shrinke.me/owgGn1nO
104.21.33.119301 Moved Permanently 0 B IP 104.21.33.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owgGn1nO HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 21:53:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 22:53:13 GMT
Location: https://shrinke.me/owgGn1nO
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY3yNfmpr%2F%2FInwF%2FE%2BDAPsw4o3P2ZipTJ%2FSevlXtF95nGtbP3LSw6wEiuo3FPMo6yxVw80U1vi9KQ8fv99QU3thX0GQ3jrA83ZzJIwQ9PaD7JB3ZweL8FyZSXuZk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771655ccab89b4f7-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4610
Expires: Mon, 28 Nov 2022 23:10:03 GMT
Date: Mon, 28 Nov 2022 21:53:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2246
Cache-Control: max-age=134134
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:13 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:08:47 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3436
Expires: Mon, 28 Nov 2022 22:50:29 GMT
Date: Mon, 28 Nov 2022 21:53:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 21:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2020
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n07WaqCPmdwB6sm7urvtgsI2qkme81DL4jtOmcLQ9u9SK0PFbzF2vl7ry6LcMnvt3BpsNGO1fAk=
x-amz-request-id: ADRRHB7C4NTBVRX5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 21:42:14 GMT
age: 659
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 35 kB IP 142.250.74.3:0
Hash 1a1f13ea4a6d5ba0d0a8dadb417287c0
3fee991b06fc9422e1ea9b77169a9a8fd51feed4
4debe0ae0de16dfee85223ddac4eef613c198aff394ed64019eafa5c7774c747
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 041fc6c189055f11d4166787a96ddec9
3ad003fdc3c6b3d77ab044b799311cee1be09e1d
6be00a08ae944231e55d35805b7d41f6776e0e0e9766bd730f6853bf10a4f3f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2149
Cache-Control: max-age=112772
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Etag: "63843ae9-117"
Expires: Wed, 30 Nov 2022 05:12:46 GMT
Last-Modified: Mon, 28 Nov 2022 04:36:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.1 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash 511c7a5c8b93252a0ef1779841866607
022d35cc920214d1179fd278f1670ccec015c5ba
9c01aae5ee6ff5eefd76eded4f536e822f5ad04312d0b7c71729c1a674954596
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 041fc6c189055f11d4166787a96ddec9
3ad003fdc3c6b3d77ab044b799311cee1be09e1d
6be00a08ae944231e55d35805b7d41f6776e0e0e9766bd730f6853bf10a4f3f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2149
Cache-Control: max-age=112772
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Etag: "63843ae9-117"
Expires: Wed, 30 Nov 2022 05:12:46 GMT
Last-Modified: Mon, 28 Nov 2022 04:36:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
d301cxwfymy227.cloudfront.net/?fwxcd=792297
54.230.245.180200 OK 98 kB URL HTTP/2 d301cxwfymy227.cloudfront.net/?fwxcd=792297
IP 54.230.245.180:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 920d85391676b60537260a18f277bbd7
52ce66440e9d28fb0ec784e40d988096ab9987ca
2d050ee523dcdb5140ba71b9933833db0e52bdce9d175bfccca3e47ab5ef8809
GET /?fwxcd=792297 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 97939
date: Mon, 28 Nov 2022 21:53:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KHy46E4tfFpsdD3JeM1k9sLb_5Cy2ojcM66mGPS0J8R1WmoLBrZPSg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 619fc000479c050bd1890f71b93abacb
a49b0ac95555aa2287635d6e63b3d3862edce0e9
a134b9e7c623fb731ff2285f47c5c0678c6bd6c3eddc8bd082b73b3ba04ea564
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135812
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Etag: "63849d4e-118"
Expires: Wed, 30 Nov 2022 11:36:46 GMT
Last-Modified: Mon, 28 Nov 2022 11:36:46 GMT
Server: nginx
Content-Length: 280
shrinkme.io/logo-sm.webp
104.21.65.225200 OK 31 kB IP 104.21.65.225:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 53658e8a7ae22169e5b89744bfa9f9cc
157a684bdf8e3be19cbfabc80cf3a53bfbeaa175
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
GET /logo-sm.webp HTTP/1.1
Host: shrinkme.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:14 GMT
content-type: image/webp
content-length: 31236
x-frame-options: SAMEORIGIN
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
etag: "7a04-5a22587d62000"
cache-control: max-age=31536000
expires: Sat, 26 Aug 2023 06:24:09 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 8177345
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnCFtIWkH1HaAMwqHgoRjb2G27ENYiOz%2BKI0A%2BsV365AmZXh6pMX%2B8YojFZ13Q2yJUmnyExKBVILtY2nhuoOgAdvpQO%2FD03IZkmtrYaNQdR5xi3U%2FWzw9gvX%2Fi0b3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771655d15f15b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 619fc000479c050bd1890f71b93abacb
a49b0ac95555aa2287635d6e63b3d3862edce0e9
a134b9e7c623fb731ff2285f47c5c0678c6bd6c3eddc8bd082b73b3ba04ea564
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=135812
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Etag: "63849d4e-118"
Expires: Wed, 30 Nov 2022 11:36:46 GMT
Last-Modified: Mon, 28 Nov 2022 11:36:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dd0f77511362b5941eb399b07bf471b
4a1f269303dcb0a2749e06b58c0d36f790205df4
c6c8ca98ff36e8ee4d1cf638df0db7800429ee4723020f7cbfcde2ee814d32fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6C8CA98FF36E8EE4D1CF638DF0DB7800429EE4723020F7CBFCDE2EE814D32FD"
Last-Modified: Mon, 28 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13570
Expires: Tue, 29 Nov 2022 01:39:24 GMT
Date: Mon, 28 Nov 2022 21:53:14 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dd0f77511362b5941eb399b07bf471b
4a1f269303dcb0a2749e06b58c0d36f790205df4
c6c8ca98ff36e8ee4d1cf638df0db7800429ee4723020f7cbfcde2ee814d32fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6C8CA98FF36E8EE4D1CF638DF0DB7800429EE4723020F7CBFCDE2EE814D32FD"
Last-Modified: Mon, 28 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13570
Expires: Tue, 29 Nov 2022 01:39:24 GMT
Date: Mon, 28 Nov 2022 21:53:14 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dd0f77511362b5941eb399b07bf471b
4a1f269303dcb0a2749e06b58c0d36f790205df4
c6c8ca98ff36e8ee4d1cf638df0db7800429ee4723020f7cbfcde2ee814d32fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6C8CA98FF36E8EE4D1CF638DF0DB7800429EE4723020F7CBFCDE2EE814D32FD"
Last-Modified: Mon, 28 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13570
Expires: Tue, 29 Nov 2022 01:39:24 GMT
Date: Mon, 28 Nov 2022 21:53:14 GMT
Connection: keep-alive
tags.orquideassp.com/tag/12656
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/12656
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash bc65c26fa1b876fd29afc620a24231f8
a89fbe8ebde7d38236dbf3aed37ec906fa7a30a2
2f7278404edca136bf89b7f73199f14c662e1fd6468a4d4f72ec8bcfbfa3d84a
GET /tag/12656 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 28 Nov 2022 21:03:33 GMT
etag: W/"337-qJ++jr3n04I22/Ou037JBvp6MKI"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CUYSNrw-KO4sCCqxuz0WiMkzrnmqb_BDb7yNq4mZhKk9LXlKhzSw7Q==
age: 3367
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/11628
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/11628
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 2e18ffb86f956634ec5dc4a6c2e13301
6f5a9fe45942e1a6ed1d4f33c915667ab87a6c53
ce36f676ef8ce52a9213048f1a08b0bb84d9c42597d327d4844feb68f368ab44
GET /tag/11628 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 28 Nov 2022 21:03:33 GMT
etag: W/"337-b1qf5FlC4abtHU8zyRVmerh6bFM"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BajoYa-5LryuR_La_U9nIUOzC1RFMcTWhgiGRRb7mA3oQRESZgfYSw==
age: 3384
X-Firefox-Spdy: h2
code.jquery.com/jquery-2.2.4.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:14 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669672394.dop023.sk1.t,1669672394.cds237.sk1.hn,1669672394.cds214.sk1.c
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dd0f77511362b5941eb399b07bf471b
4a1f269303dcb0a2749e06b58c0d36f790205df4
c6c8ca98ff36e8ee4d1cf638df0db7800429ee4723020f7cbfcde2ee814d32fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C6C8CA98FF36E8EE4D1CF638DF0DB7800429EE4723020F7CBFCDE2EE814D32FD"
Last-Modified: Mon, 28 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13570
Expires: Tue, 29 Nov 2022 01:39:24 GMT
Date: Mon, 28 Nov 2022 21:53:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1fcd404ddac29197a0f06ff5c0e12a21
adaf72344ee5de3f4eeaf2a828483082a1322c55
dce2a53426afd726719a114d8a299d87606b21e8f6e95ee3e641b5fa7343b312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edcritessuspi.com/NTlOb2IaBi0cX2MICD8GBUEpNSpvfysoBl1cGyFUb1QYXTZCHzoGBggOd11QDA5oHwtRBH9JEUFYOhoRCAhoBgxTVnNJFAgIYFxWGwp/QVMTTHNeREFJLwhfBB8+GxZZBH9ZVAwPeV1RDAp2X1U
104.21.77.103204 No Content 0 B URL HTTP/2 edcritessuspi.com/NTlOb2IaBi0cX2MICD8GBUEpNSpvfysoBl1cGyFUb1QYXTZCHzoGBggOd11QDA5oHwtRBH9JEUFYOhoRCAhoBgxTVnNJFAgIYFxWGwp/QVMTTHNeREFJLwhfBB8+GxZZBH9ZVAwPeV1RDAp2X1U
IP 104.21.77.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NTlOb2IaBi0cX2MICD8GBUEpNSpvfysoBl1cGyFUb1QYXTZCHzoGBggOd11QDA5oHwtRBH9JEUFYOhoRCAhoBgxTVnNJFAgIYFxWGwp/QVMTTHNeREFJLwhfBB8+GxZZBH9ZVAwPeV1RDAp2X1U HTTP/1.1
Host: edcritessuspi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:14 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfKwWT%2BgyAbiY8rLOObI9nK5lVEwKGcyuiXrcoESF0nQ%2FevEBWZDXqpp3uB1eyGgtQxlBFf3R5q%2FCE4bWMdWIjs7xY7Tu11k3YQHpVU2Rm4S8UyPSSLyTI2gBFP33p4P%2BRli%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771655d20faeb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
172.64.109.4200 OK 2.6 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 172.64.109.4:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 48fd4b3fa284d6616e9dbb4b1d342c3f
24085a17aefe204dc2f3b896fb1d100a607f97c5
e0fbdd3dfef1b3452e004a5c1a5cc43bc76055ef5bd05a29de596b2f2d8108bb
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:44:03 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5249351
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NYZPGeGaPOrQXx5hefMBqKnHKbzg1GRNB2qWRqsElUbg9Q3HmLDjiEIv8YLFgIrvcc13d%2FUAEcNG%2BfqdatSqnhUgHw6IpjDJ4Q6npSpwgIGzwI5GhEg7vKi6q61TryN9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655d08ea7769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 583 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 6c064532ae9b3b8278a9d00701c75021
65cd4fbe613e8805d867dffa12cb29569419254d
ee4a48e1244ff8836f0b808d40bab0dc14b4702a3195920c6c600dcae3302bfa
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 21:53:14 GMT
date: Mon, 28 Nov 2022 21:53:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
IP 142.250.74.3:0
Hash 03fde3b6e41fd949914aadb5fcff6b5f
9e0a47307435e2e4772e8c7e3f7cdc73bd8e39ca
5626772444f60a48c447c41ab9313383e684395cd599549417dfd0ea0ba8cc7d
POST /s/gts1p5/lPMK3rCZ68Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edcritessuspi.com/V1pvYXJ4ZQwSTzYPOTsXEwwLBSU7ES4nR2YDKlk/AhIlFyYGA0kVGzNnWFhAZWNXRwI+PlJQSnEpGwAGIilSUFQ+NAkOT3EsUlBcZ3RdT0BxL1JQVCMqDgZPZnwfFQY7Z15XRG5sWFNBbmlXU0A
104.21.77.103204 No Content 0 B URL HTTP/2 edcritessuspi.com/V1pvYXJ4ZQwSTzYPOTsXEwwLBSU7ES4nR2YDKlk/AhIlFyYGA0kVGzNnWFhAZWNXRwI+PlJQSnEpGwAGIilSUFQ+NAkOT3EsUlBcZ3RdT0BxL1JQVCMqDgZPZnwfFQY7Z15XRG5sWFNBbmlXU0A
IP 104.21.77.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V1pvYXJ4ZQwSTzYPOTsXEwwLBSU7ES4nR2YDKlk/AhIlFyYGA0kVGzNnWFhAZWNXRwI+PlJQSnEpGwAGIilSUFQ+NAkOT3EsUlBcZ3RdT0BxL1JQVCMqDgZPZnwfFQY7Z15XRG5sWFNBbmlXU0A HTTP/1.1
Host: edcritessuspi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:14 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIdn1eR%2FjQ8Pm1%2BUcIdZEE0lQLNa94%2B7jQ8xas9r%2FMDT7XtOtDpaG7lUzI5hSkK0fWPaLuQ%2BYhnh5CYDJpUHTtfom8tAYnVFWeefNXQ1PBlTx9XZwWSffH7oLlRfRf3F%2BIpy0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771655d25866b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4344
Cache-Control: max-age=131164
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:19:19 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 364377
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-137383949-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-137383949-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0bfabb70c501236905c723c2cad64612
3bbf41a811012ca95db8037b2590f4accc3a7466
59a535a6e30584dce9bb70ae93d49651167e37e867cfc8a2fb5e4cfd25c8edd7
GET /gtag/js?id=UA-137383949-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 21:53:15 GMT
expires: Mon, 28 Nov 2022 21:53:15 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:59 GMT
expires: Fri, 24 Nov 2023 06:19:59 GMT
cache-control: public, max-age=31536000
age: 401596
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 21:08:55 GMT
cache-control: public,max-age=3600
age: 2660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1fcd404ddac29197a0f06ff5c0e12a21
adaf72344ee5de3f4eeaf2a828483082a1322c55
dce2a53426afd726719a114d8a299d87606b21e8f6e95ee3e641b5fa7343b312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2578
Cache-Control: max-age=137330
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:02:06 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
mbledeparatea.com/Y0FoMTUCIwtcCgJ8ChdAES1VFAclZFp3UVBxWVJNFCcRXExRc18fVg8uHVVTES4GRRsNJBwUByUQDEtRDRgDXmA0AAN0UTIPDXAEWjg6YAAwF1sEZzsTOX9/IiIjeUIMCSACZCQDW11lNztQeXQlByx5ZDlyOklwLwARYGQgKi15fyEQI2deMjMtAGMCFwVGcTE2D3tRGzEOdGQAMy1nATIEEWNnMiYyV38bKSZ1UlcsLll/NQsgCG8hcSJgUA94KXVSFDQvdHQ2E1tZfTQTJnlQJiIvZwUbdz1WZA8TW1l9MgBcfFMmDDtndiE3OmBWBRcgBGYhAkVnfQYEDHdwNiVdf1I5GT4DZysJA3tkBikqYnciKgRkUjYpPXlFJANZVWEGKjFiYzUIG3leNgIqcmAzBARkXgZxC3JmNQsbcFITFk5bRgwvGAxNCwwAclQGclBJbQYL
54.230.111.27200 OK 1.2 kB URL HTTP/2 mbledeparatea.com/Y0FoMTUCIwtcCgJ8ChdAES1VFAclZFp3UVBxWVJNFCcRXExRc18fVg8uHVVTES4GRRsNJBwUByUQDEtRDRgDXmA0AAN0UTIPDXAEWjg6YAAwF1sEZzsTOX9/IiIjeUIMCSACZCQDW11lNztQeXQlByx5ZDlyOklwLwARYGQgKi15fyEQI2deMjMtAGMCFwVGcTE2D3tRGzEOdGQAMy1nATIEEWNnMiYyV38bKSZ1UlcsLll/NQsgCG8hcSJgUA94KXVSFDQvdHQ2E1tZfTQTJnlQJiIvZwUbdz1WZA8TW1l9MgBcfFMmDDtndiE3OmBWBRcgBGYhAkVnfQYEDHdwNiVdf1I5GT4DZysJA3tkBikqYnciKgRkUjYpPXlFJANZVWEGKjFiYzUIG3leNgIqcmAzBARkXgZxC3JmNQsbcFITFk5bRgwvGAxNCwwAclQGclBJbQYL
IP 54.230.111.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash 70bc64fe5ae259c3f00fa0390f9c3166
7124b23ff71aa19e9fef482a89ba276cc3e42f2e
b321997f692aecc730c4cc40efb0a49b8bf8b4fd67226da967214486338a7895
GET /Y0FoMTUCIwtcCgJ8ChdAES1VFAclZFp3UVBxWVJNFCcRXExRc18fVg8uHVVTES4GRRsNJBwUByUQDEtRDRgDXmA0AAN0UTIPDXAEWjg6YAAwF1sEZzsTOX9/IiIjeUIMCSACZCQDW11lNztQeXQlByx5ZDlyOklwLwARYGQgKi15fyEQI2deMjMtAGMCFwVGcTE2D3tRGzEOdGQAMy1nATIEEWNnMiYyV38bKSZ1UlcsLll/NQsgCG8hcSJgUA94KXVSFDQvdHQ2E1tZfTQTJnlQJiIvZwUbdz1WZA8TW1l9MgBcfFMmDDtndiE3OmBWBRcgBGYhAkVnfQYEDHdwNiVdf1I5GT4DZysJA3tkBikqYnciKgRkUjYpPXlFJANZVWEGKjFiYzUIG3leNgIqcmAzBARkXgZxC3JmNQsbcFITFk5bRgwvGAxNCwwAclQGclBJbQYL HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: McVZ9jtRm67X-zyFLWWjenDPNPzCIouffuXyVJ5aCFxecr56cu9UPw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6da09bfac8d5c44728536880dad2574
3a8ba2233419dec6b2270dcd8248ff66a3685e40
f81b5cd287ace93ef5c9b4d80b9ab9c89e57c4a3a164757bf315356aa8f48edd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F81B5CD287ACE93EF5C9B4D80B9AB9C89E57C4A3A164757BF315356AA8F48EDD"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15530
Expires: Tue, 29 Nov 2022 02:12:05 GMT
Date: Mon, 28 Nov 2022 21:53:15 GMT
Connection: keep-alive
mbledeparatea.com/utx?cb=ORlzT6gwVqG8&top=shrinke.me&tid=829554
54.230.111.27204 No Content 0 B URL HTTP/2 mbledeparatea.com/utx?cb=ORlzT6gwVqG8&top=shrinke.me&tid=829554
IP 54.230.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=ORlzT6gwVqG8&top=shrinke.me&tid=829554 HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 28 Nov 2022 21:54:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: loVtlKdjl9hN8Dqy2qeZIfrE2AdRnxPliHH-Jk0QymK9NsVdgT-jFw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mbledeparatea.com/utx?cb=799ijqb3bNHB&top=shrinke.me&tid=792297
54.230.111.27204 No Content 0 B URL HTTP/2 mbledeparatea.com/utx?cb=799ijqb3bNHB&top=shrinke.me&tid=792297
IP 54.230.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=799ijqb3bNHB&top=shrinke.me&tid=792297 HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 28 Nov 2022 21:54:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FY7ikHinapiVO34eFy6lSSs8UEKmc8PoHW5LBssKDEGSkB9q8Liikg==
X-Firefox-Spdy: h2
mbledeparatea.com/multi?cs=Yzl3MWRaDEcHVVILRAJRVAFGAFU&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.1&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FowgGn1nO&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_CmfG=1669672393993&crc=1
54.230.111.27200 OK 1.6 kB URL HTTP/2 mbledeparatea.com/multi?cs=Yzl3MWRaDEcHVVILRAJRVAFGAFU&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.1&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FowgGn1nO&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_CmfG=1669672393993&crc=1
IP 54.230.111.27:0
File type ASCII text, with very long lines (3303), with no line terminators
Hash afebb7ad60ceff083dd14a123931cb60
4b801fe89a65c25dfcd26ecfd95b2f91d0809fb6
468013be01365751f3a05999cf91ea5cd28df928cb76da3559f9a4553936d339
GET /multi?cs=Yzl3MWRaDEcHVVILRAJRVAFGAFU&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.1&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FowgGn1nO&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_CmfG=1669672393993&crc=1 HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1572
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=871a4e24-7a85-4d53-bab9-02f1c6a2b014
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d3u2KwA5w4MI_P3iLKCRXkPcrgrrQmAzNUipM8BEsWGoRlqL0H3PWg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mbledeparatea.com/R2txTm8mCRIjUCZWE2gaNQdMa10BTkMIC3RbQC0XMA0IIxZ1WUZgDCsEBCoJNQQfOkEpDgVrXQEyEiQtAjlBej0fEh4mDBYxKwcnN14iOSV1DR8iOhABEiEmBiI/CxVzLzY5DAUmGz4qEQE8IiwROTQeBgkRICY2KCEYDzkDPDgnJgUuPyo4Ah03IiVyCEMpKBYoAj0MP1IoAwYOHTcIBD0lGAw6FTgneCY/WjoCPDQCNDY5dSopOgwGLDd/CSsbOQI8LBo5Gwx0Mh82LB8BMycJAiIzKigrTkMMOTAmNhcBPygjN183DjQXOSMcJzw+BipJLTc3MzA5Qh0CFwslBCYcBFYKHDd+DCopMgk4AVoXJjkRIQg5BxEcOA0LH141DycVWRclIhEPHy0AAFs4JiYULjoINx4pF34mAQofKgAFHEB/SS0YHiAfejwIAwZwLgQ6WSEcEwk
54.230.111.27200 OK 1.2 kB URL HTTP/2 mbledeparatea.com/R2txTm8mCRIjUCZWE2gaNQdMa10BTkMIC3RbQC0XMA0IIxZ1WUZgDCsEBCoJNQQfOkEpDgVrXQEyEiQtAjlBej0fEh4mDBYxKwcnN14iOSV1DR8iOhABEiEmBiI/CxVzLzY5DAUmGz4qEQE8IiwROTQeBgkRICY2KCEYDzkDPDgnJgUuPyo4Ah03IiVyCEMpKBYoAj0MP1IoAwYOHTcIBD0lGAw6FTgneCY/WjoCPDQCNDY5dSopOgwGLDd/CSsbOQI8LBo5Gwx0Mh82LB8BMycJAiIzKigrTkMMOTAmNhcBPygjN183DjQXOSMcJzw+BipJLTc3MzA5Qh0CFwslBCYcBFYKHDd+DCopMgk4AVoXJjkRIQg5BxEcOA0LH141DycVWRclIhEPHy0AAFs4JiYULjoINx4pF34mAQofKgAFHEB/SS0YHiAfejwIAwZwLgQ6WSEcEwk
IP 54.230.111.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash 52a824726440b0e39d450f07e24440e0
fbc7f708cbd2b683a324fdaa4bf15f7de0990425
d5b073e6d878922e224a55c87c908f7c7c429dd8ff0db4b645700bebaca578cb
GET /R2txTm8mCRIjUCZWE2gaNQdMa10BTkMIC3RbQC0XMA0IIxZ1WUZgDCsEBCoJNQQfOkEpDgVrXQEyEiQtAjlBej0fEh4mDBYxKwcnN14iOSV1DR8iOhABEiEmBiI/CxVzLzY5DAUmGz4qEQE8IiwROTQeBgkRICY2KCEYDzkDPDgnJgUuPyo4Ah03IiVyCEMpKBYoAj0MP1IoAwYOHTcIBD0lGAw6FTgneCY/WjoCPDQCNDY5dSopOgwGLDd/CSsbOQI8LBo5Gwx0Mh82LB8BMycJAiIzKigrTkMMOTAmNhcBPygjN183DjQXOSMcJzw+BipJLTc3MzA5Qh0CFwslBCYcBFYKHDd+DCopMgk4AVoXJjkRIQg5BxEcOA0LH141DycVWRclIhEPHy0AAFs4JiYULjoINx4pF34mAQofKgAFHEB/SS0YHiAfejwIAwZwLgQ6WSEcEwk HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1194
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0js-juURZIA6sKpt2ca5TsJBYYyngrboHzGBjRv_vht4Qinonbjcxg==
X-Firefox-Spdy: h2
mbledeparatea.com/OExPckhZLiwfd1lxLVQ9SiByV3p+aX00LAt8fhEwTyo2HzEKfnhcK1QjOhYuSiMhBmZWKTtXen4dADoaTwEXKCp/NHoqG207KzQJQA4OJxJ7DwpGLXArARcPfSQFOiRbFho2O2oWGks+bSsdPg1fGgokJAgUGRoGdgo3PB9+fH8zHX4nHjcvQA8HFQ1qCA0GEHwkIxYPVCAdIyZcCAkZGm4NfysZeTQjFA1ULwszMGoJDDAnfQoKIwFqGQ4UGlB9Bz8gagkMMwViFH8zBW0ZAQgdTzwKMQlcDwcnK0EKCiMBeisWJxpgIAkjCWoVDDR5bg1/KC59HmI8KX8efjUGXwIIMR1qDQ43EXIZGjsKfQoKNQ5uLxUjDn4PK0IrcR0ZRgptCX44GWlqJQEnVjxyHC5XJAATHAEb
54.230.111.27200 OK 1.2 kB URL HTTP/2 mbledeparatea.com/OExPckhZLiwfd1lxLVQ9SiByV3p+aX00LAt8fhEwTyo2HzEKfnhcK1QjOhYuSiMhBmZWKTtXen4dADoaTwEXKCp/NHoqG207KzQJQA4OJxJ7DwpGLXArARcPfSQFOiRbFho2O2oWGks+bSsdPg1fGgokJAgUGRoGdgo3PB9+fH8zHX4nHjcvQA8HFQ1qCA0GEHwkIxYPVCAdIyZcCAkZGm4NfysZeTQjFA1ULwszMGoJDDAnfQoKIwFqGQ4UGlB9Bz8gagkMMwViFH8zBW0ZAQgdTzwKMQlcDwcnK0EKCiMBeisWJxpgIAkjCWoVDDR5bg1/KC59HmI8KX8efjUGXwIIMR1qDQ43EXIZGjsKfQoKNQ5uLxUjDn4PK0IrcR0ZRgptCX44GWlqJQEnVjxyHC5XJAATHAEb
IP 54.230.111.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3014), with no line terminators
Hash acb7266e5ec80ed2e6a27638643da589
cb499ca6f50fa43ad2b203772521a0d551f7af86
062bee656975a10f04fd36748132837c26a1797a2505433cf33493d34863f0fd
GET /OExPckhZLiwfd1lxLVQ9SiByV3p+aX00LAt8fhEwTyo2HzEKfnhcK1QjOhYuSiMhBmZWKTtXen4dADoaTwEXKCp/NHoqG207KzQJQA4OJxJ7DwpGLXArARcPfSQFOiRbFho2O2oWGks+bSsdPg1fGgokJAgUGRoGdgo3PB9+fH8zHX4nHjcvQA8HFQ1qCA0GEHwkIxYPVCAdIyZcCAkZGm4NfysZeTQjFA1ULwszMGoJDDAnfQoKIwFqGQ4UGlB9Bz8gagkMMwViFH8zBW0ZAQgdTzwKMQlcDwcnK0EKCiMBeisWJxpgIAkjCWoVDDR5bg1/KC59HmI8KX8efjUGXwIIMR1qDQ43EXIZGjsKfQoKNQ5uLxUjDn4PK0IrcR0ZRgptCX44GWlqJQEnVjxyHC5XJAATHAEb HTTP/1.1
Host: mbledeparatea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1165
date: Mon, 28 Nov 2022 21:53:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xwoJq3DBm_dFHUgqNs4xPbFsa9ip7e3UnN2mPLKWYfdbrJ3LQCIyhA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash fb477b52124fa78739072b71fc1f3d4f
474dda427e809e5bce819e1dc9cc3412c814f24c
3cb4b664037a7c0bb1cfff85e555c9c866f4af5907e0f0ac9b45e58063070287
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 21:53:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-150293760%3A1669672395852820&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvIOAKmtnGOVR2eujKyGpObaf0kU9S3g0PvW57melGJG7ng16IopdO7zR_Ka7hCEWwBPQSpzg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-yJhg-47uNE2SlFBseDQkrQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:XEelXWzl-NKe-TcGvT6_WXwEj4lZxQ:Xy91JNM476TwpFA3;Path=/;Expires=Wed, 27-Nov-2024 21:53:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 8d6e8d4989237978342bbacbb745ea78
e86b216ce4e4dc09d38aa6452eb612ed88593961
a0d6afa0bfe5f426eeeb1ef79b48726ddde4ba2733b25e853d873a7725670680
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 21:53:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1610149411%3A1669672395892075&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvltnSLZoTaPXo81aznPYD600FKA1xhaMFyVv7OP2jYa7F7wugnKXtP2ECIGkWhhcMmVgIWmw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-oDifZFnDkj8ilMCGKQG_vw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:TcWeIVYuYV2kOvDq0t8biLehzj0lMQ:ouCtb_tNj_4GgHqW;Path=/;Expires=Wed, 27-Nov-2024 21:53:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/asd100.bin
172.64.199.35200 OK 103 kB IP 172.64.199.35:0
Size 103 kB (102745 bytes)
Hash 6951314e65bfce4f35112e3d7a8da318
ca5ae72c34f783793eb87be425ad0311193acfd0
7c9c2a07823f78deedd70c190f970ce1bf06bde71c6f0a42588123b3b317cc90
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6086
last-modified: Mon, 28 Nov 2022 20:11:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2F74g0DmzazIbyYPs8VF0yZItqVzBAVKkeMpJpLi2ajeUVJC5OxsH1LFIaOs6laKPx9kaVH1hkue5wrc%2BrX%2BCBLMamGw9OPtRwI%2BQpySKy2Gmg6YtgDGkuM91fp2qWGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655da4acb743b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 103 kB IP 172.64.199.35:0
Size 103 kB (102903 bytes)
Hash 0f434ea99aac0d21c7a8eb16b7c63481
3aad4e070c7bee9061b28f9270b1f9ea9590ccff
c897182d3e5c70d759ad5f09e7f035bcc6c57397a6df36f0bf36b3d055653286
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6086
last-modified: Mon, 28 Nov 2022 20:11:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYVH6GuR%2B0vLU%2BlrRO0io2bzQ%2B5oywQlsWT19BkO6DRfoHrcgfEkT4hoIkdQXz3p6DYjdHi0uGTvjbg78yMiklk%2B1Xj1YhCiCVVlwi12UJ0sJOjZl0tr2zBltxhE2P0B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655da3aaf743b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d301cxwfymy227.cloudfront.net/YcjBER04RXyohcQZZIHp5SwJ2fnlUWjcoIAINEz4DGwcBMjpEVjMlCVREPiNzQhYoJiAVDWIiIBENdWEvFlJ5c2gGQCsscx9YMiIvFFkzNiBURSV6Ix1KLSsiExV2AXtcAGF1flpHLSkqHUc3YnxCXjBifEIBdGl+VwMGYnxCRy0peEYVdwVrQAA8cXpXAw-ZifEJCMmJ9MwF0cmBCGWF1fhVVJywhVwICdX5DAHR2fkMVdncoG0IhISEKFXYBf0IFandoBw11
54.230.245.180200 OK 551 B URL HTTP/2 d301cxwfymy227.cloudfront.net/YcjBER04RXyohcQZZIHp5SwJ2fnlUWjcoIAINEz4DGwcBMjpEVjMlCVREPiNzQhYoJiAVDWIiIBENdWEvFlJ5c2gGQCsscx9YMiIvFFkzNiBURSV6Ix1KLSsiExV2AXtcAGF1flpHLSkqHUc3YnxCXjBifEIBdGl+VwMGYnxCRy0peEYVdwVrQAA8cXpXAw-ZifEJCMmJ9MwF0cmBCGWF1fhVVJywhVwICdX5DAHR2fkMVdncoG0IhISEKFXYBf0IFandoBw11
IP 54.230.245.180:0
File type ASCII text, with very long lines (753), with no line terminators
Hash 5f6066a94174ac2fdef0cb2653810a0f
a9b6df3507a9ade47129ebda323a70f833f7a7d2
fb85861b19c0cbf08bf0b6a0ca6bdc11d84003fee91ff597dd82ffc4c8c872e9
GET /YcjBER04RXyohcQZZIHp5SwJ2fnlUWjcoIAINEz4DGwcBMjpEVjMlCVREPiNzQhYoJiAVDWIiIBENdWEvFlJ5c2gGQCsscx9YMiIvFFkzNiBURSV6Ix1KLSsiExV2AXtcAGF1flpHLSkqHUc3YnxCXjBifEIBdGl+VwMGYnxCRy0peEYVdwVrQAA8cXpXAw-ZifEJCMmJ9MwF0cmBCGWF1fhVVJywhVwICdX5DAHR2fkMVdncoG0IhISEKFXYBf0IFandoBw11 HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mbledeparatea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 551
date: Mon, 28 Nov 2022 21:53:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dceV6g_B5R9iQrxFtT07wPwT6YbubGnI4z_9IwPCZLF7BSKeMWzp2g==
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eeFqD/iv6GyiQgLXhv+f9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I8Wgc3z4T0G1GBI7PUv5Mg07UxU=
d301cxwfymy227.cloudfront.net/QdzdnYkoUWAkEdQNeA19yRQ5SV35RXRQNJAcKHwoHH3QGB3lPTz8HAFFDHQZ3RxELAyQQCkEHJBQKVkQrE1VaVmwDRwgJdxpfEQcrEV4QEyRRQgZfJxhNDg4mFhJVJH9ZB0JQel9ADgwuGEAUR3hHWRNHeEcGV0x6UgQlR3hHQA4MfEMSVCBvRQcfVH5SBC-VHeEdFEUd5NgZXV2RHHkJQehBSBAklUgUhUHpGB1dTekYSVVIsHkUCBCUPElUke0cCSVJsAgpW
54.230.245.180200 OK 454 B URL HTTP/2 d301cxwfymy227.cloudfront.net/QdzdnYkoUWAkEdQNeA19yRQ5SV35RXRQNJAcKHwoHH3QGB3lPTz8HAFFDHQZ3RxELAyQQCkEHJBQKVkQrE1VaVmwDRwgJdxpfEQcrEV4QEyRRQgZfJxhNDg4mFhJVJH9ZB0JQel9ADgwuGEAUR3hHWRNHeEcGV0x6UgQlR3hHQA4MfEMSVCBvRQcfVH5SBC-VHeEdFEUd5NgZXV2RHHkJQehBSBAklUgUhUHpGB1dTekYSVVIsHkUCBCUPElUke0cCSVJsAgpW
IP 54.230.245.180:0
File type ASCII text, with very long lines (593), with no line terminators
Hash 4ae36c901e5cdaa11e85e7760d108391
d1d0df32d4c31f03e2586d65a2481c2a37ffc02c
28728ec711f2573bbf30976d606c95a7c3da62a42754c49f68ff7aad448e3b37
GET /QdzdnYkoUWAkEdQNeA19yRQ5SV35RXRQNJAcKHwoHH3QGB3lPTz8HAFFDHQZ3RxELAyQQCkEHJBQKVkQrE1VaVmwDRwgJdxpfEQcrEV4QEyRRQgZfJxhNDg4mFhJVJH9ZB0JQel9ADgwuGEAUR3hHWRNHeEcGV0x6UgQlR3hHQA4MfEMSVCBvRQcfVH5SBC-VHeEdFEUd5NgZXV2RHHkJQehBSBAklUgUhUHpGB1dTekYSVVIsHkUCBCUPElUke0cCSVJsAgpW HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mbledeparatea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 454
date: Mon, 28 Nov 2022 21:53:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -sS579RkjzR4-Pr--SP9UyfUqrhXUKYadcn-fCzV1Rvt8y6SX3Y8kA==
X-Firefox-Spdy: h2
d301cxwfymy227.cloudfront.net/QOHRwMXZbGx5XSUwdFAxBAUZCCE4eHgNeGEhJHlcZUDsRZU9vUgRLEgVEVl0XVhNNFxNWF00AUFkQEgxCHgERDBtXDhldGllRQndDFkRVA0YQAxlfElcDAxRECBoEFEQIRUAfRh1HMhRECAMZX0AMUUNzUwpECAdCHUcyFEQIBgYURXlFQARYCF1VA0ZfER-NaGR1GNgNGCURAAEYJUUIBEFEGFVcZQFFCd0cIQV4BUE1JQQ
54.230.245.180200 OK 189 B URL HTTP/2 d301cxwfymy227.cloudfront.net/QOHRwMXZbGx5XSUwdFAxBAUZCCE4eHgNeGEhJHlcZUDsRZU9vUgRLEgVEVl0XVhNNFxNWF00AUFkQEgxCHgERDBtXDhldGllRQndDFkRVA0YQAxlfElcDAxRECBoEFEQIRUAfRh1HMhRECAMZX0AMUUNzUwpECAdCHUcyFEQIBgYURXlFQARYCF1VA0ZfER-NaGR1GNgNGCURAAEYJUUIBEFEGFVcZQFFCd0cIQV4BUE1JQQ
IP 54.230.245.180:0
File type ASCII text, with no line terminators
Hash 888a8f11c3e6669d633011e0041bbe7c
1e090be5ca225af52a6094d5b5dfdeb0f01a5195
a41808ac17bddd2e419b0a5311cf75f8ec78377b787fd30b27f99c4c0040a444
GET /QOHRwMXZbGx5XSUwdFAxBAUZCCE4eHgNeGEhJHlcZUDsRZU9vUgRLEgVEVl0XVhNNFxNWF00AUFkQEgxCHgERDBtXDhldGllRQndDFkRVA0YQAxlfElcDAxRECBoEFEQIRUAfRh1HMhRECAMZX0AMUUNzUwpECAdCHUcyFEQIBgYURXlFQARYCF1VA0ZfER-NaGR1GNgNGCURAAEYJUUIBEFEGFVcZQFFCd0cIQV4BUE1JQQ HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mbledeparatea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Mon, 28 Nov 2022 21:53:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59pZoIYoKig8YjOnzyRMwSd-3Rk2D3N8puCsm-GxuEdFdO4yNhIZ8w==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 500 B IP 93.184.220.29:0
Hash e30f8142ffdd1f3d3bf5b8d115d6daa0
3bcde86ac5ba667de0e954477dbe997b2cf8fb1d
7916a8540ba1eaec7af1b61bc44f11ed1104d784f320086ade1f1f33dbc3d39f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2579
Cache-Control: max-age=137330
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:16 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:02:07 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bungalowsimply.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
173.233.137.60200 OK 14 kB URL HTTP/1.1 bungalowsimply.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37177), with no line terminators
Hash e783fc34591856d89ae90e9f300d172a
cdae26b96866040c2d31800a873259f3a879aa29
d23fa7e41756b0c0d330439ac26a107f59031df49b133a5d066ce9efdab52ce9
Analyzer Verdict Alert quad9 Sinkholed
GET /18/44/b8/1844b8e470c024a415cff51a0843d71c.js HTTP/1.1
Host: bungalowsimply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c70551ec78cf5ea6ede0d792e4713c44
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11899
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
IP 142.250.74.3:0
Hash 03fde3b6e41fd949914aadb5fcff6b5f
9e0a47307435e2e4772e8c7e3f7cdc73bd8e39ca
5626772444f60a48c447c41ab9313383e684395cd599549417dfd0ea0ba8cc7d
POST /s/gts1p5/lPMK3rCZ68Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d301cxwfymy227.cloudfront.net/
54.230.245.180200 OK 73 B URL HTTP/2 d301cxwfymy227.cloudfront.net/
IP 54.230.245.180:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: d301cxwfymy227.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 28 Nov 2022 21:53:16 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rqLpfITODJ1UIo8qovjd2dYEtIuLS1eN_6Q3whRamtMVzZXzXSl-gw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146739
Date: Mon, 28 Nov 2022 21:53:16 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:38:55 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LEKi8lp2gbSqNfRcx61cRCRRTCx7WqAaeyae-LVnSnL9b5tqpMhh8w==
Age: 4073
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 7e52921ae25ad8d24e5a4dfe26796b7b
b2c53637c5d9a9a9b1c6f7be9bca122b161dbc9c
e0b593abe19594e4cca134f05c83d2817d80bb928425d60713d5e57cf89169c8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
set-cookie: uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; expires=Thu, 25 Nov 2032 21:53:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
server: Apache
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 80538
cache-control: max-age=100505
expires: Wed, 30 Nov 2022 01:48:21 GMT
date: Mon, 28 Nov 2022 21:53:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11899
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 718 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 734065da408efe62f2d6b9bfcf8167a5
14e2867d8e5990d6b2a2394354806ee0e69a4fe0
7051b87d13ff9069b611326c76c641de46671974a5c7c2d33bf6f9b24c911baa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12332
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 2.2 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2f1c3781e94f4059395a7bf2aadc97cb
88b75b82fc22597a8ac1572bc11d5add2809ed72
cead08f7b35888ad6c1bf051d009e38d568393f1fd215afa936d55ca24f9a5a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12332
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12332
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ab97acd46d3380fa12711c96b3c2d35
b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sYK4SFsG-No3Bd-CyGIKSWh4sUokwaHa20tc8zvbqUpxkplJOiASIA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 673
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12332
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 262
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 51188
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 415b1b1d5a29fc17b4114bb3df1d1c22
600859401c885cc2cdd1f199cccc198eb41d6a04
abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 673
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 673
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 673
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e946cb0c788ecef674c6c56fd2481db7
19342e6b84f6faa4ef532d995ca5a914d32e0672
3e87cec29350a8b24a5759e6fdb0e6298a581186294cf9d869dca0015d08b8f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E87CEC29350A8B24A5759E6FDB0E6298A581186294CF9D869DCA0015D08B8F3"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8513
Expires: Tue, 29 Nov 2022 00:15:09 GMT
Date: Mon, 28 Nov 2022 21:53:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e2719662331235eab22354739e4dc7f6
0c551405dde991d90c609eac59209b4456ab63b0
6b99c1c9184d1cf2799a5d02ad358e2050788f0f7365e8e9b22ab80208c40410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5543
Cache-Control: max-age=139552
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:16 GMT
Etag: "63849645-13a"
Expires: Wed, 30 Nov 2022 12:39:08 GMT
Last-Modified: Mon, 28 Nov 2022 11:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e2719662331235eab22354739e4dc7f6
0c551405dde991d90c609eac59209b4456ab63b0
6b99c1c9184d1cf2799a5d02ad358e2050788f0f7365e8e9b22ab80208c40410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:16 GMT
Last-Modified: Mon, 28 Nov 2022 20:10:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=78732000302&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=78732000302&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=78732000302&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 409
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:16 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://shrinke.me
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6496a820d07707e5da02d99905894e58
ca128a729e4e0bfcd68eb936f7e6b2307a46409e
f0a0d599de5c8203e29b9b10f386821b82024bd8ec6171763c0a8cc60962c616
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3752
Cache-Control: max-age=132349
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:16 GMT
Etag: "63848121-1d7"
Expires: Wed, 30 Nov 2022 10:39:05 GMT
Last-Modified: Mon, 28 Nov 2022 09:36:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=35294897090&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=35294897090&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=35294897090&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 409
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 21:53:16 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://shrinke.me
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 42 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 821c8141b8f7c192072ca7730d09e6ec
85f9a621087ac2a6c7ecad3f3c245d89003b987c
dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 559
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 28 Nov 2022 21:53:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
AN-X-Request-Uuid: 2ac7afcd-467b-4e05-b78a-596e47a5857d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 257 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
Hash c7aaf901de3a2b75abacae64d3a72ff1
ad00af092cd7b37f75ba67f608b4f6c37a8b9eea
b2b941c2b7b71bdf3e686873649a0266bd26be3ea948f5fe92bb5a35bc4b9c4c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 560
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 28 Nov 2022 21:53:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
AN-X-Request-Uuid: 8298c24d-bb21-4243-b0ef-25eafac64647
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 20:41:08 GMT
expires: Mon, 28 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 4328
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 5.3 kB URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash 725f9f6e86ef9b08c68f68d63c7e2377
a642ef0b6b926fd4c18d52e57d54559fbee29dfd
2e8b341328555baa78254cac9bb91b97115d8b33fd6ea0ae269bdbb9820fd833
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 961
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
date: Mon, 28 Nov 2022 21:53:16 GMT
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 960
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
date: Mon, 28 Nov 2022 21:53:16 GMT
X-Firefox-Spdy: h2
specialistinsensitive.com/7f/be/21/7fbe21196a9f67678de4540ff58299fd.js
173.233.137.52200 OK 29 kB URL HTTP/1.1 specialistinsensitive.com/7f/be/21/7fbe21196a9f67678de4540ff58299fd.js
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 706a3f278b9618cb1fbea7c4bfd3a4b9
5708b38824acc01dab46d6b555215c1df2262799
9df852d04aafa61c9edca05674da91a8251289a49aa03917985c2e241d82acd3
Analyzer Verdict Alert quad9 Sinkholed
GET /7f/be/21/7fbe21196a9f67678de4540ff58299fd.js HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a426da6e6ce37ac68e3fcd09ea3c162
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73301 Moved Permanently 167 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
server: CloudFront
date: Mon, 28 Nov 2022 00:09:39 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: qqsmfSpOqZs_HPoK7wt5HTB3UyAv0fWVuzEDJ9j5TOI-L2KKUFKN9Q==
age: 78218
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
142.250.74.34200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (40310)
Hash 3097863d148e6cdfee35da37197a4199
af9c3a80ff613a6a0410ab252f5e2cb06343c85d
59466fd91db19a9c60aa70b5a2b48e21638d0dc554bff4d96a34bf678e174692
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27210
date: Mon, 28 Nov 2022 21:53:17 GMT
expires: Mon, 28 Nov 2022 21:53:17 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1406 / 991 of 1000 / last-modified: 1669637149"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 174433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 28 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
Hash 21552e1c842aae710d5544bacd679943
61faeb0585cf756634267daba5466702895afe45
efb47612d8cdb5c05cda44dd7874ae073f5e4de5f049f9936c49d69891d3f480
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 512494
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
specialistinsensitive.com/sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
173.233.137.52200 OK 4.4 kB URL HTTP/1.1 specialistinsensitive.com/sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (6321), with no line terminators
Hash 505dfe1d117e5910d2fe6e1937d8de15
77458697d4694c0027d7f708a79e6a4af995e3a7
6668950ecfbe8e432a8170f4f308d0cdcec0bc66a433fccb5bbc22b3ff806fc1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=1844b8e470c024a415cff51a0843d71c&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15296127; expires=Tue, 29 Nov 2022 21:53:17 GMT; secure; SameSite=None
uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; expires=Mon, 05 Dec 2022 21:53:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 21:53:17 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 21:53:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 29 Nov 2022 21:53:17 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 29 Nov 2022 21:53:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37f9156e939be6ca1a9e126203398f0b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&RedC=c.clarity.ms&MXFR=197DA88476886F63182EBAEE72886117
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=197DA88476886F63182EBAEE72886117; domain=.clarity.ms; expires=Sat, 23-Dec-2023 21:53:17 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 28 Nov 2022 21:53:16 GMT
content-length: 0
X-Firefox-Spdy: h2
bungalowsimply.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
173.233.137.60200 OK 27 kB URL HTTP/1.1 bungalowsimply.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
IP 173.233.137.60:0
Hash 4fe3adac3a2b88cd5aabd01a1f5dc311
2dbac53fcde7d28838359bd16b616a29ea75c6dd
bc1aa597816c368356a061cc0110bb8c7d1f8bf95765b015b5a0d68c17b11fbf
Analyzer Verdict Alert quad9 Sinkholed
GET /2b7825b40010ad17ac7b5777c664449c/invoke.js HTTP/1.1
Host: bungalowsimply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78201b72a296a2cada354439096ecfe6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ab0f625f5bfca1bebd5e572dc512170
936c768a4ca024e75413085f3af2438d7e62ce1f
d8cb1685a63847e7b0d13588022dc4abfcac1cf3701148d74564572609487b3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8CB1685A63847E7B0D13588022DC4ABFCAC1CF3701148D74564572609487B3A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21194
Expires: Tue, 29 Nov 2022 03:46:31 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7afa63a2e765a5889feedb036228204
546d048429118d6ff49049b948a6d39c3706b4e1
ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8270
Expires: Tue, 29 Nov 2022 00:11:07 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
bungalowsimply.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 bungalowsimply.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (27004), with no line terminators
Hash ce13f3f1715dc538ad8a859f0138a39f
ff9e92d71c4c4a33f8c68b89cc680eb2f7d42b8a
551e7f9fb063c4e0144b0ce9a0c9e28942261a5655caef8a1b176c9f2db6d9e0
Analyzer Verdict Alert quad9 Sinkholed
GET /2b7825b40010ad17ac7b5777c664449c/invoke.js HTTP/1.1
Host: bungalowsimply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 225f4cdc56493e4dd5794b15d709938e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
143.204.55.14200 OK 2.6 kB URL HTTP/2 test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
IP 143.204.55.14:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash 021139e22d4c348912ce9e3cb2d77d00
b3a14fed2b57d8f4662b7427ad25ad28186ae4d1
f0356df76a27b95794d2b032aac53e565957f5c18c4cb7d7ba9622ec9f6a8dd8
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Mon, 28 Nov 2022 03:00:52 GMT
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
etag: W/"67643b5faa0950a5532c47758ba39d2f"
x-amz-server-side-encryption: AES256
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ahJE12otKHLpSRQEJT-UIc3C6XUCaXswE7dDvGQvSz10ewX47mY__Q==
age: 67946
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=3380&rd=3380&fd=767&bv=22.10.v.10&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=3380&rd=3380&fd=767&bv=22.10.v.10&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3380&rd=3380&fd=767&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c6c713a6e569b6be734df3c5442f6d4
43dcd58bac78d858d9803004bb155b3828b96768
dd4366f4e239f7d5d0f9cc61a611dd994ac8b25ec0faa273f2c85c19b41dfa87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DD4366F4E239F7D5D0F9CC61A611DD994AC8B25EC0FAA273F2C85C19B41DFA87"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11525
Expires: Tue, 29 Nov 2022 01:05:22 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=104
173.233.137.52200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=104
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=104 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c6c713a6e569b6be734df3c5442f6d4
43dcd58bac78d858d9803004bb155b3828b96768
dd4366f4e239f7d5d0f9cc61a611dd994ac8b25ec0faa273f2c85c19b41dfa87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DD4366F4E239F7D5D0F9CC61A611DD994AC8B25EC0FAA273F2C85C19B41DFA87"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11525
Expires: Tue, 29 Nov 2022 01:05:22 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1669672396911%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ri75q7r4a9pu3bgw2ew9%22%7D
18.157.100.67200 OK 2 B URL HTTP/2 audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1669672396911%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ri75q7r4a9pu3bgw2ew9%22%7D
IP 18.157.100.67:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1669672396911%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ri75q7r4a9pu3bgw2ew9%22%7D HTTP/1.1
Host: audit-tcfv2.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:17 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=125
173.233.137.52200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=125
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fstyle.css&l=8924&fd=125 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 75d97500fe879daf61bf2c67d36f02ed
fd298eb14510dd7805bb297c273f53891bc35eb7
146967f865b3e264713fb722c281abf207ab603ce6623c40ea49b9a3e657246b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1321
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:17 GMT
Last-Modified: Mon, 28 Nov 2022 21:31:16 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=134
173.233.137.52200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=134
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=134 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cccace1f562f1f3f6dbb1a8b8e718184
889d01a757717c2699f44b9c4b16f8558f4aa29b
41dc6aa6ce9ca0187f4deb7e4df045b2a03512df5533d6422fd71348bcf4c13f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41DC6AA6CE9CA0187F4DEB7E4DF045B2A03512DF5533D6422FD71348BCF4C13F"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3523
Expires: Mon, 28 Nov 2022 22:52:00 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cccace1f562f1f3f6dbb1a8b8e718184
889d01a757717c2699f44b9c4b16f8558f4aa29b
41dc6aa6ce9ca0187f4deb7e4df045b2a03512df5533d6422fd71348bcf4c13f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41DC6AA6CE9CA0187F4DEB7E4DF045B2A03512DF5533D6422FD71348BCF4C13F"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3523
Expires: Mon, 28 Nov 2022 22:52:00 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba38de08e280647cbb86344a1333d111
5554f52a584ccfde961c4f14c2cf1c3beb74af51
cc3953bcff0f9aaeb59b71e15c8b72bcac9d94ff203eeccbf159b40cf38521e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC3953BCFF0F9AAEB59B71E15C8B72BCAC9D94FF203EECCBF159B40CF38521E9"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5809
Expires: Mon, 28 Nov 2022 23:30:06 GMT
Date: Mon, 28 Nov 2022 21:53:17 GMT
Connection: keep-alive
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.0.130200 OK 29 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.0.130:0
Hash 79e00c2b30fefc4997c16bb307da3575
8ff61f6ffa40a7b9b493d144eeaff56211f1534f
64f39fb4ea24b68acb7fb5c9d3203ce83973435a394886a12de250c6a1028ae7
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:17 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Tue, 29 Nov 2022 21:53:17 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 206480
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&RedC=c.clarity.ms&MXFR=197DA88476886F63182EBAEE72886117
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&RedC=c.clarity.ms&MXFR=197DA88476886F63182EBAEE72886117
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&RedC=c.clarity.ms&MXFR=197DA88476886F63182EBAEE72886117 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&MUID=13B1E25FD8A76A6009F9F035D9526B43
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=13B1E25FD8A76A6009F9F035D9526B43; domain=c.bing.com; expires=Sat, 23-Dec-2023 21:53:18 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2964192692694FF49DD60EC0485CFE8B Ref B: OSL30EDGE0117 Ref C: 2022-11-28T21:53:18Z
date: Mon, 28 Nov 2022 21:53:17 GMT
content-length: 0
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=b076b795665c273eaae81f428149ee8fdd5b543a6a77cc14e0da8e028811a968ebf899ef0417fed93017cef2eb291b7bd90d9cd8120af08e51f1f164c5578eb44337ddd95525393118decee939af4799e8cfa244dee85688e8b3cf47a7078b&pst=1669672458&rmtc=t
Set-Cookie: u_pl=15023978; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2hyaW5rZS5tZS8ifX0.GHPdqwvj9xNGoREHH_CFZM9YSv_LGOW4KQaapFrdV0I; expires=Mon, 28 Nov 2022 21:54:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 416e821aa3463125a2613418207501c5
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=c49f0fc8b567cae425158d554c55c6deae7d6bd0d547b0cc6e047169d62c5ff8f0b82120ed9f1f79b46e23c2d06fe5343f2f007348014d8fc4039eb1bb6415366e2e438f56be844ae2877981ca8ac41a2c9714fcf6f202afee0825c5fa00b2b6&pst=1669672458&rmtc=t
Set-Cookie: u_pl=15023978; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2hyaW5rZS5tZS8ifX0.GHPdqwvj9xNGoREHH_CFZM9YSv_LGOW4KQaapFrdV0I; expires=Mon, 28 Nov 2022 21:54:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c32adde122463f195117040aadcfc71b
Strict-Transport-Security: max-age=0; includeSubdomains
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&gjid=1165877072&_gid=338840807.1669672397&_u=YEBAAUAAAAAAACAAI~&z=723791779
142.250.150.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&gjid=1165877072&_gid=338840807.1669672397&_u=YEBAAUAAAAAAACAAI~&z=723791779
IP 142.250.150.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&gjid=1165877072&_gid=338840807.1669672397&_u=YEBAAUAAAAAAACAAI~&z=723791779 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://shrinke.me
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 21:53:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
143.204.55.76200 OK 136 kB URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
IP 143.204.55.76:0
File type ASCII text, with very long lines (65469)
Size 136 kB (136303 bytes)
Hash 248509579480df7e277cf43e196bcd41
558dea612c02557a6cc5b896d840748cbba8aa37
f0bbd825f1f790cc2826132572f9c147c7ecc760086f901c6639930c70314734
GET /tcfv2/23/cmp2ui-en.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Mon, 28 Nov 2022 16:49:09 GMT
cache-control: max-age=172800
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zzItyGMM1AU4NlJdNy9D_-9_AR9V1XScS2o0THKbKH3QTS76lvx9ug==
age: 18249
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 28 Nov 2022 20:07:04 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X1I_w8uf-Su6wIBRb2kLvNIhYZvSrP5-MolZ-u2Xk3fY9YOh2DgPrA==
age: 6374
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.20200 OK 1.7 kB URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash aaf762a0aab76a92a57caaadf9c7a1c8
e23500341212d783e0a5f06312c95bee0ca4bad3
20c7eb0c7ac2576fcb4503d5f920820fd3fae267c0ef19f9f171a1000023527f
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c2f03289cdc221a06d9f7911e3f7f5e
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 4581733a77e3824a521e6d544aa2990b
c69eefb03bffd58c856323cb9905814bb5414759
7c6bde18bcd8136dee86653c800459937b787954a7dbc67a42b7502c51a04905
GET /2d/a7/03/2da703368f9eb4f6c054328862dc9152.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09e4dca753f6253a986d00c7c6e529b9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b02239bf1f4eed4c4b673ec5260ae8cb
f903767eb2523a659d87e5302bfaa7a0c6979215
86ef662f97a2161942310e1e3f81c90c78c64222180d43e976d771de992b887f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5757
Cache-Control: max-age=168190
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Etag: "6385054f-117"
Expires: Wed, 30 Nov 2022 20:36:28 GMT
Last-Modified: Mon, 28 Nov 2022 19:00:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b02239bf1f4eed4c4b673ec5260ae8cb
f903767eb2523a659d87e5302bfaa7a0c6979215
86ef662f97a2161942310e1e3f81c90c78c64222180d43e976d771de992b887f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5757
Cache-Control: max-age=168190
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Etag: "6385054f-117"
Expires: Wed, 30 Nov 2022 20:36:28 GMT
Last-Modified: Mon, 28 Nov 2022 19:00:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221128
151.101.85.229200 OK 926 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221128
IP 151.101.85.229:0
File type JSON data\012- , ASCII text, with very long lines (1642), with no line terminators
Hash 17efc153c6b6b72d7c3cfd08ea65e964
dd2c30acaff82547725cb46a405d004b2a0ad662
0c3333f7a735931fecd3780e5ee3ad2eb8a18298b26688f096a8ef995b091eff
GET /gh/prebid/currency-file@1/latest.json?date=20221128 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1538
x-jsd-version-type: version
etag: W/"66a-zSB71lydrnWHanna+LyL9m8KH40"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 21:53:18 GMT
age: 24739
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 926
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
Hash 4ce0c86410af6742336d910b937b6ee5
85cab4a20e4dbbe69a72d87ec52669808045dd93
af470817f8578583d6d562d78d0fba3e8ec744b5e419d7b5c75c32431d191b1e
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Tue, 29 Nov 2022 21:53:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 www.profitabledisplaycontent.com/2d/a7/03/2da703368f9eb4f6c054328862dc9152.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 616f723c8601d47f0d12ea975185fc19
3a0a72002b81cb9b2def09620c24b7dc5332d676
0cdbf3f3f86adba32c1a1d95879bffea2fc7811ddeb503861a030e30509400af
GET /2d/a7/03/2da703368f9eb4f6c054328862dc9152.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7ae60b8632967efef29c7cf238e0686b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 49a11f998f204866cc5d30171ebb179d
ee2accac405fcd9ee730a6dd647b0cb81db2dd54
149c33a39ac083b9f3c66fced2452d7e3bfa39a6c7c36ba1882dfd32e2ff6183
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E58EBA9E309F2265B67C2A256DA01909C825CCD2"
Expires: Tue, 29 Nov 2022 09:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2686
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771655ea4a92fac4-OSL
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNyTUBawaM-PArr-PPtw-MZye-aUYZKyyYBBMYRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNyTUBawaM-PArr-PPtw-MZye-aUYZKyyYBBMYRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNyTUBawaM-PArr-PPtw-MZye-aUYZKyyYBBMYRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASdGnUv4WhxN3suwa4GM33VTm%2FUL2MFMvNZpcz30V%2Bi3WkqZfWw%2B%2BLW97i3pZPHJsgomZN5sNZwuYz9EbhaTYe5x61GrX0FSedDbIJPAv%2Fn2DcxwBrh3EAaGG5rjV8oyYiWu5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655e99811fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNPYUMBarw-TUBy-PtMy-qwew-KAaTqreTMerURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNPYUMBarw-TUBy-PtMy-qwew-KAaTqreTMerURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNPYUMBarw-TUBy-PtMy-qwew-KAaTqreTMerURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8JZz43PkMX3KWt43SHJ1WkvtcgF8%2BGYYEtiYSSEFbiiSEXWa9iUlbIqCOpe3RVXt7Dig6EAvUxMbUImi2QBY9A4gdCJHmcaH%2BRVetG1FXCguof%2FyfZTSYMoWziWb3jcZkQnGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655e99812fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZZKMyZBY-BqKT-PMUY-aAqy-atwMAYATMMrTRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZZKMyZBY-BqKT-PMUY-aAqy-atwMAYATMMrTRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZZKMyZBY-BqKT-PMUY-aAqy-atwMAYATMMrTRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scAD1cCRaBp08O5tilwRkGyQ6Ijojy0wq7bnnC8d0iHrDfOFBoSwjBE8lRgO6CfBaS%2F11vELMtXUwfxrbRLjdBzPdTk2sv71qVUybwmCSGZ%2F41g5S%2FFRPpwHtuZMlExUVmbSLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655e9a821fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b02239bf1f4eed4c4b673ec5260ae8cb
f903767eb2523a659d87e5302bfaa7a0c6979215
86ef662f97a2161942310e1e3f81c90c78c64222180d43e976d771de992b887f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5757
Cache-Control: max-age=168190
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Etag: "6385054f-117"
Expires: Wed, 30 Nov 2022 20:36:28 GMT
Last-Modified: Mon, 28 Nov 2022 19:00:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNaqyAAYyU-aaMZ-PAAU-awBM-rBBPUUPZMYqyRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNaqyAAYyU-aaMZ-PAAU-awBM-rBBPUUPZMYqyRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNaqyAAYyU-aaMZ-PAAU-awBM-rBBPUUPZMYqyRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P4YBiE127zskw2vacKpMihPneFaW9q%2BXBBN3EpZIpsrbNPHs7kSKSmlHlxV7akPAMmoAykfiRHq3rptWD4BUKssxiSqbHEFokwpcLGdeYx69%2F1US71s4G3T29wrxN6xQ0w1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655e9d83afab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYUqUaAY-YTBa-PMeT-wyKe-KqUAZTYyMKeYRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYUqUaAY-YTBa-PMeT-wyKe-KqUAZTYyMKeYRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAYUqUaAY-YTBa-PMeT-wyKe-KqUAZTYyMKeYRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk76Uw34iOZ%2BwfScjvHKjkM2MQ22aVeZNwrk4eg8MDG8IX5qnShOA3Acx1N%2FoOXApHVDSR%2FvtufoqfooOUPIU%2FaO%2FXtPKlQSEUXEt0n4g2PdhCbHhheEQjkDeDbe3%2Fc%2BebCayQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655ea0850fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNePtPKtaP-ZYPy-PaKB-MrYy-APryZTaTBqYrRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
104.21.82.134200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNePtPKtaP-ZYPy-PaKB-MrYy-APryZTaTBqYrRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY
IP 104.21.82.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNePtPKtaP-ZYPy-PaKB-MrYy-APryZTaTBqYrRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcY HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 21:53:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXieU58GDLacuLoFIUv7xikXt%2Bhy6gDqb87WEExv7kUreeQEIW68CrelU9KW0%2FbP9wUHt45zWLTeriVGtTEU0iy86jM9OCYvN%2FJV%2FLn989uLeTf2w5dgwO72xeREAC%2FVuigi3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655ea1860fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=b076b795665c273eaae81f428149ee8fdd5b543a6a77cc14e0da8e028811a968ebf899ef0417fed93017cef2eb291b7bd90d9cd8120af08e51f1f164c5578eb44337ddd95525393118decee939af4799e8cfa244dee85688e8b3cf47a7078b&pst=1669672458&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=b076b795665c273eaae81f428149ee8fdd5b543a6a77cc14e0da8e028811a968ebf899ef0417fed93017cef2eb291b7bd90d9cd8120af08e51f1f164c5578eb44337ddd95525393118decee939af4799e8cfa244dee85688e8b3cf47a7078b&pst=1669672458&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2541)
Hash f8bd9a84756ad378f39e50365bf131c9
fa6b9d9bdf95f82cea5cbf1c0c23d90a58f07a68
3195fe51b51d0b9a0b4d554f65b60630bf2cff98b70f4a8b01614238cca3b3ad
GET /watch.1592626134337.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=b076b795665c273eaae81f428149ee8fdd5b543a6a77cc14e0da8e028811a968ebf899ef0417fed93017cef2eb291b7bd90d9cd8120af08e51f1f164c5578eb44337ddd95525393118decee939af4799e8cfa244dee85688e8b3cf47a7078b&pst=1669672458&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Referer: https://shrinke.me/
Connection: keep-alive
Cookie: u_pl=15023978; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2hyaW5rZS5tZS8ifX0.GHPdqwvj9xNGoREHH_CFZM9YSv_LGOW4KQaapFrdV0I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; expires=Mon, 05 Dec 2022 21:53:18 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f253a213923dcb900841693c4d5cc9b3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=c49f0fc8b567cae425158d554c55c6deae7d6bd0d547b0cc6e047169d62c5ff8f0b82120ed9f1f79b46e23c2d06fe5343f2f007348014d8fc4039eb1bb6415366e2e438f56be844ae2877981ca8ac41a2c9714fcf6f202afee0825c5fa00b2b6&pst=1669672458&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=c49f0fc8b567cae425158d554c55c6deae7d6bd0d547b0cc6e047169d62c5ff8f0b82120ed9f1f79b46e23c2d06fe5343f2f007348014d8fc4039eb1bb6415366e2e438f56be844ae2877981ca8ac41a2c9714fcf6f202afee0825c5fa00b2b6&pst=1669672458&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2546)
Hash 915a125ce76d4eafcbaf953453786365
dad669cc2ea61218f81f5d9f2f197cb2b6d2a93e
c4df634b5b81866d9c0531d5a03f151f48e0bbef542f7fdfaa4fd4c87379a613
GET /watch.135343049918.js?key=2b7825b40010ad17ac7b5777c664449c&kw=%5B%22shrinkme%22%2C%22io%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba%3A1%3A1&shu=c49f0fc8b567cae425158d554c55c6deae7d6bd0d547b0cc6e047169d62c5ff8f0b82120ed9f1f79b46e23c2d06fe5343f2f007348014d8fc4039eb1bb6415366e2e438f56be844ae2877981ca8ac41a2c9714fcf6f202afee0825c5fa00b2b6&pst=1669672458&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Referer: https://shrinke.me/
Connection: keep-alive
Cookie: u_pl=15023978; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAyMzk3OCwiayI6IjJiNzgyNWI0MDAxMGFkMTdhYzdiNTc3N2M2NjQ0NDljIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzkwMTksInBpZCI6NjMwNjUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzQsImFpZCI6NSwicHQiOjQsInBrIjoibXZwdjhiNzMxZSIsImNwa3MiOnsgIjI4IjoiMmRhNzAzMzY4ZjllYjRmNmMwNTQzMjg4NjJkYzkxNTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2hyaW5rZS5tZS8ifX0.GHPdqwvj9xNGoREHH_CFZM9YSv_LGOW4KQaapFrdV0I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://shrinke.me
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; expires=Mon, 05 Dec 2022 21:53:18 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 29 Nov 2022 21:53:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7760cca37547be1922fad71b22592966
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c.clarity.ms/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&MUID=13B1E25FD8A76A6009F9F035D9526B43
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&MUID=13B1E25FD8A76A6009F9F035D9526B43
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=3F0D617638DC4F27919BBE839B5E92BF&MUID=13B1E25FD8A76A6009F9F035D9526B43 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 28-Nov-2022 22:03:18 GMT; path=/; SameSite=None; Secure;
date: Mon, 28 Nov 2022 21:53:18 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1422
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Mon, 28 Nov 2022 21:53:17 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 51346
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Mon, 28 Nov 2022 21:53:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=3&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
143.204.52.189200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=3&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash f846ebe7331bdf57ae5b65acb42c5f30
1ee6057e835c893700196579f26fdcd92b084b4f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=3&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A44415%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Mon, 28 Nov 2022 21:53:18 GMT
x-amz-rid: QK3AYRQ26BHY3S1FJHQS
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aVKCf_hhViJUC27RK4CO38otMIOXQHA4Ngx_6tSZCeDCW4c1t9lYLA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a3af0e1f977b00ed42d0412a6e529465
d09f5598cf9778fbc99254cd8af3c60ba4add39b
37af27567921a71e5cc9c64d555f7bf7d9ab13c0b4229b146aa00f2c41dc8932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37AF27567921A71E5CC9C64D555F7BF7D9AB13C0B4229B146AA00F2C41DC8932"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Mon, 28 Nov 2022 22:44:19 GMT
Date: Mon, 28 Nov 2022 21:53:18 GMT
Connection: keep-alive
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
143.204.52.189200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Mon, 28 Nov 2022 21:53:18 GMT
x-amz-rid: Z4E16XNJZA4ZH7ZZMNAE
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P2WQ-lgerk_wgv39TJyu1OgusyNVGLc5apYETUocbuJOY7ezCFi0lg==
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 5a9316481d28e475e7f69b3321158d47
8febef9a2417b79e00181535d375ada01de21481
ca5c07f640c0f2f4f6f968b79bf17987dedf4a25133f3ae9ba861891951a74b2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 21:53:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 02 Dec 2022 18:16:25 GMT
ETag: "8febef9a2417b79e00181535d375ada01de21481"
Last-Modified: Mon, 28 Nov 2022 18:16:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2667
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771655ecbc45fac4-OSL
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 21:53:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-137383949-1&cid=302446438.1669672397&jid=616646885&_u=YEBAAUAAAAAAACAAI~&z=1568877079 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 21:53:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=1&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
143.204.52.189200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=1&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash 39fc3d21236e89707a548e7ff802c026
7409f920c8a197c7327b89334b5d1977f0636cef
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=1&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Mon, 28 Nov 2022 21:53:18 GMT
x-amz-rid: KDSKAXCSG64FZCKG62HJ
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yIjxazPnWRwinhsI0iDHGYcuaGyi0wvcHBrikdQI2oYN1ibIKRf7Xg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=2&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
143.204.52.189200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=2&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash a825e31d18f2ff5845d245fed741e9f1
6e196f0b42376389ae1cc16e8f2d0c886940fad7
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FowgGn1nO&pid=RUyl8rms45fR7&cb=2&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Mon, 28 Nov 2022 21:53:18 GMT
x-amz-rid: F5KVKS6E9NA9YEGZF27J
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yo3hWeUqK9Ie7hK068y9fG3PKNwJBILTUIOnyDq-Bw3P75g8KWkXJA==
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash da7b3a02b1f75ce51910b4ce0efcab0e
06b342ddee0a9cd9315146fa250cc108203abfbd
6ce91631c49f913c4c7a17e6ec2a3f1a34e28af656e5a222a30384ed00a530fc
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 199
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 21:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.77.32200 OK 1.6 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6200d2a7e78f5f04714dc916a8146238
ffc444705069902dc276de53f16127407917de72
599083f65dffbfa90066bbbb7109814f779b85929e2da274ca31bbd0267aa57f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16678
Expires: Tue, 29 Nov 2022 02:31:16 GMT
Date: Mon, 28 Nov 2022 21:53:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16678
Expires: Tue, 29 Nov 2022 02:31:16 GMT
Date: Mon, 28 Nov 2022 21:53:18 GMT
Connection: keep-alive
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 3.9 kB URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
Hash a22f3500e4aa894d684ae21f58ea9e45
fcd0355e05a37d801b6aa4edf4afe471b986c42c
a3b1548f7cee9b9a44adff365e9267a82cffea23a99b0e10171d60bed153d104
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 03:06:58 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SNtW4wLgvoxcGMEdwG9AwaGajNG1_dV3CF3XLsPbK-mqS7dNW-dTOQ==
age: 67581
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 608aff5acbe74ffb1ed51e2a2b01c62e
8d1c7f8f83e647b90589d17c0393bde165975aaf
6c26361981aa6e28e583136858eca75570f92883ad3b386e49dea6ed8e951aeb
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Wed, 28 Dec 2022 21:53:18 GMT
vary: Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/806.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d36a1758fad86219f072ceb0e94e845
e66a7079f1489891147b32800a0ad7f9670e9bde
2187a165cf32788cbb928482899490cbca51dabae1febd8bfedaeb3a329f96a0
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 199
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 21:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 69bb20dbd9146049a5ace8e2e15cb5b9
e084306601d2c1259f5cc23dfdb8a9596fa6b75e
ec5476d06553a6874a932336a24142ddeee3a3f91722a05d943e81bf4c6d47d6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:30:07 GMT
Expires: Tue, 29 Nov 2022 20:30:07 GMT
ETag: "e084306601d2c1259f5cc23dfdb8a9596fa6b75e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3cc3e414de2164bcf450fdaf5a9191e9
35cf7a421f84d292cd520cb49aafe4bca392cae3
5632730bdbdf77d1c5d8c2ad40b38978d3c5482dd897795e4494b444dfb350f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg
45.133.44.10200 OK 72 kB URL HTTP/2 cdn.cloudimagesb.com/bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Macintosh), datetime=2021:01:29 19:09:03 DIY-Thermocam raw data\012- (Lepton 2.x), scale 9040-30828, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 699743131325982629626180169367552.000000, slope 75634503011564814891309072384.000000], progressive, precision 8, 300x250, components 3\012- data
Hash 14107f4f7b232737929e42903724ed4d
431fd956d274ec97bce49efe36a846839f41e4ac
bda8b7040dc1a34e843b45baf1e1044a70bf4b55e0280bb768a353d3e26a5474
GET /bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 71702
server: nginx/1.17.6
last-modified: Thu, 04 Feb 2021 12:56:29 GMT
etag: "601beefd-11816"
expires: Wed, 30 Nov 2022 21:53:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 608aff5acbe74ffb1ed51e2a2b01c62e
8d1c7f8f83e647b90589d17c0393bde165975aaf
6c26361981aa6e28e583136858eca75570f92883ad3b386e49dea6ed8e951aeb
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Wed, 28 Dec 2022 21:53:18 GMT
vary: Origin
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/fc/da/3d/fcda3da06fb302689e8b9a27b7236672/1643821341.jpg
45.133.44.10200 OK 80 kB URL HTTP/2 cdn.cloudimagesb.com/bi/fc/da/3d/fcda3da06fb302689e8b9a27b7236672/1643821341.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:01:31 19:35:06], progressive, precision 8, 300x250, components 3\012- data
Hash 450b2cf9d486f15c6cc0fb23159d5221
668f4ef3d3f368f5a1217b3dc999e1d320cf035c
0789c4d6318a2d425268741a6906e8f80cd24b4c97401b47e55b4aee90cd0faf
GET /bi/fc/da/3d/fcda3da06fb302689e8b9a27b7236672/1643821341.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:18 GMT
content-type: image/jpeg
content-length: 79605
server: nginx/1.17.6
last-modified: Wed, 02 Feb 2022 17:02:29 GMT
etag: "61fab925-136f5"
expires: Wed, 30 Nov 2022 21:53:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 69bb20dbd9146049a5ace8e2e15cb5b9
e084306601d2c1259f5cc23dfdb8a9596fa6b75e
ec5476d06553a6874a932336a24142ddeee3a3f91722a05d943e81bf4c6d47d6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:30:07 GMT
Expires: Tue, 29 Nov 2022 20:30:07 GMT
ETag: "e084306601d2c1259f5cc23dfdb8a9596fa6b75e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
id.crwdcntrl.net/id
52.49.181.242200 OK 43 B IP 52.49.181.242:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.165
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=445176,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771655ecdda6b509-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 80aaf3c2c5705c3c5411ecb62bfe6cfa
b576259697125be73aaae457b27cc98dd95ebe6c
71c030d347c98e4dfae52d6caf36146faacc096987039d064fd8a56f211317fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71C030D347C98E4DFAE52D6CAF36146FAACC096987039D064FD8A56F211317FB"
Last-Modified: Mon, 28 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7329
Expires: Mon, 28 Nov 2022 23:55:28 GMT
Date: Mon, 28 Nov 2022 21:53:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f14d18e0fbcae5ddd2d6dfcdf01e7c59
e38da905debd44205ebc6abb628d381c8ec3d3d6
21c884064648ce280ecbff448fe69a9e9b25e605d408ff26a0bd1630191e4617
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C884064648CE280ECBFF448FE69A9E9B25E605D408FF26A0BD1630191E4617"
Last-Modified: Mon, 28 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7613
Expires: Tue, 29 Nov 2022 00:00:12 GMT
Date: Mon, 28 Nov 2022 21:53:19 GMT
Connection: keep-alive
d3div1mtym39ic.cloudfront.net/aax2/apstag.js
54.230.245.70200 OK 45 kB URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js
IP 54.230.245.70:0
Hash dfcd5e50b5352a845605d8fc893aa0b2
58593d672edf96df11e202d3a213cd7c642e2b34
07c9ecca6525a79aa2208e3f8699417e69641e84be96f61e3b1f1097dbbf4884
GET /aax2/apstag.js HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 21:04:38 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W_5O6nSKyJRqUNby_GyOJYxGc-81FM52eaAxsQhnCD6SpFft-5UqNw==
age: 2921
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
52.49.181.242200 OK 43 B IP 52.49.181.242:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.17.54
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=1885&rd=1885&fd=791&bv=22.10.v.10&tmpl=136
173.233.137.52200 OK 0 B URL HTTP/1.1 tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=1885&rd=1885&fd=791&bv=22.10.v.10&tmpl=136
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1885&rd=1885&fd=791&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3cc3e414de2164bcf450fdaf5a9191e9
35cf7a421f84d292cd520cb49aafe4bca392cae3
5632730bdbdf77d1c5d8c2ad40b38978d3c5482dd897795e4494b444dfb350f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=2038&rd=2038&fd=661&bv=22.10.v.10&tmpl=136
192.243.61.225200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=2038&rd=2038&fd=661&bv=22.10.v.10&tmpl=136
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2038&rd=2038&fd=661&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 21:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=445175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771655ee9958b509-OSL
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=117281
expires: Wed, 30 Nov 2022 06:28:01 GMT
date: Mon, 28 Nov 2022 21:53:20 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 29 Nov 2022 21:53:22 GMT
Date: Mon, 28 Nov 2022 21:53:20 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 755842c4015cdf23ce448636e32277fb
ddb14148163258686b5a6c025fe97d3c35317c9a
593d877e82d7a28ad48561c84375e6dae5363877df5c70bd823dac6c39bbd385
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: max-age=163889
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:53:20 GMT
Etag: "6384f33a-138"
Expires: Wed, 30 Nov 2022 19:24:49 GMT
Last-Modified: Mon, 28 Nov 2022 17:43:22 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0hEgl180M0RITmhlJTJCZkMwOUJGQlhaMUN2czdOMFh3VlJRSG5UaDNhYzY5NUd0VjNob01tUjlQOEgzWlZUJTJCcFhrb0NPUg; expires=Sat, 23 Dec 2023 21:53:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 320900
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 397 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (478), with no line terminators
Hash 69f39e9e05bfd58cdc95f03a3ddb26e8
3da57f9141b315923f2cd51d4d7614f98a6ab524
2f9217d028f6ae75bfe3828dcf081366e49c78a5e978b8d75995b781806fc4bf
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 531995
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 88 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
Hash 24ed1a6fcaeab677767d7bd2417a5182
ec5ecd805488afd2695a8259bf0c5e5e4cb0a4c4
92b2f16ca006632d832e05744691ce063a82c0d9a0dfd1fc8fe80fd5254280cf
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 443020
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash 9f545cd5e996c9a68871bd39639cf18b
3c4cf5cc5c17a9863dad84d4fbed32268cd37968
29e6c3da1d7263d0b223614a5b5b570d4fcb5b8eca673425cd78237cb2e77643
GET /AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 23842
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Mon, 28 Nov 2022 21:53:19 GMT
X-Firefox-Spdy: h2
specialistinsensitive.com/err.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTqIHc1K8eFAH8aDgzlb%2FmJ0ecwjGuBKM2ZBEg96qq6pny6nuaqq6pyeLYDAouQiTkx5732yyGIOYP0CQWS8SFDIeZA%2BuN9GzkLPMZGD0g%2B7ve%2FW%2Bw3uv6vPd6ohQVOzw4rtmR2nN1jtt2nrlqsqFqV3rwpWWT9v0VOuqyjeiU63R%2FGeHr%2Fu006avtt6WfGDWA%2BpT6lO%2FtamsTM1ofcFCFfd6frtH21HQ9jsRRvb%2F2FUeHPMghkfkGSgxe2L7p%2FtQfIo8%2B%2B6sdIPSFK%2B9lVWalcZiKPbfywe5qXNkqzG1HtJ8f7kN42aEfHUMJt9fOoAZ7s0dIFEz4v3mI8n3lzKRDG8%2FVppoyByJOIl6OIXUUyg2BTc3oMRDAnCBC1vIszsXjK3Ztccsm7MzcuLRP1D1jJz4%2FVnk2bdntBq1LhtdlcrkDqO0gRpNofpTFNUByh0Pqj4ALz%2BFEr%2BQ9UfnkWd7W04bKHH4cpiGKU1Dvib9lK1F6UaylgS0s9aLu37aY37AE7aISKkpVDqFlmMw56Gaf8pDlXqoCg%2BZOGyxTi%2BltJsmaRjGEec8DDnvxBuiI8IoTikqPvcwRlmMwfUY3F5HYa9joG499I9gqx%2Fgths44cGVBEPRoJYEtSOoGUGtCOqSoB42t4V2gWvuCO2qxF%2F2YNnDZmLK%2Fi67bcq%2BzMlucUSeXmT3d%2FoJBvKw5cdRlMQy6lJOg4hFfoenacdnNI5C0fU5nGqg3LGF0x01I8dePIlCzQh59AESdgCnD8DVS2DV82D1pBtQsO1JFFPs5HfdtlX5QLYzCWEaFOUJlNe8XX1Enluo6P35JCR%2FcPrLL7b%2BOCU%2BBLcNCtvgI%2FUjQV%2FfnFwyNdm7ZGpH7m8VpcrUDpvf7uWSlfL43XfktdpYce6sG3%2F9Bp8T8%2FHeFenK8ywXKu878s0ZJYS0m8ZySb4%2F567K5GLlts9UNq%2BK8xff3DyXFVY6p0w%2BBVMP3%2F8YXM3IU3aweLcv%2FLUJZaewVYOsekCWBWWm4MV1uGKl3hkCq1c7SeGhrpqJDZLVoVYEWq4wSxq4%2F%2BBkNe%2B6m%2BhbD6y8gTxrMLQNhroB02O46vikLOyD07%2BGi0KivUmirbeXaKtvPY7WqcOWoN0u5QHvpHEo4iiWvQ2RdoMg7rKkI6mP0s34Z2s%2F%2FwsAAP%2F%2FAQAA%2F%2F%2Bv1i40jwQAAA%3D%3D&errd=no%20impr%20and%20no%20err
173.233.137.52200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/err.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTqIHc1K8eFAH8aDgzlb%2FmJ0ecwjGuBKM2ZBEg96qq6pny6nuaqq6pyeLYDAouQiTkx5732yyGIOYP0CQWS8SFDIeZA%2BuN9GzkLPMZGD0g%2B7ve%2FW%2Bw3uv6vPd6ohQVOzw4rtmR2nN1jtt2nrlqsqFqV3rwpWWT9v0VOuqyjeiU63R%2FGeHr%2Fu006avtt6WfGDWA%2BpT6lO%2FtamsTM1ofcFCFfd6frtH21HQ9jsRRvb%2F2FUeHPMghkfkGSgxe2L7p%2FtQfIo8%2B%2B6sdIPSFK%2B9lVWalcZiKPbfywe5qXNkqzG1HtJ8f7kN42aEfHUMJt9fOoAZ7s0dIFEz4v3mI8n3lzKRDG8%2FVppoyByJOIl6OIXUUyg2BTc3oMRDAnCBC1vIszsXjK3Ztccsm7MzcuLRP1D1jJz4%2FVnk2bdntBq1LhtdlcrkDqO0gRpNofpTFNUByh0Pqj4ALz%2BFEr%2BQ9UfnkWd7W04bKHH4cpiGKU1Dvib9lK1F6UaylgS0s9aLu37aY37AE7aISKkpVDqFlmMw56Gaf8pDlXqoCg%2BZOGyxTi%2BltJsmaRjGEec8DDnvxBuiI8IoTikqPvcwRlmMwfUY3F5HYa9joG499I9gqx%2Fgths44cGVBEPRoJYEtSOoGUGtCOqSoB42t4V2gWvuCO2qxF%2F2YNnDZmLK%2Fi67bcq%2BzMlucUSeXmT3d%2FoJBvKw5cdRlMQy6lJOg4hFfoenacdnNI5C0fU5nGqg3LGF0x01I8dePIlCzQh59AESdgCnD8DVS2DV82D1pBtQsO1JFFPs5HfdtlX5QLYzCWEaFOUJlNe8XX1Enluo6P35JCR%2FcPrLL7b%2BOCU%2BBLcNCtvgI%2FUjQV%2FfnFwyNdm7ZGpH7m8VpcrUDpvf7uWSlfL43XfktdpYce6sG3%2F9Bp8T8%2FHeFenK8ywXKu878s0ZJYS0m8ZySb4%2F567K5GLlts9UNq%2BK8xff3DyXFVY6p0w%2BBVMP3%2F8YXM3IU3aweLcv%2FLUJZaewVYOsekCWBWWm4MV1uGKl3hkCq1c7SeGhrpqJDZLVoVYEWq4wSxq4%2F%2BBkNe%2B6m%2BhbD6y8gTxrMLQNhroB02O46vikLOyD07%2BGi0KivUmirbeXaKtvPY7WqcOWoN0u5QHvpHEo4iiWvQ2RdoMg7rKkI6mP0s34Z2s%2F%2FwsAAP%2F%2FAQAA%2F%2F%2Bv1i40jwQAAA%3D%3D&errd=no%20impr%20and%20no%20err
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /err.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTqIHc1K8eFAH8aDgzlb%2FmJ0ecwjGuBKM2ZBEg96qq6pny6nuaqq6pyeLYDAouQiTkx5732yyGIOYP0CQWS8SFDIeZA%2BuN9GzkLPMZGD0g%2B7ve%2FW%2Bw3uv6vPd6ohQVOzw4rtmR2nN1jtt2nrlqsqFqV3rwpWWT9v0VOuqyjeiU63R%2FGeHr%2Fu006avtt6WfGDWA%2BpT6lO%2FtamsTM1ofcFCFfd6frtH21HQ9jsRRvb%2F2FUeHPMghkfkGSgxe2L7p%2FtQfIo8%2B%2B6sdIPSFK%2B9lVWalcZiKPbfywe5qXNkqzG1HtJ8f7kN42aEfHUMJt9fOoAZ7s0dIFEz4v3mI8n3lzKRDG8%2FVppoyByJOIl6OIXUUyg2BTc3oMRDAnCBC1vIszsXjK3Ztccsm7MzcuLRP1D1jJz4%2FVnk2bdntBq1LhtdlcrkDqO0gRpNofpTFNUByh0Pqj4ALz%2BFEr%2BQ9UfnkWd7W04bKHH4cpiGKU1Dvib9lK1F6UaylgS0s9aLu37aY37AE7aISKkpVDqFlmMw56Gaf8pDlXqoCg%2BZOGyxTi%2BltJsmaRjGEec8DDnvxBuiI8IoTikqPvcwRlmMwfUY3F5HYa9joG499I9gqx%2Fgths44cGVBEPRoJYEtSOoGUGtCOqSoB42t4V2gWvuCO2qxF%2F2YNnDZmLK%2Fi67bcq%2BzMlucUSeXmT3d%2FoJBvKw5cdRlMQy6lJOg4hFfoenacdnNI5C0fU5nGqg3LGF0x01I8dePIlCzQh59AESdgCnD8DVS2DV82D1pBtQsO1JFFPs5HfdtlX5QLYzCWEaFOUJlNe8XX1Enluo6P35JCR%2FcPrLL7b%2BOCU%2BBLcNCtvgI%2FUjQV%2FfnFwyNdm7ZGpH7m8VpcrUDpvf7uWSlfL43XfktdpYce6sG3%2F9Bp8T8%2FHeFenK8ywXKu878s0ZJYS0m8ZySb4%2F567K5GLlts9UNq%2BK8xff3DyXFVY6p0w%2BBVMP3%2F8YXM3IU3aweLcv%2FLUJZaewVYOsekCWBWWm4MV1uGKl3hkCq1c7SeGhrpqJDZLVoVYEWq4wSxq4%2F%2BBkNe%2B6m%2BhbD6y8gTxrMLQNhroB02O46vikLOyD07%2BGi0KivUmirbeXaKtvPY7WqcOWoN0u5QHvpHEo4iiWvQ2RdoMg7rKkI6mP0s34Z2s%2F%2FwsAAP%2F%2FAQAA%2F%2F%2Bv1i40jwQAAA%3D%3D&errd=no%20impr%20and%20no%20err HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: u_pl=15296127; uid_id2=3f3f0f3c-e1fa-4f6b-b205-9871f9a12cba:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 21:53:22 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5bc1414857f7c086d3fcd35da40c1e2b
Strict-Transport-Security: max-age=0; includeSubdomains
www.clarity.ms/tag/6j3srg4zo7
13.107.219.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/6j3srg4zo7
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/6j3srg4zo7 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=6b8cd057291941848dd97dc943027547.20221128.20231128; expires=Tue, 28 Nov 2023 21:53:16 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zC2FYwAAAABhYBG/sgWmRb8Px014umoJT1NMMjMxMDUwMjA1MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Mon, 28 Nov 2022 21:53:16 GMT
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.141.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.141.24:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 17688ff9e3ed1c5a3f2029f183ad4ed3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 28 Nov 2022 21:53:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLrrwQJbPX%2BRHLYhHQ4J5Zyu7%2FDGXzOCAnj5WuCv678M43C%2FqYMJ3iupaVq7nrfW%2FX7TnnMkbh%2F%2BVuJYIyO6biPzBuW2WUUi974ZIQ6QBWdKWpFoeLds%2FFAW7BgvyPo6vTtJ51o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655dd099e7773-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/live-message/3-2/css/animate.css
IP 172.64.109.13:0
GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:17 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 516920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOsMsUfXtHLTcAKst0zKQkbsQCz09%2FjGfsjKK1UQa%2FO5jIbmKYsfXJj5g59GT%2F2pUEWr6VDpMu65J%2BRtoNHdaPJ8ResSJ63FyoNs756GWgMy5%2FlzNc7JjQ1eOW7MCJt8gFmEH2E6usZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655e549e675c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 996686
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=7EC57BB8-5488-464E-BFB9-2137B9AD866A&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:19 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
shrinke.me/owgGn1nO
172.67.162.135200 OK 0 B IP 172.67.162.135:0
GET /owgGn1nO HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:14 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Thu, 23-Nov-2023 21:53:14 GMT; Max-Age=31104000; path=/
AppSession=64dcb58ec5b2575ab338bc3690c076ca; path=/; HttpOnly
csrfToken=3a6662b5e7ce26d400d09a4aadb544a085ea9e1d50b27b5b65c38d523c425b9fcc6ffe84d1bb9316c29c530e7d7965663d0188407755984d29aac36087cd978c; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dba6Y9UMyIENYLZOJNinuvIBO6BVm%2FDURyeq43gqvE8OvfprXSDl%2FXyCWRaqiOb7QoZ2IXlAqSKFUXnyt13LFZAHD%2FruwtgpWqGOqFSF4nki4visf3NNDJ%2F%2FHtP7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771655ce3a75b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: LJ1IHefrgZ88VH0efdbG+RQ90LSgeQNC1poXSmKdQ4aF/LF3bwajUuFMC0oNUqYWHMzYPTJwUdRx1wxGXJPTwQ==
date: Mon, 28 Nov 2022 21:53:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
supertruco.com/icon.svg
192.0.78.146200 OK 0 B IP 192.0.78.146:0
GET /icon.svg HTTP/1.1
Host: supertruco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:53:16 GMT
content-type: image/svg+xml
strict-transport-security: max-age=31536000
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
vary: Accept-Encoding
etag: W/"630e2208-102b"
expires: Sat, 22 Oct 2022 18:21:02 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams HIT
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 0 B URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126568
date: Mon, 28 Nov 2022 21:53:17 GMT
expires: Mon, 28 Nov 2022 21:53:17 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669691452&ei=3COFY6O5CIyYkwbstq7IDw&ip=184.164.141.146&id=o-ACxvQkGgfcIczEb2LoOQL56-Quj1gE32LMqQut467omX&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MMpmfxiNr6bYyR0TyMbbTecJ&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=R2RrDJdXg6XZmgj&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCTPZADu2L615nfJMr_p83qcL5OfEvJtViLTlK6DuDGYCIQC9hrxy6XX8NQd3w4YjH6EMMINF1pFMKy2UFpSkuM_rgg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1669672187&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAM09Ns2D_Mmys9Hb0YrhYkvjph5IX6feEYLXtj7ZqkgCIC25jH6nGvPpd9ORkpshrc18_G-AVZf-hzCjlRsojrS8
91.90.45.173206 Partial Content 0 B URL HTTP/1.1 r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669691452&ei=3COFY6O5CIyYkwbstq7IDw&ip=184.164.141.146&id=o-ACxvQkGgfcIczEb2LoOQL56-Quj1gE32LMqQut467omX&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MMpmfxiNr6bYyR0TyMbbTecJ&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=R2RrDJdXg6XZmgj&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCTPZADu2L615nfJMr_p83qcL5OfEvJtViLTlK6DuDGYCIQC9hrxy6XX8NQd3w4YjH6EMMINF1pFMKy2UFpSkuM_rgg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1669672187&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAM09Ns2D_Mmys9Hb0YrhYkvjph5IX6feEYLXtj7ZqkgCIC25jH6nGvPpd9ORkpshrc18_G-AVZf-hzCjlRsojrS8
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
GET /videoplayback?expire=1669691452&ei=3COFY6O5CIyYkwbstq7IDw&ip=184.164.141.146&id=o-ACxvQkGgfcIczEb2LoOQL56-Quj1gE32LMqQut467omX&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MMpmfxiNr6bYyR0TyMbbTecJ&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=R2RrDJdXg6XZmgj&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCTPZADu2L615nfJMr_p83qcL5OfEvJtViLTlK6DuDGYCIQC9hrxy6XX8NQd3w4YjH6EMMINF1pFMKy2UFpSkuM_rgg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1669672187&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAM09Ns2D_Mmys9Hb0YrhYkvjph5IX6feEYLXtj7ZqkgCIC25jH6nGvPpd9ORkpshrc18_G-AVZf-hzCjlRsojrS8 HTTP/1.1
Host: r2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Mon, 21 Sep 2020 08:51:28 GMT
Content-Type: video/mp4
Date: Mon, 28 Nov 2022 21:53:19 GMT
Expires: Mon, 28 Nov 2022 21:53:19 GMT
Cache-Control: private, max-age=18753
Content-Range: bytes 0-10427992/10427993
Accept-Ranges: bytes
Content-Length: 10427993
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
143.204.55.76200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
IP 143.204.55.76:0
GET /GVL-v2/vendor-list.json HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 28 Nov 2022 03:00:37 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 28 Nov 2022 03:00:33 GMT
etag: W/"d4c1518d326d9407a403a5a803aa0996"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: agyGsvOE-Nbz4rkgYVvVkLcXIimH9X6PUYXYghQubiw1t2tx7oINeQ==
age: 67961
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 973707
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.219.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: TCP_HIT
x-azure-ref-originshield: 0mhKFYwAAAABFQKccBdQZQLeRHjsDyBmIQU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0zS2FYwAAAABchSRfBd1lRJqQkKi/+/edT1NMMjMxMDUwMjA1MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Mon, 28 Nov 2022 21:53:16 GMT
X-Firefox-Spdy: h2
services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
104.22.58.199200 OK 0 B URL HTTP/2 services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
IP 104.22.58.199:0
GET /adv1/?q=b696d0f5c06dbd9fd83feb568718537b HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=547715
etag: W/"b696d0f5c06dbd9fd83feb568718537b 2022-11-22T00:29:39 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
server: cloudflare
cf-ray: 771655d95ff4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:15 GMT
content-type: text/plain
set-cookie: csu=1722365426827412@1@1669672395; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaAfHTNhhWXWIHhMr4WcGIgdF1oKHsk4TmDW7gLX19%2BFC0KlKxVQHk6kPNDJe9PP3DhZvk%2BhuYNBwHbRtOIYH2lxUl2lU6Og21vkEvJfFMQR3ucLskDAB292SPBNc56H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771655da4ac5743b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://shrinke.me
server-processing-duration-in-ticks: 318014
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
IP 142.250.74.10:0
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 21:53:14 GMT
date: Mon, 28 Nov 2022 21:53:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
edcritessuspi.com/popunder.gif
104.21.77.103200 OK 0 B URL HTTP/2 edcritessuspi.com/popunder.gif
IP 104.21.77.103:0
GET /popunder.gif HTTP/1.1
Host: edcritessuspi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:53:14 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 3917
last-modified: Mon, 28 Nov 2022 20:47:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTDmWHUk7bKJOXJkEpCX9vsjqSQQGdzx7%2BLVPRk5rNmuOPY6fGfDRVLa%2FB5zcvPrb0ATCPDGReARGb1%2BULXY0FcM7xYbczT1M8JEwpH0juks5AebrITFcUlIZuKRWLB7IWK95Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771655d24841b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2