET /7f/be/21/7fbe21196a9f67678de4540ff58299fd.js HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 612d416f8de805857cd890a60fc279f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
assurednesssalesmanmaud.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
192.243.59.20200 OK 27 kB URL HTTP/1.1 assurednesssalesmanmaud.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash 4fe3adac3a2b88cd5aabd01a1f5dc311
2dbac53fcde7d28838359bd16b616a29ea75c6dd
bc1aa597816c368356a061cc0110bb8c7d1f8bf95765b015b5a0d68c17b11fbf
Analyzer Verdict Alert quad9 Sinkholed
GET /2b7825b40010ad17ac7b5777c664449c/invoke.js HTTP/1.1
Host: assurednesssalesmanmaud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d4fd071d6e2139c065546804098c7a4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 18284
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 83273
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd01f7b66-89c0-43ce-9112-070cecb5494f.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd01f7b66-89c0-43ce-9112-070cecb5494f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eae1d44a08429370e7bcd958c71eef9a
29f8f68b3af46088cc038bd60506e05c36748b03
aad370036075693a2b3a2a9e45e739b26b45e4505f1ccce664b18d51a1dcfd94
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd01f7b66-89c0-43ce-9112-070cecb5494f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7685
x-amzn-requestid: f344b3ac-0875-4231-97cf-355dc99b31d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPsvGbvoAMFe8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df984-0ee9c3251d3e7b7f1e8a632e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jI5fOEUmO7FnY4W28kxRc2RSpo-vHYTz4gCbg_FEzhnGNqFTU8P9tQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:21 GMT
age: 18941
etag: "29f8f68b3af46088cc038bd60506e05c36748b03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 20074
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 9277cb4ade0b913c244202440f6f675d
07a2e4f0d41fab440b06f620e7b77b08fedd3091
426c492c9f0e6c9a8c4319d7c9a443f11cc10451a776f57d6ad5f261a39182a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 20216
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00e43396123462b87cf3d3592dd71f02
8c895a5716462c161f98637053cac4469eaaea33
2fc70d34c11b2fc338714930bdf6efa14a1c3d4d7560a43061aea41c83ec4d2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10390
x-amzn-requestid: 3a01001b-3f8a-4118-9cce-af68e92b78bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjP2EEV4oAMFcqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df9c0-254f65637b3d98f8268fe321;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:40:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: ZemQhvOGChopa_bsi6lNCPY0nNsICABg9vAsWBCkPJFv8oz7TyOGBA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:49:35 GMT
age: 19467
etag: "8c895a5716462c161f98637053cac4469eaaea33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d0ba78f5a228d695a2d97193d0f02ae
512351a2d3b37036a87b5b1db3b7df228bbefbe9
cd52238f78ddd4f34e74e108ad366b0381c376d15a6f6ab565b1d5f37e986738
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CD52238F78DDD4F34E74E108AD366B0381C376D15A6F6AB565B1D5F37E986738"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2566
Expires: Thu, 06 Oct 2022 03:56:48 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
oblongseller.com/sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
192.243.59.20200 OK 3.2 kB URL HTTP/1.1 oblongseller.com/sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5817), with no line terminators
Hash 7a2f9de759298cac292d76d91febdff9
b3711dc52ccf404a1d33a83c746e7f70d40186de
616e32685bc989b34a5e46e7055f5012989963bfb35036bdc559b2d3910ed7bf
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15296127; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; expires=Thu, 13 Oct 2022 03:14:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
uncs=1; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
slec1844b8e470c024a415cff51a0843d71c=[3364848]; expires=Thu, 06 Oct 2022 03:14:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8943cfaca898bb686be0fac8702f586
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d0ba78f5a228d695a2d97193d0f02ae
512351a2d3b37036a87b5b1db3b7df228bbefbe9
cd52238f78ddd4f34e74e108ad366b0381c376d15a6f6ab565b1d5f37e986738
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CD52238F78DDD4F34E74E108AD366B0381C376D15A6F6AB565B1D5F37E986738"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2566
Expires: Thu, 06 Oct 2022 03:56:48 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0597a5e98092de15ca6f20d0f8454d5
e7261e87a8606fbbe8712526e5fbe9fb21417afd
93b3a37060323cd1dbf941510cb60124e6f2b302d254b8a479a398066be9b67e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5843
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:02 GMT
Last-Modified: Thu, 06 Oct 2022 01:36:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1665026042554%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t42geql69e1nex2q0pzl%22%7D
52.57.189.215200 OK 2 B URL HTTP/2 audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1665026042554%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t42geql69e1nex2q0pzl%22%7D
IP 52.57.189.215:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1665026042554%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t42geql69e1nex2q0pzl%22%7D HTTP/1.1
Host: audit-tcfv2.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1988ae904423057955a94f0c2c721764
e567a74b65388dd3172c0cd4c857684f5c259d85
56de00174c131b67601709df7d4786a7d666b04c13d851139baa6c1c9b63937d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DE00174C131B67601709DF7D4786A7D666B04C13D851139BAA6C1C9B63937D"
Last-Modified: Wed, 05 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Thu, 06 Oct 2022 04:28:53 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
oblongseller.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3uzhCzl9JRcFdRAPCu5s10xPz4wBgzFuCG5%2BkCjRk1ZXVc%2BWU93VVHVPT%2FagwaDkOPkPet%2FsZkkMouDVILOBHBaEHU97cO%2FeFGEP4kFmsjj6uXze6%2FcO7%2FO6vtoqjoiPgh1euGw2ldZstVX3a699SOnZ2rpKi2Ft2Ak%2FDoOzNTt4sxvW%2FddrFyXvm9WGT32f%2BrS2pqyMzXB1JkJlj7q03vXrQaNOWwGG9r%2FcFR4c8yAGR%2BQ5KDFdfuKdgeITpMm3F6Tr5yZ7492k0Cw3FgOx%2B0HaT02ZIlnA2HqI090TN4w7WHsMk%2B7M48IM%2FjFGakq8p48RpbsnIRENtuc5Iw2ZIhKnUQ4mkHoCxSbg5g6UOCAAF7hyFWly%2F4qxJbv1TGUzdUqWj%2F%2BAKqdk%2BZczSJNvzms1rN0wusiVSR2GcQU1nED1JsiKPeSbS1DlHnj%2BBZT4iaweryNNtq86baDE4asxa%2Fpho0tXpIzZShDS5kokfbEiaaspg5B2uWzPC1JqAhVPoOUIzC2hcB4K5aGIPRSZh0Qc1jiltO0LzvxOl%2FOmaMsoFD5l7Zgy6ocdFHx2wwh5NgLXI3B7G5m9jb66d0CPYIsf4TYqOOHB5QQDUaGUBKUjKBlBqQjKnKAcVDtCu4ar7gvtioie7MbJblZjk%2Fe22I7JezIlW9kR%2Bf%2B8u1%2Fjz9GXhzXaCYKoI4O2z%2F1GwALa4nHcoszvBE3RphxOVVBuCcx52FRTsvTyaWRqSsjxR4jYHpzeA1evgBUvgpXjdsMH2xgHHR%2Bb6UO3YVXal%2FVEQpgKWb6M%2FJa3pY%2FI8%2FMUzZu%2FQfL9c59El6e%2FP%2FgL3FbIbIVP1ROCnr47vm5Ksn3dlI58dzXLVaI22ezv3shZLk89fE%2FeKo0Vly640YO3%2BUyYwUfvS5evs1SotOfI1%2BeVENKuGcsl%2BeGSuymja4XbOF%2FYtMjWr72zdinJrHROmXQCNjvs6T64mpL%2Ffb8zf7gvfPkZlJ3AFhWSYp%2BcDJTZA89uw2WL%2FM6cgtULT5R5KItqbBvR4qNWBFouOIsquH%2FxaIG33F307Etg%2BR2kSYWBrTDQFZgewRWnxnlm98%2F93JwPIu2NI2297Uhbfe9ZuU4d1trNps%2FCbou220y2o6DRiUMqGGsEYSMMWRO5m%2FK3Lv75NwAAAP%2F%2FAQAA%2F%2F99CQvNgwQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 oblongseller.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3uzhCzl9JRcFdRAPCu5s10xPz4wBgzFuCG5%2BkCjRk1ZXVc%2BWU93VVHVPT%2FagwaDkOPkPet%2FsZkkMouDVILOBHBaEHU97cO%2FeFGEP4kFmsjj6uXze6%2FcO7%2FO6vtoqjoiPgh1euGw2ldZstVX3a699SOnZ2rpKi2Ft2Ak%2FDoOzNTt4sxvW%2FddrFyXvm9WGT32f%2BrS2pqyMzXB1JkJlj7q03vXrQaNOWwGG9r%2FcFR4c8yAGR%2BQ5KDFdfuKdgeITpMm3F6Tr5yZ7492k0Cw3FgOx%2B0HaT02ZIlnA2HqI090TN4w7WHsMk%2B7M48IM%2FjFGakq8p48RpbsnIRENtuc5Iw2ZIhKnUQ4mkHoCxSbg5g6UOCAAF7hyFWly%2F4qxJbv1TGUzdUqWj%2F%2BAKqdk%2BZczSJNvzms1rN0wusiVSR2GcQU1nED1JsiKPeSbS1DlHnj%2BBZT4iaweryNNtq86baDE4asxa%2Fpho0tXpIzZShDS5kokfbEiaaspg5B2uWzPC1JqAhVPoOUIzC2hcB4K5aGIPRSZh0Qc1jiltO0LzvxOl%2FOmaMsoFD5l7Zgy6ocdFHx2wwh5NgLXI3B7G5m9jb66d0CPYIsf4TYqOOHB5QQDUaGUBKUjKBlBqQjKnKAcVDtCu4ar7gvtioie7MbJblZjk%2Fe22I7JezIlW9kR%2Bf%2B8u1%2Fjz9GXhzXaCYKoI4O2z%2F1GwALa4nHcoszvBE3RphxOVVBuCcx52FRTsvTyaWRqSsjxR4jYHpzeA1evgBUvgpXjdsMH2xgHHR%2Bb6UO3YVXal%2FVEQpgKWb6M%2FJa3pY%2FI8%2FMUzZu%2FQfL9c59El6e%2FP%2FgL3FbIbIVP1ROCnr47vm5Ksn3dlI58dzXLVaI22ezv3shZLk89fE%2FeKo0Vly640YO3%2BUyYwUfvS5evs1SotOfI1%2BeVENKuGcsl%2BeGSuymja4XbOF%2FYtMjWr72zdinJrHROmXQCNjvs6T64mpL%2Ffb8zf7gvfPkZlJ3AFhWSYp%2BcDJTZA89uw2WL%2FM6cgtULT5R5KItqbBvR4qNWBFouOIsquH%2FxaIG33F307Etg%2BR2kSYWBrTDQFZgewRWnxnlm98%2F93JwPIu2NI2297Uhbfe9ZuU4d1trNps%2FCbou220y2o6DRiUMqGGsEYSMMWRO5m%2FK3Lv75NwAAAP%2F%2FAQAA%2F%2F99CQvNgwQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3uzhCzl9JRcFdRAPCu5s10xPz4wBgzFuCG5%2BkCjRk1ZXVc%2BWU93VVHVPT%2FagwaDkOPkPet%2FsZkkMouDVILOBHBaEHU97cO%2FeFGEP4kFmsjj6uXze6%2FcO7%2FO6vtoqjoiPgh1euGw2ldZstVX3a699SOnZ2rpKi2Ft2Ak%2FDoOzNTt4sxvW%2FddrFyXvm9WGT32f%2BrS2pqyMzXB1JkJlj7q03vXrQaNOWwGG9r%2FcFR4c8yAGR%2BQ5KDFdfuKdgeITpMm3F6Tr5yZ7492k0Cw3FgOx%2B0HaT02ZIlnA2HqI090TN4w7WHsMk%2B7M48IM%2FjFGakq8p48RpbsnIRENtuc5Iw2ZIhKnUQ4mkHoCxSbg5g6UOCAAF7hyFWly%2F4qxJbv1TGUzdUqWj%2F%2BAKqdk%2BZczSJNvzms1rN0wusiVSR2GcQU1nED1JsiKPeSbS1DlHnj%2BBZT4iaweryNNtq86baDE4asxa%2Fpho0tXpIzZShDS5kokfbEiaaspg5B2uWzPC1JqAhVPoOUIzC2hcB4K5aGIPRSZh0Qc1jiltO0LzvxOl%2FOmaMsoFD5l7Zgy6ocdFHx2wwh5NgLXI3B7G5m9jb66d0CPYIsf4TYqOOHB5QQDUaGUBKUjKBlBqQjKnKAcVDtCu4ar7gvtioie7MbJblZjk%2Fe22I7JezIlW9kR%2Bf%2B8u1%2Fjz9GXhzXaCYKoI4O2z%2F1GwALa4nHcoszvBE3RphxOVVBuCcx52FRTsvTyaWRqSsjxR4jYHpzeA1evgBUvgpXjdsMH2xgHHR%2Bb6UO3YVXal%2FVEQpgKWb6M%2FJa3pY%2FI8%2FMUzZu%2FQfL9c59El6e%2FP%2FgL3FbIbIVP1ROCnr47vm5Ksn3dlI58dzXLVaI22ezv3shZLk89fE%2FeKo0Vly640YO3%2BUyYwUfvS5evs1SotOfI1%2BeVENKuGcsl%2BeGSuymja4XbOF%2FYtMjWr72zdinJrHROmXQCNjvs6T64mpL%2Ffb8zf7gvfPkZlJ3AFhWSYp%2BcDJTZA89uw2WL%2FM6cgtULT5R5KItqbBvR4qNWBFouOIsquH%2FxaIG33F307Etg%2BR2kSYWBrTDQFZgewRWnxnlm98%2F93JwPIu2NI2297Uhbfe9ZuU4d1trNps%2FCbou220y2o6DRiUMqGGsEYSMMWRO5m%2FK3Lv75NwAAAP%2F%2FAQAA%2F%2F99CQvNgwQAAA%3D%3D HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e025eb7c77ff8ec7defcf61d9926d411
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2974
Expires: Thu, 06 Oct 2022 04:03:36 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13c1c13fd415d6c06418656d4117fbe4
8ac6f8c7087545261947a98d4505ad023dc98d21
9f4c5bcbaeffb1b14cc0f712e235eb725b76e3bca0398704496c120e6b24f3fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F4C5BCBAEFFB1B14CC0F712E235EB725B76E3BCA0398704496C120E6B24F3FD"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1909
Expires: Thu, 06 Oct 2022 03:45:51 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2974
Expires: Thu, 06 Oct 2022 04:03:36 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=50
192.243.59.20200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=50
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=50 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
addresseepaper.com/sfp.js
172.64.192.5200 OK 34 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.192.5:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 9fbfafbd4c53b784403c459581a69e96
90a7e53839919d98333fe60141dafe5c6155c6d2
cd25042e1ce4a6848b9e36f746f930ae88f53c4d47b8cf15df8c6d4416b0e93c
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 892d489ee7b1702106303c4de25a9cd7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 06 Oct 2022 03:14:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnlJBDKik%2BzS1h0k8NNTgTKud6AYELyTcs%2BZFCLlWac6MX6lb%2BoSg0Ebcs3kWXdDHoQMcdMXhy3GCqFdmFDDKz3FPRm6yiTX%2Bh5PUGeSciMjrtj6w2B73vlHBz5pqA7WqQkyKl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397d29ec7753-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
172.64.201.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP 172.64.201.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5504976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOyONfTIa6eFi1Y46lPGSshCdKerZE9Ecpe%2BeCieCdOuVz%2FZPBe3rw%2FAr475PIfnhNxOSbSPUW6vDkTrIc0sCk2PM2cM89mgosl7ByDbl8dXihT3mr6fhyBpHa%2B4EjPbMIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397fcf757792-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 31d506d575b0ebb4ee02d205ba830a82
6dad4ab2bbefba5afa28eaf4291331da2db263f8
6611a859329ef30f03bdc2e5592490888e56ea18320c3fb253ae7772cd728490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1623
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:02 GMT
Last-Modified: Thu, 06 Oct 2022 02:46:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 314
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
172.64.201.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP 172.64.201.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5504976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwT5ZeJ655PtTL%2BrgHxvI8nMQ8%2BdBJEkRJNpd4kCCnP0eVmt%2FJnpeIokRt%2B8J6hA5i0ilY6m5op4cKiGVu34c8YFvSgKFvO65eaDDlp4Bfncdgvgfe43z%2B%2BQNtOYkCA2SMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397fdf7b7792-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 31d506d575b0ebb4ee02d205ba830a82
6dad4ab2bbefba5afa28eaf4291331da2db263f8
6611a859329ef30f03bdc2e5592490888e56ea18320c3fb253ae7772cd728490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1621
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:02 GMT
Last-Modified: Thu, 06 Oct 2022 02:47:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
172.64.201.2200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP 172.64.201.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5504976
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xgg%2B5MWfyYuchWDGiMETxUsQAIeqHi%2BpfUk4IaywMo4paFIJe%2BHXq6RpgJ8ta3Hh%2Fbj6X9LnWwd8tfnvTv1YAzx8C1AuHkPJTt7Zp%2FpfA2Qqac5%2B2jq1e9%2F7%2BF833GzoQB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397fdf7d7792-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2974
Expires: Thu, 06 Oct 2022 04:03:36 GMT
Date: Thu, 06 Oct 2022 03:14:02 GMT
Connection: keep-alive
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=119
192.243.59.20200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=119
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=119 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=122
192.243.59.20200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=122
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=122 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.profitabledisplaycontent.com/watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1&shu=cdafe29a4c89a89b067d3a0b27c3a84851798145cdc3021158e4c3273effce5cdc11f2f145ae5da3be0b259a5e50e9482f13fbba85c0ac5ad8a54bdda51b3c191cdd88b93d86167de58f0ab3fc62683e810032ff&pst=1665026102&rmtc=t
Set-Cookie: u_pl=15023978; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Nocmlua2UubWUvIn19.W32xTES9SqWMOxQz2tE9UkeyhOv1JnCrNkijZcozaUI; expires=Thu, 06 Oct 2022 03:15:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f28871fecaec16449ff0ee9b58b4fbd
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.574840179197.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.574840179197.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.574840179197.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.574840179197.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1&shu=722c4e6dfda2cb38450463034d0563cb143f8427b70ad46a8b166acb8975e0d5e54d7986916c5b8e9a8d98a2f8f88bed079b663252705cf15c590f1df01fc859fce0b8d5ce7335939889c8a39053a83591f444f5&pst=1665026102&rmtc=t
Set-Cookie: u_pl=15023978; expires=Fri, 07 Oct 2022 03:14:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Nocmlua2UubWUvIn19.W32xTES9SqWMOxQz2tE9UkeyhOv1JnCrNkijZcozaUI; expires=Thu, 06 Oct 2022 03:15:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8f087db67f525b84d54c4b4f5fe5b6b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e2f6155cd2336caaeaf0e6041a31652
0649f2daff3524149f877008d8276d9d7bd03599
d2b84f46aeeab6185f788a69c227c7557640ebf3de0323f2781d05770e198ad5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2B84F46AEEAB6185F788A69C227C7557640EBF3DE0323F2781D05770E198AD5"
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14980
Expires: Thu, 06 Oct 2022 07:23:43 GMT
Date: Thu, 06 Oct 2022 03:14:03 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
172.64.201.2200 OK 317 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP 172.64.201.2:0
Hash 4761ad2393202bfabef11ba0db779752
f67daa266767f3528ac554901f32ca9b43da00ff
92fdc96ed03a7abaff8750ca48f8f19cd769784927289cbd2544b9c642acf55c
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5452509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruIHHtEv8f2OA%2FmdK5B6SnMr04KmsNKWvLfdeetmts2ASN01auJuUi0katzRUJjPXQxmBtv8Kv95sbTpCdDFvlVzPrjBjlmQo%2Bj5m9rhdinSv7CpRjELyyttgrKRZZ6NShk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b3980881c7792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 18f904dfda1ca54f8ae15bb275eb8036
cdcc80fcac0ab585e1c664d2f36e7d8743b4a501
3a168085a396d37f9cf5c2daed5445c80274b311c582a21744fe2da95301bd58
GET /2d/a7/03/2da703368f9eb4f6c054328862dc9152.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a881f29e4e8a62c7cbb6f8c82ba47a65
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
172.64.201.2200 OK 34 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP 172.64.201.2:0
File type ASCII text, with very long lines (65451)
Hash c7668d659d427ee9d2e8c9ac9aa2b3db
06f5e33cc2635fa57d479548e1b9a54f66712aca
4e9b857b3a8da41b8282bed363d83bcb5e9e1b52be8d3fd4cb702dc443419d94
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5504976
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnr1JtGOhTaBsJm6sicvqc84%2FzZHuymSs9SMbv3%2FeMrHu33w4%2F%2FHbnp3drVMcDuXV01fxpF3BME92axEW%2BwzLsbZEOEl9s84EI%2Bkz5ZykrKHGoyc5erHeWSnZX6RbsU2oA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397fdf877792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1&shu=cdafe29a4c89a89b067d3a0b27c3a84851798145cdc3021158e4c3273effce5cdc11f2f145ae5da3be0b259a5e50e9482f13fbba85c0ac5ad8a54bdda51b3c191cdd88b93d86167de58f0ab3fc62683e810032ff&pst=1665026102&rmtc=t
192.243.59.20200 OK 2.0 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1&shu=cdafe29a4c89a89b067d3a0b27c3a84851798145cdc3021158e4c3273effce5cdc11f2f145ae5da3be0b259a5e50e9482f13fbba85c0ac5ad8a54bdda51b3c191cdd88b93d86167de58f0ab3fc62683e810032ff&pst=1665026102&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2422)
Hash 1545dd451172eb4b7bb8aa65939c93d0
93c8a0d1ecf2f4c0448d6ae1f73a8236692d202c
b88792875af2e36a55eba87180084dec00941964bf404a68663983de9a1009fc
GET /watch.86788995449.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=r&res=12.31&uuid=fa306291-eefa-4613-be0d-e153e4619ce7%3A2%3A1&shu=cdafe29a4c89a89b067d3a0b27c3a84851798145cdc3021158e4c3273effce5cdc11f2f145ae5da3be0b259a5e50e9482f13fbba85c0ac5ad8a54bdda51b3c191cdd88b93d86167de58f0ab3fc62683e810032ff&pst=1665026102&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Referer: https://shrinke.me/
Connection: keep-alive
Cookie: u_pl=15023978; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Nocmlua2UubWUvIn19.W32xTES9SqWMOxQz2tE9UkeyhOv1JnCrNkijZcozaUI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; expires=Thu, 13 Oct 2022 03:14:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 07 Oct 2022 03:14:03 GMT; secure; SameSite=None
uncs=1; expires=Fri, 07 Oct 2022 03:14:03 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 07 Oct 2022 03:14:03 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 07 Oct 2022 03:14:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74970d2f2888b84a66e54971423e2a06
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b432d15d31b5d01dd8105bfdb26f5742
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash cc49a92c1bd9faa75f18116a61ecc3b8
4699745e9f9857f5fd8c4895fb87e07196c5178c
67d51eace2276992a7915e6775ef919ecceb8ecd0035abd36b862f95aacd236d
GET /2d/a7/03/2da703368f9eb4f6c054328862dc9152.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd6c4653890725d39e9182a2a1b6d8b0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 27595
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 27595
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
172.64.201.2200 OK 2.8 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP 172.64.201.2:0
Hash 1e756fac1e681ca17aaae8c50310440c
de82d2a8bdcee40339210ecc8f328474363124f8
89eceb3fbdc47c80632a3d83870ab39e5555e1357fc9589312db187b9b9bd4fc
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5492775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfsHenComSPL%2BxwkG0Lx5Z%2FpKoOltk3K1DrsyIiQJSjYGVaNwih7zJCVOovasGFsuSHAEBMnHr8LPtSmp%2Fpxlg3tjzFc0hmr9f2DoKImNMkFCBieHyNzXEflksjiWD%2B0xoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397faf477792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8a8eabbf786cb5a63d0f7c053d75bb4
6d27cce266bb760aafdb238a3becc6c1f3743e18
9c9d687aea40edcb5cd6108b670d0e54063243869a0303c185a59fc86a31f9bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C9D687AEA40EDCB5CD6108B670D0E54063243869A0303C185A59FC86A31F9BF"
Last-Modified: Wed, 05 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3812
Expires: Thu, 06 Oct 2022 04:17:35 GMT
Date: Thu, 06 Oct 2022 03:14:03 GMT
Connection: keep-alive
oblongseller.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9L83iC119pRsFdRAXCmby3sybXxYs1poSTJvSKtWV3l9vcp373n3c%2B968SRYaLEqX0%2F%2Fg5UzS0FpEwa1FJoUuAkLGVRZm704RshAXMtPg6GfzOeedszif8%2B5XO%2FkJ8ZHT4yvXzJbSmi43qn7ltQ%2BD4GJlTSX5oDJoNz9uhhcrtv9mp1n1X69clbxnlmt%2B4PuBH1RWlJWRGSxPRaj0USeodvxqWKsGjRAD%2B1%2Fucg%2BOehD9E%2FIclJgsPvEuQPExkvjbK9L1MpO%2B8W6ca5oZi77Y%2FyDpJaZIEM9hZD1Eyf6ZG8YdrTyGSfZmcWH6%2FxiZmhDv6WOwZP8sJFh%2Fd5aTacgETJxH0R9D6jEUHYObO1DiiABc4Po6kvj%2BdWMLuvlMpVN1QhZP%2F4AqJmTxlwtI4m8uazWo3DI6z5RJHAZRCTUYQ3XHSPMDZFsLUMUBePYFlPiJLJ%2BuIYl31502UOL41YjW%2FWatEyxJGdGlsBnUl5j0xZIMGnUZNoMOl61ZQUqNoaIxtByCugXkzkOuPOSRhzz1EIvjCg%2BCoOULTv12h%2FO6aEnWFH5AW1FAA7%2FZRs6nNwyRpUNwPQS320jtNnrq3lFwApv%2FCLdRwgkPLiPoixKFJCgcQUEJCkVQZARFv9wT2tVceV9ol7PgbNfOdr0cmay7Q%2FdM1pUJ2UlPyP9n3f0afY6ePK4E7TBkbRm2fO7XQhoGDR5FjYD67bAuWgGHUyWUWwB1HrbUhCy8fB6pmhBy%2BhEYPYDTB%2BDqFdD8RdBi1Kr5oBujsO1jK3noNqxKerIaSwhTIs0WkW16O%2FqEPD9LUb%2F9GyQ%2FvPQJuzb5%2FcFf4LZEakt8qp4QdPXd0U1TkN2bpnDku%2FU0U7HaotO%2FeyujmTz38D25WRgrVq%2B44YO3%2BVSYwkfvS5et0USopOvI15eVENKuGMsl%2BWHV3ZbsRu42Luc2ydO1G%2B%2BsrMaplc4pk4xBp4c9PQRXE%2FK%2F7%2FdmD%2FeFLz%2BDsmPYvEScH5KzgTIH4Ok2XDrP78w5WD33sNRDkZcjW2Pzj1oRaDnnlJVw%2F%2BJsjnfcXXTtS6DZHSRxib4t0dclqB7C5edGWWoPL%2F1cnw2Y9kZMW2%2BXaavvPSvXqeNK3RctJiPZYjJshJHkgjUazOcRZ3XRbnNkbsLfuvrn3wAAAP%2F%2FAQAA%2F%2F%2F93d4lgwQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 oblongseller.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9L83iC119pRsFdRAXCmby3sybXxYs1poSTJvSKtWV3l9vcp373n3c%2B968SRYaLEqX0%2F%2Fg5UzS0FpEwa1FJoUuAkLGVRZm704RshAXMtPg6GfzOeedszif8%2B5XO%2FkJ8ZHT4yvXzJbSmi43qn7ltQ%2BD4GJlTSX5oDJoNz9uhhcrtv9mp1n1X69clbxnlmt%2B4PuBH1RWlJWRGSxPRaj0USeodvxqWKsGjRAD%2B1%2Fucg%2BOehD9E%2FIclJgsPvEuQPExkvjbK9L1MpO%2B8W6ca5oZi77Y%2FyDpJaZIEM9hZD1Eyf6ZG8YdrTyGSfZmcWH6%2FxiZmhDv6WOwZP8sJFh%2Fd5aTacgETJxH0R9D6jEUHYObO1DiiABc4Po6kvj%2BdWMLuvlMpVN1QhZP%2F4AqJmTxlwtI4m8uazWo3DI6z5RJHAZRCTUYQ3XHSPMDZFsLUMUBePYFlPiJLJ%2BuIYl31502UOL41YjW%2FWatEyxJGdGlsBnUl5j0xZIMGnUZNoMOl61ZQUqNoaIxtByCugXkzkOuPOSRhzz1EIvjCg%2BCoOULTv12h%2FO6aEnWFH5AW1FAA7%2FZRs6nNwyRpUNwPQS320jtNnrq3lFwApv%2FCLdRwgkPLiPoixKFJCgcQUEJCkVQZARFv9wT2tVceV9ol7PgbNfOdr0cmay7Q%2FdM1pUJ2UlPyP9n3f0afY6ePK4E7TBkbRm2fO7XQhoGDR5FjYD67bAuWgGHUyWUWwB1HrbUhCy8fB6pmhBy%2BhEYPYDTB%2BDqFdD8RdBi1Kr5oBujsO1jK3noNqxKerIaSwhTIs0WkW16O%2FqEPD9LUb%2F9GyQ%2FvPQJuzb5%2FcFf4LZEakt8qp4QdPXd0U1TkN2bpnDku%2FU0U7HaotO%2FeyujmTz38D25WRgrVq%2B44YO3%2BVSYwkfvS5et0USopOvI15eVENKuGMsl%2BWHV3ZbsRu42Luc2ydO1G%2B%2BsrMaplc4pk4xBp4c9PQRXE%2FK%2F7%2FdmD%2FeFLz%2BDsmPYvEScH5KzgTIH4Ok2XDrP78w5WD33sNRDkZcjW2Pzj1oRaDnnlJVw%2F%2BJsjnfcXXTtS6DZHSRxib4t0dclqB7C5edGWWoPL%2F1cnw2Y9kZMW2%2BXaavvPSvXqeNK3RctJiPZYjJshJHkgjUazOcRZ3XRbnNkbsLfuvrn3wAAAP%2F%2FAQAA%2F%2F%2F93d4lgwQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9L83iC119pRsFdRAXCmby3sybXxYs1poSTJvSKtWV3l9vcp373n3c%2B968SRYaLEqX0%2F%2Fg5UzS0FpEwa1FJoUuAkLGVRZm704RshAXMtPg6GfzOeedszif8%2B5XO%2FkJ8ZHT4yvXzJbSmi43qn7ltQ%2BD4GJlTSX5oDJoNz9uhhcrtv9mp1n1X69clbxnlmt%2B4PuBH1RWlJWRGSxPRaj0USeodvxqWKsGjRAD%2B1%2Fucg%2BOehD9E%2FIclJgsPvEuQPExkvjbK9L1MpO%2B8W6ca5oZi77Y%2FyDpJaZIEM9hZD1Eyf6ZG8YdrTyGSfZmcWH6%2FxiZmhDv6WOwZP8sJFh%2Fd5aTacgETJxH0R9D6jEUHYObO1DiiABc4Po6kvj%2BdWMLuvlMpVN1QhZP%2F4AqJmTxlwtI4m8uazWo3DI6z5RJHAZRCTUYQ3XHSPMDZFsLUMUBePYFlPiJLJ%2BuIYl31502UOL41YjW%2FWatEyxJGdGlsBnUl5j0xZIMGnUZNoMOl61ZQUqNoaIxtByCugXkzkOuPOSRhzz1EIvjCg%2BCoOULTv12h%2FO6aEnWFH5AW1FAA7%2FZRs6nNwyRpUNwPQS320jtNnrq3lFwApv%2FCLdRwgkPLiPoixKFJCgcQUEJCkVQZARFv9wT2tVceV9ol7PgbNfOdr0cmay7Q%2FdM1pUJ2UlPyP9n3f0afY6ePK4E7TBkbRm2fO7XQhoGDR5FjYD67bAuWgGHUyWUWwB1HrbUhCy8fB6pmhBy%2BhEYPYDTB%2BDqFdD8RdBi1Kr5oBujsO1jK3noNqxKerIaSwhTIs0WkW16O%2FqEPD9LUb%2F9GyQ%2FvPQJuzb5%2FcFf4LZEakt8qp4QdPXd0U1TkN2bpnDku%2FU0U7HaotO%2FeyujmTz38D25WRgrVq%2B44YO3%2BVSYwkfvS5et0USopOvI15eVENKuGMsl%2BWHV3ZbsRu42Luc2ydO1G%2B%2BsrMaplc4pk4xBp4c9PQRXE%2FK%2F7%2FdmD%2FeFLz%2BDsmPYvEScH5KzgTIH4Ok2XDrP78w5WD33sNRDkZcjW2Pzj1oRaDnnlJVw%2F%2BJsjnfcXXTtS6DZHSRxib4t0dclqB7C5edGWWoPL%2F1cnw2Y9kZMW2%2BXaavvPSvXqeNK3RctJiPZYjJshJHkgjUazOcRZ3XRbnNkbsLfuvrn3wAAAP%2F%2FAQAA%2F%2F%2F93d4lgwQAAA%3D%3D HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 953863e4ca1cbe663b927ac82ff85b3d
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/ce/49/8f/ce498fda4d257b5536c0602a97b1b054/1663164642.gif
45.133.44.10200 OK 18 kB URL HTTP/2 cdn.cloudimagesb.com/cti/ce/49/8f/ce498fda4d257b5536c0602a97b1b054/1663164642.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 300 x 250\012- data
Hash b28118fadfb79b2b315fb5ddab219c98
21dc09b7815006f7ac90414117e6d41ef963b04f
1e9cec97d74dbb42ae809f43289239e98ffd9e021a0ec5164536195477690353
GET /cti/ce/49/8f/ce498fda4d257b5536c0602a97b1b054/1663164642.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:03 GMT
content-type: image/gif
content-length: 17764
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:10:50 GMT
etag: "6321e0ea-4564"
expires: Sat, 08 Oct 2022 03:14:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
oblongseller.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 oblongseller.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: oblongseller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=fa306291-eefa-4613-be0d-e153e4619ce7:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1844b8e470c024a415cff51a0843d71c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 66 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
Hash ecd77455b3ae2a3793ee0c83a091ad52
74c47012e3cda036c4199e47ad33e4a8ab199311
edd7448a429a611af41367f3c0a71dd0ca5195d8dda7bcdf29088b19166c5ed8
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:03 GMT
content-type: text/javascript
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
etag: W/"6337ac21-161a8"
expires: Fri, 07 Oct 2022 03:14:03 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55f8ff21697fa5f205f47259160bc61d
81330a76c6f8adf6d2215053178492f6ad21d989
fb62f36cd0a309f6c9d072425fa4f345c7816ff98242332409e3f20976e72b11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB62F36CD0A309F6C9D072425FA4F345C7816FF98242332409E3F20976E72B11"
Last-Modified: Thu, 06 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14910
Expires: Thu, 06 Oct 2022 07:22:33 GMT
Date: Thu, 06 Oct 2022 03:14:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
142.250.74.163200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 22316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 130 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2831)
Size 130 kB (129536 bytes)
Hash 3d0f6d436384df600244a0f2ba1b3e08
e5978d4cf46a61adf7e51db33a0cba5d339abac7
a3028c2c6138f0a5bc21f797cf50a3407a9527521c24b0fbed8bc440c204a4cd
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 129536
date: Thu, 06 Oct 2022 03:14:03 GMT
expires: Thu, 06 Oct 2022 03:14:03 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
negotiationmajestic.com/pixel/purst?dl=0&th=0&sc=0&rs=1622&rd=1622&fd=847&bv=22.8.v.2&tmpl=136
192.243.59.13200 OK 0 B URL HTTP/1.1 negotiationmajestic.com/pixel/purst?dl=0&th=0&sc=0&rs=1622&rd=1622&fd=847&bv=22.8.v.2&tmpl=136
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1622&rd=1622&fd=847&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: negotiationmajestic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&RedC=c.clarity.ms&MXFR=28A85AC6B09563340B3F48F3B4956DEB
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=28A85AC6B09563340B3F48F3B4956DEB; domain=.clarity.ms; expires=Tue, 31-Oct-2023 03:14:03 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 06 Oct 2022 03:14:02 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&gjid=1080993942&_gid=1521570748.1665026041&_u=YEBAAUAAAAAAACAAI~&z=1199851028
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&gjid=1080993942&_gid=1521570748.1665026041&_u=YEBAAUAAAAAAACAAI~&z=1199851028
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&gjid=1080993942&_gid=1521570748.1665026041&_u=YEBAAUAAAAAAACAAI~&z=1199851028 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://shrinke.me
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 03:14:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash faaf8f078863cefd5bc3a018b4c8a31a
02593f7e536f539458a2b0dc557929bf9cd05b2b
f2b8d53d9fff7b9e6e7de4fe5d53a4f03db0e31bc40e03d5c81339a1f4acbdc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2B8D53D9FFF7B9E6E7DE4FE5D53A4F03DB0E31BC40E03D5C81339A1F4ACBDC1"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3605
Expires: Thu, 06 Oct 2022 04:14:08 GMT
Date: Thu, 06 Oct 2022 03:14:03 GMT
Connection: keep-alive
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221006
151.101.85.229200 OK 906 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221006
IP 151.101.85.229:0
File type JSON data\012- , ASCII text, with very long lines (1639), with no line terminators
Hash 7d482b742274156ec240ff1b95d97bc6
e62f7c252ab4097180b936a4d7fee8c76df3a953
cf5b6f31bece347d980696f8237560a254e11e61af0525d1be79ae48b404f735
GET /gh/prebid/currency-file@1/latest.json?date=20221006 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1484
x-jsd-version-type: version
etag: W/"667-ucedWmgPXeOufgsjm6dp7LnAbUs"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 06 Oct 2022 03:14:03 GMT
age: 776
x-served-by: cache-fra19153-FRA, cache-bma1632-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 906
X-Firefox-Spdy: h2
invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=1732&rd=1732&fd=855&bv=22.8.v.2&tmpl=136
173.233.137.36200 OK 0 B URL HTTP/1.1 invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=1732&rd=1732&fd=855&bv=22.8.v.2&tmpl=136
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1732&rd=1732&fd=855&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash a6bfee8498698f2689871af20eadf750
22cd14aa6defc696cdb5796ad8f414246d21357d
a6f8b37137eef3c253c6b57aab1753d9db7f8697652d03c1875f52b5af26c067
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 03:14:03 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8EE0EBD1414E7F1314E3640BAF75D518760FBD9A"
Expires: Thu, 06 Oct 2022 14:00:00 GMT
Last-Modified: Thu, 06 Oct 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 806
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b3986c8cdb4f7-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 159 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
Size 159 kB (159092 bytes)
Hash 0425b1eeffddd6af8afd977b65a00f56
3997b2b27c457e0a1edc9618eccfad4b59a9f2f6
b30fde32eae70893223a8523c1bfabd9f3f250b24931f72f7b648a9199d3c84f
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 444071
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYeMZrPU-qYPA-Pawr-wKBP-taeBwwZMTrrZRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYeMZrPU-qYPA-Pawr-wKBP-taeBwwZMTrrZRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYeMZrPU-qYPA-Pawr-wKBP-taeBwwZMTrrZRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:03 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0UEqQgNzf4GQNk%2BCKrJZi%2FtseROemW2CHksK7eiU%2FIBAuhVubE23%2FiZyiRv4y8cLJajh8d7wN1fdAdWM4KfcNg550yT%2F9vy0Z%2BRbv74I8AXQ0KIq1w1CmyWhjfPY2x5aiCHjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39861a930b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNawKPYKtr-wBBM-PtwU-qqUw-ZBPwBwZBYUYPRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNawKPYKtr-wBBM-PtwU-qqUw-ZBPwBwZBYUYPRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNawKPYKtr-wBBM-PtwU-qqUw-ZBPwBwZBYUYPRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXY9xwCF0D6qf5KCm3i%2B57JGV7m09fF%2B26EHtLutGBEbjsTK2aB%2BGbqmoUBSFZAw9O4UFxRwGdFC%2FUuCafTKvaxxvRXMDWFmLTbddPBOPQDgjC5Fpehd9BgsqKbzJM0kn6W5ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39861a920b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNeMAKtyrw-Awee-PBPZ-MKaM-ZMMPqUwaeZTKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNeMAKtyrw-Awee-PBPZ-MKaM-ZMMPqUwaeZTKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNeMAKtyrw-Awee-PBPZ-MKaM-ZMMPqUwaeZTKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eEFpG7z%2FgTut2x9EZXtusOcshD2DIOwwEpdtnLN7IJfXnnno8tLFDEP8fxDH2mYt2PyU9%2BUgtyPnvvUSxxak5kAZgWG2b7iKzTQf9dqsXUU8hsupY10EZwA%2BLDCRLiIU0SWdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39861a970b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZaTttaMM-rAyM-PUZZ-wKUe-AaYTZraBMBTZRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZaTttaMM-rAyM-PUZZ-wKUe-AaYTZraBMBTZRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZaTttaMM-rAyM-PUZZ-wKUe-AaYTZraBMBTZRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsLYBkqhoiFkBkXvbTYP65eMYvh%2BeoSwWR9Kh7WBYKIAw16C2OLre6jfqZ0uNfGPCmk90C29ZQsElATFxLLbHhGyoudulx9Om572aLYuaBh4BfjoOsb31WeT8jvKpOBhKaHrOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39862a9e0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNewKTqKre-AwKt-PAUr-wtey-wUqPUYYYAKMaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNewKTqKre-AwKt-PAUr-wtey-wUqPUYYYAKMaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNewKTqKre-AwKt-PAUr-wtey-wUqPUYYYAKMaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ56IriL0f%2BtMWHsmE12wTeMLMZ94GXvRj41qRGGaa87ZvOXBg3VmL40c7ai%2Fn1Ux%2BskRXDUyT38JShE8CuD5fqs83TdV55eSofakKiCSYxVZTHPY1LyJY2NoCzMNX1ItzfMgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39862a9d0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKeeAtZKY-AUrY-PaTy-MqaP-YTPYqytwKMqrRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKeeAtZKY-AUrY-PaTy-MqaP-YTPYqytwKMqrRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKeeAtZKY-AUrY-PaTy-MqaP-YTPYqytwKMqrRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 03:14:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMb8GNcO7b%2BGQwmAsxs%2FLjPT%2BCdUDZYGpXEhj943BTmq91R33nbSC%2FSL4BVhsj6zgxXKcdBfbbo2oYgd7S%2BQ9AfLdeqkWFambIiGjwXf%2BKBrseFYmkZYPDY4c8MaFG08zhIetg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b39862a980b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f650b518803a28528742d5e3f14d7b7
33caa4abc9c7a4b636461ed82f035998d0772879
4009fd461c4d546193567836012dd1ace473b359af901e4ebee72571ce4405de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4009FD461C4D546193567836012DD1ACE473B359AF901E4EBEE72571CE4405DE"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3288
Expires: Thu, 06 Oct 2022 04:08:52 GMT
Date: Thu, 06 Oct 2022 03:14:04 GMT
Connection: keep-alive
id5-sync.com/g/v2/806.json
162.19.138.116200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fa2c1b4abfe9cf1dbf52fc6b615a5209
d60e19beecd5dcce11b042905187930d67cf340a
eae3945397ccd6060f29787346435a1fde425391287fb1015b955bd3a05a9a0b
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 06 Oct 2022 03:14:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/806.json
162.19.138.116200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 52f9539370a83859080151b6ff0d53f3
33f0bd9ab3a0182bcd6131a7f12038f52f9efa00
6ec23e79610a519eecdc04ff59e6f416c394c22c44c4c9621a5333bf7668230d
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 06 Oct 2022 03:14:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash ad13ea5f87e7bd492488083a2ed7d202
303ae77e52a26fecc1e9e0e83b93956cf86d53d3
7c6a2ad6955b3d4982f93603e3b743026603fa35a8ca74a20c1bbc42c3e57600
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:40:24 GMT
ETag: "303ae77e52a26fecc1e9e0e83b93956cf86d53d3"
Last-Modified: Thu, 06 Oct 2022 00:40:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2373
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b3987b93fb4f7-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash ad13ea5f87e7bd492488083a2ed7d202
303ae77e52a26fecc1e9e0e83b93956cf86d53d3
7c6a2ad6955b3d4982f93603e3b743026603fa35a8ca74a20c1bbc42c3e57600
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:40:24 GMT
ETag: "303ae77e52a26fecc1e9e0e83b93956cf86d53d3"
Last-Modified: Thu, 06 Oct 2022 00:40:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2373
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b3987c842b4f9-OSL
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
54.230.111.210204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
IP 54.230.111.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 06 Oct 2022 01:51:20 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F1WsOPtKHjLP34_a7yZ9y0KUAzRdYRpRcEY_MmvTtTAKMF-3BzvnAQ==
age: 4963
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
3.33.220.150200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 3.33.220.150:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f6a0296613d8af230eed45c987d6b942
4b123166493ca00a995cf4a9f64afdd8ab963626
f92674cdc04cee08a6673009849b2fd03b1c67a7e8c08a60241ebc34b06abd84
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sat, 05 Nov 2022 03:14:04 GMT
vary: Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
3.33.220.150200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 3.33.220.150:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ec784bc8873fa2ecd8648d14a23810bf
09493f6591c4b120c35014e675ed2c99316efb52
4c6332f6dd2f0844c19b505e6d5ee691a1dee9329a7a4157341d49e72c902919
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sat, 05 Nov 2022 03:14:03 GMT
vary: Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ae06e2d7629522904aa1fb22cde88cd5
e87dd0ae2f6b44e3f69699d3874b0a1e0ce82b73
dc12fa90f55957715e38a2d38f6f2ad8a96f3b433075b1a6f4856e9c66a88d67
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 00:05:13 GMT
Expires: Fri, 07 Oct 2022 00:05:13 GMT
ETag: "e87dd0ae2f6b44e3f69699d3874b0a1e0ce82b73"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ae06e2d7629522904aa1fb22cde88cd5
e87dd0ae2f6b44e3f69699d3874b0a1e0ce82b73
dc12fa90f55957715e38a2d38f6f2ad8a96f3b433075b1a6f4856e9c66a88d67
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 00:05:13 GMT
Expires: Fri, 07 Oct 2022 00:05:13 GMT
ETag: "e87dd0ae2f6b44e3f69699d3874b0a1e0ce82b73"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 03:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=2127350948.1665026041&jid=586178987&_u=YEBAAUAAAAAAACAAI~&z=820192232 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 03:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&RedC=c.clarity.ms&MXFR=28A85AC6B09563340B3F48F3B4956DEB
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&RedC=c.clarity.ms&MXFR=28A85AC6B09563340B3F48F3B4956DEB
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&RedC=c.clarity.ms&MXFR=28A85AC6B09563340B3F48F3B4956DEB HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&MUID=28B18F4E58466AFD245A9D7B59B36B0D
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=28B18F4E58466AFD245A9D7B59B36B0D; domain=c.bing.com; expires=Tue, 31-Oct-2023 03:14:04 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E076662E60746BE85C797051057EDAF Ref B: OSL30EDGE0206 Ref C: 2022-10-06T03:14:04Z
date: Thu, 06 Oct 2022 03:14:04 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=555528,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b39874904b4f7-OSL
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=2&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=2&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash a825e31d18f2ff5845d245fed741e9f1
6e196f0b42376389ae1cc16e8f2d0c886940fad7
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=2&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Thu, 06 Oct 2022 03:14:04 GMT
x-amz-rid: J1K26ENN2835GAQTDMZZ
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oMsxPY8dzRJcqQhehRcYoYl2-hKzo2zKjYrw4Lw3qUv4o6HaJvbp-g==
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Thu, 06 Oct 2022 03:14:04 GMT
x-amz-rid: AV5P3W0GMQZC7Z7ARDE8
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9wJehbDzCI0sxvDZvUQ3NVTPucjUCkM_F-sfHoXfZFU88gnpnXseQA==
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=1&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=1&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash 39fc3d21236e89707a548e7ff802c026
7409f920c8a197c7327b89334b5d1977f0636cef
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=1&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Thu, 06 Oct 2022 03:14:04 GMT
x-amz-rid: XQM5Z1GRWTGH5RXYQA6J
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iry6Cy3gmspb8g3NvUVlJJlOZI1LzjVsiID0CrMjwM7Y3-a012FTrQ==
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=3&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=3&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash f846ebe7331bdf57ae5b65acb42c5f30
1ee6057e835c893700196579f26fdcd92b084b4f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FY3s4tx&pid=YnnfhiVzDrGXl&cb=3&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Thu, 06 Oct 2022 03:14:04 GMT
x-amz-rid: 110BNBNBHWRCW1MAYS1T
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m3EH4b5_t1DKibuaeVA4ehVJvEV5PB12sdZnshBskM_kLCV9T5ZCLQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.crwdcntrl.net/id
52.30.246.43200 OK 63 B IP 52.30.246.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 46a8ec13aa7ee5a7e5225fa5c1e7b79a
e72fc545819c74296ca5caedcbadeab1b30ba9a9
c7e4ec1bfd1e289b05ab6998aedc849558d487dde111742f951e393caf6c918f
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.10.148
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
54.230.111.122200 OK 126 kB URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
IP 54.230.111.122:0
File type ASCII text, with very long lines (65469)
Size 126 kB (126003 bytes)
Hash 489a874b6592f348eb032517c0cf042c
e70f1ba1e84338125fbace40ee045d64d023734a
35002d8feb0b0d512097b89524f8f1a78604e15a9c3167cb2ede47f29ac3670c
GET /tcfv2/23/cmp2ui-en.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
cache-control: max-age=172800
date: Tue, 04 Oct 2022 03:16:58 GMT
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
etag: W/"b999c652510fc4edd897a1d667aaee33"
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N4nI5Ucq91zOA2Wgm48l97XvWrYQEMNHfxEao2_9YU5v0qgWxRzx4g==
age: 172625
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
52.30.246.43200 OK 63 B IP 52.30.246.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b4d04a832cebd108094a5f24388260d
77d72c4aeb006a10a06a71ff1b87923460181afc
327ac4865c075299f98ac4c520d842e16de81a8d315c986ca2e3a92224bf6015
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.233
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-5hneknes%2Csn-5go7yne6&ms=au%2Conr&mv=u&mvi=3&pl=23&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1665017597&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgQ6Ayj86cFt2BEkXSemSbnKhxh2eM2aQ-n_xgSCAfiaQCIHYN65aiDnzj5uIc2xqCdQVXpV_EV-lDM9EWHRK1pYvd
142.250.74.78302 Found 1.3 kB URL HTTP/2 redirector.googlevideo.com/videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-5hneknes%2Csn-5go7yne6&ms=au%2Conr&mv=u&mvi=3&pl=23&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1665017597&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgQ6Ayj86cFt2BEkXSemSbnKhxh2eM2aQ-n_xgSCAfiaQCIHYN65aiDnzj5uIc2xqCdQVXpV_EV-lDM9EWHRK1pYvd
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1090), with CRLF, LF line terminators
Hash 514e654cd7670ecd57247a66346c89ed
bc3e95f74ef5a819ccb04089976db18aa41eb19e
7fd18ea3ad869ac223ea62037c052f4a94b9f9b2bc347b1c9cd8737b33640616
GET /videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-5hneknes%2Csn-5go7yne6&ms=au%2Conr&mv=u&mvi=3&pl=23&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1665017597&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgQ6Ayj86cFt2BEkXSemSbnKhxh2eM2aQ-n_xgSCAfiaQCIHYN65aiDnzj5uIc2xqCdQVXpV_EV-lDM9EWHRK1pYvd HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 06 Oct 2022 03:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
location: https://r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1665025740&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJngxvhJm4UNEBU0a-tCD2lTEwOuMMPOB3tYAxsq8FNNAiADywT2WD-HgEC-dE4_A7DX_3mgQPkiowPz_dNFzv6a_g%3D%3D
content-type: text/html; charset=UTF-8
server: ClientMapServer
content-length: 1267
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=555528,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b398949f2b4f7-OSL
c.clarity.ms/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&MUID=28B18F4E58466AFD245A9D7B59B36B0D
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&MUID=28B18F4E58466AFD245A9D7B59B36B0D
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=BBAEA8AB4F084477B149713C02A9531C&MUID=28B18F4E58466AFD245A9D7B59B36B0D HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 06-Oct-2022 03:24:04 GMT; path=/; SameSite=None; Secure;
date: Thu, 06 Oct 2022 03:14:03 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1556
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 03:14:03 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fcf303766d476a80c0bb7affc5757ccf
3f4162c56c5553a570589e1c5e4e23f32f2a1746
1484252c9a448975f91b74b730e9d617881916913f70455bf328b9c78391e3b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=shrinke.me&doc=complete&pg_h=2888&pg_w=1268&pg_hs=2888&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
142.250.74.66204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=shrinke.me&doc=complete&pg_h=2888&pg_w=1268&pg_hs=2888&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ama_stats&su=shrinke.me&doc=complete&pg_h=2888&pg_w=1268&pg_hs=2888&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 03:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4bd610954d1cad0675c2010a63e9c018
bd7e8708e02d74c5d7534a48221c9314530917f6
3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 06 Oct 2022 04:16:31 GMT
Date: Thu, 06 Oct 2022 03:14:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fcf303766d476a80c0bb7affc5757ccf
3f4162c56c5553a570589e1c5e4e23f32f2a1746
1484252c9a448975f91b74b730e9d617881916913f70455bf328b9c78391e3b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=64983
expires: Thu, 06 Oct 2022 21:17:07 GMT
date: Thu, 06 Oct 2022 03:14:04 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=fa306291-eefa-4613-be0d-e153e4619ce7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=2da703368f9eb4f6c054328862dc9152&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=fa306291-eefa-4613-be0d-e153e4619ce7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=2da703368f9eb4f6c054328862dc9152&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=fa306291-eefa-4613-be0d-e153e4619ce7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=2da703368f9eb4f6c054328862dc9152&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 03:14:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40530adb7e203d5ce50b681bb862a000
Strict-Transport-Security: max-age=0; includeSubdomains
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 06 Oct 2022 03:14:05 GMT
Age: 77372
X-Served-By: cache-lga21959-LGA, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 174532
X-Timer: S1665026045.107016,VS0,VE0
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 06 Oct 2022 03:14:05 GMT
Age: 77372
X-Served-By: cache-lga21959-LGA, cache-bma1625-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 175235
X-Timer: S1665026045.116794,VS0,VE0
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cdc3a5f4435a2ea6aa1319e2fef1b3c0
1a6279e47046d313154016819361976826dea094
b2dfb4358184a34a812bc3f340e29b4fb32a5d5bd7c0baf2213f27a99baf461b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:05 GMT
Last-Modified: Thu, 06 Oct 2022 02:06:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cdc3a5f4435a2ea6aa1319e2fef1b3c0
1a6279e47046d313154016819361976826dea094
b2dfb4358184a34a812bc3f340e29b4fb32a5d5bd7c0baf2213f27a99baf461b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4074
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 03:14:05 GMT
Last-Modified: Thu, 06 Oct 2022 02:06:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:05 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3olw3V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZVcHFUMW1JZ0dZV1R1aEludWUxOHFSNGxqRXJvWksyUmRkVmFjeFN1VFg; expires=Tue, 31 Oct 2023 03:14:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 273402
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=vSkT0180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lsMWpjcjlWS002RGZ5Ym1ObHZnSyUyQktXTldGZHlnWHpjZWl6MFpsMXNyZg; expires=Tue, 31 Oct 2023 03:14:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 320654
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 165903
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 03:14:04 GMT
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 483 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
Hash 8c609326af65e88b54d519bdf6d8bd98
4c048951306bc88d7ad2c1e8fe21da000cace27f
212e32185c30a696342e10ab70a78a1cc8006a7704a67f2575b101962d839390
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 267063
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l8whimcm&c=2015073676541607&e=31068457%2C31070086%2C31070166%2C31061691%2C31061692&ctx=1&met.9=1.39g~13.3oh~2.3sm&met.10=1_1.IMsmEAAIABj81UgoAQ~1_2.IMsmEAAIABj81UgoAA&met.1=1.l8whiid9~6.9i~7.9q~8.9r~9.9r~10.aa~11.9u~12.ab~13.cs~14.dn~15.e2~16.rr~17.v4~18.vl~19.1c0~20.1c0~21.1c5~23.ve&met.3=113.3zd_3~112.3zd_3
172.217.167.35204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l8whimcm&c=2015073676541607&e=31068457%2C31070086%2C31070166%2C31061691%2C31061692&ctx=1&met.9=1.39g~13.3oh~2.3sm&met.10=1_1.IMsmEAAIABj81UgoAQ~1_2.IMsmEAAIABj81UgoAA&met.1=1.l8whiid9~6.9i~7.9q~8.9r~9.9r~10.aa~11.9u~12.ab~13.cs~14.dn~15.e2~16.rr~17.v4~18.vl~19.1c0~20.1c0~21.1c5~23.ve&met.3=113.3zd_3~112.3zd_3
IP 172.217.167.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l8whimcm&c=2015073676541607&e=31068457%2C31070086%2C31070166%2C31061691%2C31061692&ctx=1&met.9=1.39g~13.3oh~2.3sm&met.10=1_1.IMsmEAAIABj81UgoAQ~1_2.IMsmEAAIABj81UgoAA&met.1=1.l8whiid9~6.9i~7.9q~8.9r~9.9r~10.aa~11.9u~12.ab~13.cs~14.dn~15.e2~16.rr~17.v4~18.vl~19.1c0~20.1c0~21.1c5~23.ve&met.3=113.3zd_3~112.3zd_3 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 06 Oct 2022 03:14:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 20307
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 03:14:06 GMT
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:03 GMT
content-type: text/javascript
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
etag: W/"6337ac21-161a8"
expires: Fri, 07 Oct 2022 03:14:03 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: X7EuD3cYmRQM5w91jvi+YOEpjYFeovGC1IVmpKncAdsBbpN5WW67g0WX6kBs3oi2oKo/Jp0c6WVfKJ+HUr9pJg==
date: Thu, 06 Oct 2022 03:14:01 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 1125265
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1665025740&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJngxvhJm4UNEBU0a-tCD2lTEwOuMMPOB3tYAxsq8FNNAiADywT2WD-HgEC-dE4_A7DX_3mgQPkiowPz_dNFzv6a_g%3D%3D
91.90.45.173206 Partial Content 0 B URL HTTP/1.1 r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1665025740&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJngxvhJm4UNEBU0a-tCD2lTEwOuMMPOB3tYAxsq8FNNAiADywT2WD-HgEC-dE4_A7DX_3mgQPkiowPz_dNFzv6a_g%3D%3D
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
GET /videoplayback?expire=1665039872&ei=oCk-Y86BC76BsfIP--OsuAo&ip=184.164.141.146&id=o-APojZHoG1oEN04EtAf7Pqq4RZpY8r1a9_06gD9szM5fb&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=URjhzvqH8BzUBXSyRIgJkGEI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=PqlSiAqpSWrB5uxscF9J&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI6_Apnpeiw1xJhYOcHTp5dicWGPze2RI7tXJ6EfyJigAiEA73ajarKIKy0WT4c0lJLVUlEdZZp8kj4I4dhH7Jf-PKg%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1665025740&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJngxvhJm4UNEBU0a-tCD2lTEwOuMMPOB3tYAxsq8FNNAiADywT2WD-HgEC-dE4_A7DX_3mgQPkiowPz_dNFzv6a_g%3D%3D HTTP/1.1
Host: r2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Mon, 21 Sep 2020 08:51:28 GMT
Content-Type: video/mp4
Date: Thu, 06 Oct 2022 03:14:04 GMT
Expires: Thu, 06 Oct 2022 03:14:04 GMT
Cache-Control: private, max-age=13528
Content-Range: bytes 0-10427992/10427993
Accept-Ranges: bytes
Content-Length: 10427993
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 06 Oct 2022 01:33:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
etag: W/"a4d296427fc806b21335359e398c025c"
cache-control: public, max-age=86400
x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGwkoGVhhp9ePuYFgTkoqnYQOuZmiYjVk2IGEDNGKqiy4F23tLk6oA==
age: 6016
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7047
last-modified: Thu, 06 Oct 2022 01:16:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCaL3bEsgBwtcMjRF%2BbY83PGbBad6JuKA20sDllaGhX6S1os9KQ4ErfC%2F%2FLsIxsdXptce2fhTifi8nxFN8Qr5Ik4tIZ1dTW6cGn6%2FrGnjWggThAT2ghplO%2BB0mtdvZCa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b3974ceef732c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 940693
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
54.230.111.108200 OK 0 B URL HTTP/2 test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
IP 54.230.111.108:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Thu, 06 Oct 2022 03:00:44 GMT
last-modified: Sat, 01 Oct 2022 19:52:29 GMT
etag: W/"0f68ab46c6b39b51f198c61b68273ad3"
x-amz-server-side-encryption: AES256
x-amz-version-id: 0num3lmuQDBnlCI8qTm_5NozfgHVSa_q
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WqsQ66koORzTbM6X1M0ZQjiOaRBun-U5T1Hyo2AIQfFrIYhotb7R3g==
age: 799
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 478157
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Fri, 07 Oct 2022 03:14:02 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 06 Oct 2022 02:27:34 GMT
last-modified: Thu, 15 Sep 2022 20:15:37 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: 4GsTzwyX3MzRzuQ9aHX_LdRUrOC4Yhj3yX-aawPASTVZLFxODMDjXQ==
age: 2790
X-Firefox-Spdy: h2
shrinke.me/Y3s4tx
172.67.162.135200 OK 0 B IP 172.67.162.135:0
GET /Y3s4tx HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:13:59 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Sun, 01-Oct-2023 03:13:59 GMT; Max-Age=31104000; path=/
AppSession=63e135425e6cb7ca917aedaa3ebfe9ca; path=/; HttpOnly
csrfToken=a42ae8543d1e6e2c588b9f39f2009be959a335c4a34f535b7d00ba7f84ea3266676a8b69326a0452aa7b76056d4a39892300a4316d829fedba1a4df375badd27; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VpKNoz3oddiscipxFBmeOalsoBxtgQ98Tbim%2BA5aH9ypVefGDELc1gQ34XFdlZIEi4Hk1E%2BXt7Ok9F2aGXGWW9uMM981LNcjUUNc6gRRqVtM0ueMhpKATX3ieGm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b396cb8deb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
172.67.21.227200 OK 0 B URL HTTP/2 services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
IP 172.67.21.227:0
GET /adv1/?q=b696d0f5c06dbd9fd83feb568718537b HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=556629
etag: W/"b696d0f5c06dbd9fd83feb568718537b 2022-10-05T00:41:15 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
age: 456
server: cloudflare
cf-ray: 755b3971ba42b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 385412
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP 172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:02 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5492775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZzVuMzxNL9YVHgHmq8QWnqHkPsogxe2R6t1oQvLr%2FxehzCXefjjvNagMnICVrYvZWpf5%2FkwHOiUmBAzI8Fux7Ud8wL9r0%2BZ1lSgftPm3f6QoJhlNxVRQ9CEIMCjCRYjZLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397faf4a7792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=4595AD20-CBB1-4A52-8FDE-BF069B941ECE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 03:14:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7047
last-modified: Thu, 06 Oct 2022 01:16:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU%2Fm9N%2FXJYmalkEapXBkjmKr2xHDAT%2F%2FY5X7GYeA9ocpjQk8HG8LepsmfG9kpU3TeCfIdRu6w07JLD6DAlIVd3Zlo7zn64UTTb9ytJAzrhg%2FZE%2FWh8mTgSjMykapU%2BCr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b3974ceeb732c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.128.12200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.128.12:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 03:14:01 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c8eb328bc278b373e5a90fa35f85fc26
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 06 Oct 2022 03:14:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obxUiEHAKkNzeh5hz0WXODpcWm6lh6KlzkTo1Y6epVoZYxDEglByvev0RkoGkAXxSqpzjCXF0dYRveQ%2BLvxmuLbpzrQN1mrPTelA1M3CQLebZcKyLp8MLeIsRY7a1YFDzeAexK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b397719e97708-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=63140606145&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=63140606145&lsavail=0
IP 178.250.2.131:0
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=63140606145&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 407
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 03:14:01 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://shrinke.me
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
54.230.111.122200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
IP 54.230.111.122:0
GET /GVL-v2/vendor-list.json HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Thu, 06 Oct 2022 03:00:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Thu, 06 Oct 2022 03:00:32 GMT
etag: W/"10559ff0fe72b588bf0418537f59ba47"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ek5NXQpkHErzkv9MA3Slvzj7eDqLAc9ZfYgQk1OsQkOqgHnRYtHb_Q==
age: 796
X-Firefox-Spdy: h2