shrinke.me/VRiOcu8d
104.21.33.119301 Moved Permanently 0 B IP 104.21.33.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VRiOcu8d HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Mar 2023 20:54:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Mar 2023 21:54:09 GMT
Location: https://shrinke.me/VRiOcu8d
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfDMPgSQsvqZVWyVzUtosU%2FPTSEH7g7gFXMVRdSEKizN43RK9%2FEUWWOhlKrbSKKXNbSQv4oaIGMGI1x9bgXT%2BjQ%2FaEeu1zoE1OWS4IuGLkRh8lP99%2F47E7q6qIvb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3d7e05bc941c06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8d3b63b0ab9c679c7a50df2ba42b497
7133ccb414f7d8040d0f4a1b1df359485a76c377
4652b9b479b50208073dbff5a0b434fe6e8a1a2c5caa6365a8c5de2ff7fd9865
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4652B9B479B50208073DBFF5A0B434FE6E8A1A2C5CAA6365A8C5DE2FF7FD9865"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2478
Expires: Mon, 06 Mar 2023 21:35:27 GMT
Date: Mon, 06 Mar 2023 20:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2603
Expires: Mon, 06 Mar 2023 21:37:32 GMT
Date: Mon, 06 Mar 2023 20:54:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 20:08:37 GMT
content-type: application/json
age: 2732
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Mon, 06 Mar 2023 21:36:44 GMT
Date: Mon, 06 Mar 2023 20:54:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9zgRYx9QAnKlUvqK4QpZUQVAvs/OeSEX5G22WEBqnK/AoSYew/9lyMBFIrXFthtOmaJAI3Xm+h34x66ogtX/+A==
x-amz-request-id: 2HBRV0PXX7ZBXWF8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 20:17:17 GMT
age: 2212
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:54:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
shrinkme.io/logo-sm.webp
188.114.96.1200 OK 31 kB IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 53658e8a7ae22169e5b89744bfa9f9cc
157a684bdf8e3be19cbfabc80cf3a53bfbeaa175
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
GET /logo-sm.webp HTTP/1.1
Host: shrinkme.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:10 GMT
content-type: image/webp
content-length: 31236
x-frame-options: SAMEORIGIN
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
etag: "7a04-5a22587d62000"
cache-control: max-age=31536000
expires: Sat, 26 Aug 2023 06:24:09 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 16641001
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDH1Q%2BqcpNf7CnxgSf2qwVInccHsYSr4IvMzZClf88KOeE0V8ylQZge6LVbm1yHneTkiUVlcHYT2xCO6d9reJxQF53p7t8YUltyzpKCBRnhUKNUh7luR%2BJmnizDA1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e095bd4b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d691a24c1515f9480482818556c328e
979e4a1ab256a75427331cd308e694dd973f9038
7168770050532d4faf64096c8c6f72f3311f59604ef40d7554a0f367a861b3b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7168770050532D4FAF64096C8C6F72F3311F59604EF40D7554A0F367A861B3B1"
Last-Modified: Sun, 05 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12127
Expires: Tue, 07 Mar 2023 00:16:17 GMT
Date: Mon, 06 Mar 2023 20:54:10 GMT
Connection: keep-alive
akazginhapping.com/gspu5HpgD2oSi3/61894
142.91.159.193200 OK 26 B URL HTTP/1.1 akazginhapping.com/gspu5HpgD2oSi3/61894
IP 142.91.159.193:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer Verdict Alert quad9 Sinkholed
GET /gspu5HpgD2oSi3/61894 HTTP/1.1
Host: akazginhapping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 20:54:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 07-Mar-2023 20:54:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Tue, 07-Mar-2023 20:54:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 20:03:41 GMT
age: 3029
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e44d064b81b73efe46cc420f8ae34410
229b99f9754fdce4f543513a0942ba63f67dc057
69b84b87493304be0456180f60ddf01f51a96fffa86fe8dddc8dd920fb262f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69B84B87493304BE0456180F60DDF01F51A96FFFA86FE8DDDC8DD920FB262F06"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Mon, 06 Mar 2023 21:36:44 GMT
Date: Mon, 06 Mar 2023 20:54:10 GMT
Connection: keep-alive
d1r90st78epsag.cloudfront.net/?etsrd=792297
54.230.245.116200 OK 98 kB URL HTTP/2 d1r90st78epsag.cloudfront.net/?etsrd=792297
IP 54.230.245.116:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 812d2fa5065896f62cd1305182b1d00c
2d78b619b59f177bd0fb0a54d8481c0d1a3fc21c
10baa64f24e8d1b436b49fb76486577841e51d97623862ff257dacce3954a3aa
GET /?etsrd=792297 HTTP/1.1
Host: d1r90st78epsag.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 98381
date: Mon, 06 Mar 2023 20:54:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EzUvTGzrEOtrUg175XQP4dLDx6Ln6dt14anSFkacGPmB1YhemQywTw==
X-Firefox-Spdy: h2
akazginhapping.com/gspu5HpgD2oSi3/61894
142.91.159.193200 OK 26 B URL HTTP/1.1 akazginhapping.com/gspu5HpgD2oSi3/61894
IP 142.91.159.193:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer Verdict Alert quad9 Sinkholed
GET /gspu5HpgD2oSi3/61894 HTTP/1.1
Host: akazginhapping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 20:54:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP 142.250.74.131:0
Hash f3231c78bf8319483394802ff60b7153
71b1b68438aa55a675739c845bf0260b9fac3567
6dc928daea3566d104004c4dd176a57de1d2675e7d5548f40bc17c6a283be407
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thecliffsandupo.com/SDlucUlnBg0CdB1UHh0tDnMcKQ8wcTccDyxhKysiKVUgIxslfEgFICwEWUh7egBZVzkhXVNAbztNDwU8OwRfVyAmXwFMbz4EX196fBddQ2d5HxtMeG5NHhAudQhIAT08VVNAf38BX0J/eAxeRnB8
172.67.131.157204 No Content 0 B URL HTTP/2 thecliffsandupo.com/SDlucUlnBg0CdB1UHh0tDnMcKQ8wcTccDyxhKysiKVUgIxslfEgFICwEWUh7egBZVzkhXVNAbztNDwU8OwRfVyAmXwFMbz4EX196fBddQ2d5HxtMeG5NHhAudQhIAT08VVNAf38BX0J/eAxeRnB8
IP 172.67.131.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SDlucUlnBg0CdB1UHh0tDnMcKQ8wcTccDyxhKysiKVUgIxslfEgFICwEWUh7egBZVzkhXVNAbztNDwU8OwRfVyAmXwFMbz4EX196fBddQ2d5HxtMeG5NHhAudQhIAT08VVNAf38BX0J/eAxeRnB8 HTTP/1.1
Host: thecliffsandupo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Mar 2023 20:54:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MY4WoHaXJjDvqSfoegWO%2BTxJ%2FE20pjXUF8%2BUJ6jXbYEYu0FrahqdxUkVpbW8324z6D%2BtbDsRgw4fUus19Cp3IIWJKmtJ84eT9k96vNpROGkRjrDG0WLxKUMpPFBKYtiAsZ03EX2R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e0dd9520b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-2.2.4.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:10 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1678136050.dop230.sk1.t,1678136050.cds018.sk1.hn,1678136050.cds214.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.214.202.214101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.202.214:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Zj57ZVIgTvlTsGDEnlLbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: corU2QmgH2CYbCj3OVYOUGJ9W3o=
thecliffsandupo.com/cXJFU2xeTSYgURUkITohJjgCMQAeOBA4JhskIj85I0ATMS43I2MnBRVPcmpeQ0t9dRwYFnhiVFcBMTIYBAF4YkoYHCM8UVcEeGJCQVx3fV9XB3hiSgUCJDRRQFQ1JxgdT3RlW0lDdmVcREJ9Y1Q
172.67.131.157204 No Content 0 B URL HTTP/2 thecliffsandupo.com/cXJFU2xeTSYgURUkITohJjgCMQAeOBA4JhskIj85I0ATMS43I2MnBRVPcmpeQ0t9dRwYFnhiVFcBMTIYBAF4YkoYHCM8UVcEeGJCQVx3fV9XB3hiSgUCJDRRQFQ1JxgdT3RlW0lDdmVcREJ9Y1Q
IP 172.67.131.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cXJFU2xeTSYgURUkITohJjgCMQAeOBA4JhskIj85I0ATMS43I2MnBRVPcmpeQ0t9dRwYFnhiVFcBMTIYBAF4YkoYHCM8UVcEeGJCQVx3fV9XB3hiSgUCJDRRQFQ1JxgdT3RlW0lDdmVcREJ9Y1Q HTTP/1.1
Host: thecliffsandupo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Mar 2023 20:54:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evbxJwLO9NyNsX76H%2B0spH%2Fkay58WbShm1CVuDB5nQGFkDVMEnq2p5jHubOA5KnFvwARxLVu9LRs6mfWkBliqQCiKQFSkZsHgO5JdFWGhPXOfUMi19x%2FIO%2BgLaTF4xA%2BUNKGPFn%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e0e19990b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/22192
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/22192
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 8602783e7fe8e5568f524ff3785994a2
79c83ae569587973b998d669d776e6c1a64654a1
3300cadb9447618dce059b872298b213f3d28e35f5654d696e5bac1642b4c936
GET /tag/22192 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 06 Mar 2023 20:37:19 GMT
etag: W/"337-ecg65WlYeXO5mNZp13bmwaZGVKE"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t4-b1utc3qNOnjvAqzW9CvHmwiLqERbeYHnG3I1029daJ-U9o1iHZQ==
age: 1029
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 158405c7127a1b6738fbd4c4d68550cd
e0cd4eb6e736886e46a443ef098aa7111df29c77
dcf74892708d878f834d2ede6afe4bc959fb83b0bed7178dd54bdd3023621d18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thecliffsandupo.com/ZnJlcFJJTQYDbzMqNyYDDCAPIWACQyQdFCsrPT0VBzczFzcREUMEOwJPXUJrU0dRViIPFlhCa0ABEREmEwFYQXQPHAMfb0AEWEF8VlxTQHxUVBBNY0AGFRE1W0NDACYSHlhBZFFKVENkVkdVSGNS
172.67.131.157204 No Content 0 B URL HTTP/2 thecliffsandupo.com/ZnJlcFJJTQYDbzMqNyYDDCAPIWACQyQdFCsrPT0VBzczFzcREUMEOwJPXUJrU0dRViIPFlhCa0ABEREmEwFYQXQPHAMfb0AEWEF8VlxTQHxUVBBNY0AGFRE1W0NDACYSHlhBZFFKVENkVkdVSGNS
IP 172.67.131.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZnJlcFJJTQYDbzMqNyYDDCAPIWACQyQdFCsrPT0VBzczFzcREUMEOwJPXUJrU0dRViIPFlhCa0ABEREmEwFYQXQPHAMfb0AEWEF8VlxTQHxUVBBNY0AGFRE1W0NDACYSHlhBZFFKVENkVkdVSGNS HTTP/1.1
Host: thecliffsandupo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Mar 2023 20:54:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RNVx%2FkI6c16D3D56LkC6lxTJLaQagOwxieIRR5c5r8TgfTp0HPBQxbeb7SeiYDea88BYoG5IbEx5uH9JVpelbGyT555y3qg3wCpS8nhmfgHb%2BUZL8JIwZACWrB7KkCY3N4VMTbM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e0e29a20b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/11628
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/11628
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 2e18ffb86f956634ec5dc4a6c2e13301
6f5a9fe45942e1a6ed1d4f33c915667ab87a6c53
ce36f676ef8ce52a9213048f1a08b0bb84d9c42597d327d4844feb68f368ab44
GET /tag/11628 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 06 Mar 2023 20:07:53 GMT
etag: W/"337-b1qf5FlC4abtHU8zyRVmerh6bFM"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ea4Rw1xHj5F9Y71nuclO4dXg-3JhuzWRS0aak89xKxz4d-rw74BpUw==
age: 2990
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/22193
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/22193
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 6d27b56f9fccea11e4497ecc8a91196a
f31767640888ea8ccd0f92c824488d25fd6f29d7
4a935dd954795d7a6e5cf17eba098987baa2209bcce70338070d817089f3140f
GET /tag/22193 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 06 Mar 2023 20:03:01 GMT
etag: W/"337-8xdnZAiI6ozND5LIJEiNJf1vKdc"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XEnfxR2gFiczZqc2LRuVeXbQC9P1eJVdxXW9Ctrb-L639M8gomiKPQ==
age: 3070
X-Firefox-Spdy: h2
tags.orquideassp.com/tag/12656
54.230.111.50200 OK 823 B URL HTTP/2 tags.orquideassp.com/tag/12656
IP 54.230.111.50:0
File type HTML document, ASCII text, with CRLF line terminators
Hash bc65c26fa1b876fd29afc620a24231f8
a89fbe8ebde7d38236dbf3aed37ec906fa7a30a2
2f7278404edca136bf89b7f73199f14c662e1fd6468a4d4f72ec8bcfbfa3d84a
GET /tag/12656 HTTP/1.1
Host: tags.orquideassp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 823
server: nginx/1.16.1
access-control-allow-origin: *
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 06 Mar 2023 20:54:11 GMT
etag: W/"337-qJ++jr3n04I22/Ou037JBvp6MKI"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BBQM9Ny_JeqfO3JsFNl7TDfjQwcCMf7-t_To5VnSC4IqCTL4c-s1aA==
age: 3169
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-137383949-1
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-137383949-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (2206)
Hash 7d89436a950a7ff87d1a9b99ae2d13d0
34ccb481f50ba10fc8f4e76b423f28d753e2b382
4c8449bc5f64547430f8c5b4fbea6f5020171af078021d17808d4decc464dc13
GET /gtag/js?id=UA-137383949-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Mar 2023 20:54:11 GMT
expires: Mon, 06 Mar 2023 20:54:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Mar 2023 19:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Mar 2023 14:44:15 GMT
expires: Tue, 05 Mar 2024 14:44:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 22196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d4c754569054ff511faa0d108182b037
eb553c0005f7f284ff639cbd4bb8dcbaf8cbcc4f
323c991746be2d9ef819b4b7337c65656cbacbb8d1cc8c8958240f64f86c2c96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 12:07:24 GMT
expires: Fri, 01 Mar 2024 12:07:24 GMT
cache-control: public, max-age=31536000
age: 377207
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP 142.250.74.131:0
Hash f3231c78bf8319483394802ff60b7153
71b1b68438aa55a675739c845bf0260b9fac3567
6dc928daea3566d104004c4dd176a57de1d2675e7d5548f40bc17c6a283be407
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.35200 OK 586 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.35:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 56347edc1d2925d33583af21814d70c5
4bb7d7a9da88ce92b29a35589d2086e84eec926f
7a5957aafef34914136864c57eb6da78039ff786bef80160ebe31ef948638ab3
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Mar 2023 20:54:11 GMT
date: Mon, 06 Mar 2023 20:54:11 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 158405c7127a1b6738fbd4c4d68550cd
e0cd4eb6e736886e46a443ef098aa7111df29c77
dcf74892708d878f834d2ede6afe4bc959fb83b0bed7178dd54bdd3023621d18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edbritingsynt.info/RGdUSVglBTckZyVaNm8tNgtpbGoCQmYPPHUVbXkrMFBsLCg3BjNnOygIIS0+Ngg6PXYqAiBsagI/BhwwdjIAHDUOHzN6Gy4iPAw1Mykweh4APRUPMg0AAWxqBjAuH2kBVQIcCBZWEQRpFlQXMSs2Iwx5PQVUMAsIPR8YEAoJFx8bP3YkEwQsAyMdADwDUwwHDiBTMg8ZKDUHJjIXHg4ZEi4AEQM0CRMfGAp3NhcbaQMdYRkUBzY1BBoGVBAiFmFVEgsPBlEGJzQHKxcQCxQMHXs6ETU8HiICEwYOHQEDAxMfICYNAToRNTwYMTMKBQ4NFQMzOQwdEAFwPi9KHnkaIwMgGx8CLxl7aQIiFRtpIjE8IRADJWIbMh42HiAVHgMVKhwhDA4uGhwxYRs1BTYwej8VKBEqPwgPPzkdDAQbG2oBJjV6MBUtFSFoYg0nJjY0WjF9OTwyZis5diQ5M2B8MSE
54.230.111.15200 OK 1.2 kB URL HTTP/2 edbritingsynt.info/RGdUSVglBTckZyVaNm8tNgtpbGoCQmYPPHUVbXkrMFBsLCg3BjNnOygIIS0+Ngg6PXYqAiBsagI/BhwwdjIAHDUOHzN6Gy4iPAw1Mykweh4APRUPMg0AAWxqBjAuH2kBVQIcCBZWEQRpFlQXMSs2Iwx5PQVUMAsIPR8YEAoJFx8bP3YkEwQsAyMdADwDUwwHDiBTMg8ZKDUHJjIXHg4ZEi4AEQM0CRMfGAp3NhcbaQMdYRkUBzY1BBoGVBAiFmFVEgsPBlEGJzQHKxcQCxQMHXs6ETU8HiICEwYOHQEDAxMfICYNAToRNTwYMTMKBQ4NFQMzOQwdEAFwPi9KHnkaIwMgGx8CLxl7aQIiFRtpIjE8IRADJWIbMh42HiAVHgMVKhwhDA4uGhwxYRs1BTYwej8VKBEqPwgPPzkdDAQbG2oBJjV6MBUtFSFoYg0nJjY0WjF9OTwyZis5diQ5M2B8MSE
IP 54.230.111.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash c82743ce2b9ccad95925929eb22cce86
d300faf304f84cdaa94cd5ed6b99eb37e3899ba2
1df0b6df41e12892a83ef97af8b6aaa00060b880dbc584972c2c770bd0436b68
GET /RGdUSVglBTckZyVaNm8tNgtpbGoCQmYPPHUVbXkrMFBsLCg3BjNnOygIIS0+Ngg6PXYqAiBsagI/BhwwdjIAHDUOHzN6Gy4iPAw1Mykweh4APRUPMg0AAWxqBjAuH2kBVQIcCBZWEQRpFlQXMSs2Iwx5PQVUMAsIPR8YEAoJFx8bP3YkEwQsAyMdADwDUwwHDiBTMg8ZKDUHJjIXHg4ZEi4AEQM0CRMfGAp3NhcbaQMdYRkUBzY1BBoGVBAiFmFVEgsPBlEGJzQHKxcQCxQMHXs6ETU8HiICEwYOHQEDAxMfICYNAToRNTwYMTMKBQ4NFQMzOQwdEAFwPi9KHnkaIwMgGx8CLxl7aQIiFRtpIjE8IRADJWIbMh42HiAVHgMVKhwhDA4uGhwxYRs1BTYwej8VKBEqPwgPPzkdDAQbG2oBJjV6MBUtFSFoYg0nJjY0WjF9OTwyZis5diQ5M2B8MSE HTTP/1.1
Host: edbritingsynt.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Mon, 06 Mar 2023 20:54:11 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1tlm1QfshRvSDG71dXWYkK4XS2brggE6NxQmftOR1XiZJEu8E_e-rA==
X-Firefox-Spdy: h2
thecliffsandupo.com/popunder.gif
172.67.131.157200 OK 1.2 kB URL HTTP/2 thecliffsandupo.com/popunder.gif
IP 172.67.131.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6ceed23a44f78226a9dcd318897629a0
77bd0087b7e45ae7193d4d15592c350e3fd5e112
2409b84397de811f59bfbe24e3c6ccb001de844be16aa4adc589a44d6ff62752
GET /popunder.gif HTTP/1.1
Host: thecliffsandupo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:10 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 11858
last-modified: Mon, 06 Mar 2023 17:36:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aJKY4U6x%2B%2Bw9%2FmI1h4bdQprQt0X8V1mkzT9pMuaDAKXu4Lwlc5KEbPxZzcNMGaB4e1Jeq5dYh0IWgUKKDKepMsd3s%2BXn8yAHlgO2JyxyznIjXcspcldIFSLuP0MaBHyQNVRYp%2BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e0e19980b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
edbritingsynt.info/T0ZoREIuJAspfS57CmI3PSpVYXAJY1oCJn40UXQxO3FQITI8Jw9qISMpHSAkPSkGMGwhIxxhcAkpCi4YOyUFAQwYFyURGic2DgcXdhE+MxApFVkeCxcEXCAGN3IkDBcJEycjAw0VHy8qCgQDDQAZCy8XOnsHKQIEHhApFQMZECoAEDh/OwBydhA7AQsrDjk0Fh4UCxYHHT4qBzogByAGAxYDWTMGGBQLJgYeDDAXBw4oPzwqKxBZCicHLgcmBjg2MgMlCQMwBRsLBAMWIQ0qEAcWfnI8HCgNAzAFGy4BH30bDi0ABgt/NS0cEz8ePywMKgstFiENLkV8Bx0AWXcaCgw9FQMVAz51DCoTOSMQDCEtEBo1FDwcJSsiOSgAKgRYLAMaFwAiCjclIAUXeg85ByYpBAQsIRoTAAAXCgtOLjEgKBh5MnxzPHIudi4n
54.230.111.15200 OK 1.2 kB URL HTTP/2 edbritingsynt.info/T0ZoREIuJAspfS57CmI3PSpVYXAJY1oCJn40UXQxO3FQITI8Jw9qISMpHSAkPSkGMGwhIxxhcAkpCi4YOyUFAQwYFyURGic2DgcXdhE+MxApFVkeCxcEXCAGN3IkDBcJEycjAw0VHy8qCgQDDQAZCy8XOnsHKQIEHhApFQMZECoAEDh/OwBydhA7AQsrDjk0Fh4UCxYHHT4qBzogByAGAxYDWTMGGBQLJgYeDDAXBw4oPzwqKxBZCicHLgcmBjg2MgMlCQMwBRsLBAMWIQ0qEAcWfnI8HCgNAzAFGy4BH30bDi0ABgt/NS0cEz8ePywMKgstFiENLkV8Bx0AWXcaCgw9FQMVAz51DCoTOSMQDCEtEBo1FDwcJSsiOSgAKgRYLAMaFwAiCjclIAUXeg85ByYpBAQsIRoTAAAXCgtOLjEgKBh5MnxzPHIudi4n
IP 54.230.111.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash 3804302c533e662fea784b61d18fd24c
6b9ac874f3e36ab607374ac6746105ea21be1274
56f1de31679033dba74c5c2be79315af034d74592bb9f05fc922c72be7515d21
GET /T0ZoREIuJAspfS57CmI3PSpVYXAJY1oCJn40UXQxO3FQITI8Jw9qISMpHSAkPSkGMGwhIxxhcAkpCi4YOyUFAQwYFyURGic2DgcXdhE+MxApFVkeCxcEXCAGN3IkDBcJEycjAw0VHy8qCgQDDQAZCy8XOnsHKQIEHhApFQMZECoAEDh/OwBydhA7AQsrDjk0Fh4UCxYHHT4qBzogByAGAxYDWTMGGBQLJgYeDDAXBw4oPzwqKxBZCicHLgcmBjg2MgMlCQMwBRsLBAMWIQ0qEAcWfnI8HCgNAzAFGy4BH30bDi0ABgt/NS0cEz8ePywMKgstFiENLkV8Bx0AWXcaCgw9FQMVAz51DCoTOSMQDCEtEBo1FDwcJSsiOSgAKgRYLAMaFwAiCjclIAUXeg85ByYpBAQsIRoTAAAXCgtOLjEgKBh5MnxzPHIudi4n HTTP/1.1
Host: edbritingsynt.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Mon, 06 Mar 2023 20:54:11 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wqalVFesyEW41mJdX-ju_CE5FIUs6VXD6KP4CpiK6v89rt8K_V_lWw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d4c754569054ff511faa0d108182b037
eb553c0005f7f284ff639cbd4bb8dcbaf8cbcc4f
323c991746be2d9ef819b4b7337c65656cbacbb8d1cc8c8958240f64f86c2c96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 898972449e864866b556f186fea9a05a
55563eb593e1a9edb0bc07bdb3eb0382220da857
217d49c14e8f81e238beab7264e4ce1a012ae86ba90da7e78f02556d3befab1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 898972449e864866b556f186fea9a05a
55563eb593e1a9edb0bc07bdb3eb0382220da857
217d49c14e8f81e238beab7264e4ce1a012ae86ba90da7e78f02556d3befab1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 518
Cache-Control: max-age=156477
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Etag: "6406112a-1d7"
Expires: Wed, 08 Mar 2023 16:22:08 GMT
Last-Modified: Mon, 06 Mar 2023 16:13:30 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
edbritingsynt.info/utx?cb=X0aNVXHPWCGa&top=shrinke.me&tid=792297
54.230.111.15204 No Content 0 B URL HTTP/2 edbritingsynt.info/utx?cb=X0aNVXHPWCGa&top=shrinke.me&tid=792297
IP 54.230.111.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=X0aNVXHPWCGa&top=shrinke.me&tid=792297 HTTP/1.1
Host: edbritingsynt.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Mar 2023 20:54:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Mar 2023 20:55:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NMHWJNSeX_DZ3mJDYim32YuzS2RkzqbPdaIh1zvaIPN5e5_PeLf7RA==
X-Firefox-Spdy: h2
edbritingsynt.info/utx?cb=8dKCi84YJoGt&top=shrinke.me&tid=829554
54.230.111.15204 No Content 0 B URL HTTP/2 edbritingsynt.info/utx?cb=8dKCi84YJoGt&top=shrinke.me&tid=829554
IP 54.230.111.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=8dKCi84YJoGt&top=shrinke.me&tid=829554 HTTP/1.1
Host: edbritingsynt.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Mar 2023 20:54:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Mar 2023 20:55:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QNJL4gm4Vsjcou2Y3dBiV8wkHm32prkuqX1Y_yj9rYSikgMhU2bDQA==
X-Firefox-Spdy: h2
edbritingsynt.info/multi?cs=cVNnNEhDZFUDfkFrUwV6SGJSDXs&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.2&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fDEi=1678136050931&crc=1
54.230.111.15200 OK 1.6 kB URL HTTP/2 edbritingsynt.info/multi?cs=cVNnNEhDZFUDfkFrUwV6SGJSDXs&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.2&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fDEi=1678136050931&crc=1
IP 54.230.111.15:0
File type ASCII text, with very long lines (3326), with no line terminators
Hash 6134faad31e612a12268dab82ea7eb04
5838cb3ff19809599dbdc856a90d42cd0272b25c
3d9b179b1bedabc4a394f3c2ac06274a39abf8f622a33ded452d6bcf970bd70a
GET /multi?cs=cVNnNEhDZFUDfkFrUwV6SGJSDXs&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.60.2&sts=0&prn=0&emb=0&tid=829554&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fDEi=1678136050931&crc=1 HTTP/1.1
Host: edbritingsynt.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1612
date: Mon, 06 Mar 2023 20:54:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://shrinke.me
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=13ae334d-5b2e-43e0-b6d5-53606f802efc
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gT7m-WoaK90Q3eOKfI_MAQGjBnzm889l5I7TwF-6O5pnCyhg6FHEzQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 4.3 kB URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type ASCII text, with very long lines (12331)
Hash 8f1678626cb6b8940f0c3da3155ae249
e67745c7c174aed85fa00e7882d44e05bdd6ad89
ea1a8bf50905f3edfd44b676af15ab686e3c0e1711ce450258cbd1980226c004
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Mar 2023 20:54:11 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S856156638%3A1678136051279705&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfrbzpKC4rQFPVy6L9fJGGDFGQ0ms4FyMv_E-B4H0EhCBzjSwAhbumpVY-Lv-e2VArfJESO8w
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-PKlnfmMHU0O3KsxNju-36Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:EEtJPCH-SeVHL89sM-erMYpsb1O0BA:Wts5QPz1EiyczpAF;Path=/;Expires=Wed, 05-Mar-2025 20:54:11 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a262ed896e81c715b16a98cdb1a15bfa
6b1e4ea9844ad329ad428024f6d421327c8280d8
a849bb5452d63f980baea3d2f559ba55c2a633a9dd4396e550914a29234282a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHfRYGe-6xs1W9YLnJGbmhe3yXXSK2dxadESy6GAe1ywqV7mD0x_BNDa6tS4NdN1uKk6nP1_7A
216.58.207.237302 Found 401 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHfRYGe-6xs1W9YLnJGbmhe3yXXSK2dxadESy6GAe1ywqV7mD0x_BNDa6tS4NdN1uKk6nP1_7A
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 230b263ed81cbf26165b39ca3a96671c
05e31da90d1e0642e9c5570151ba5450bf6b07e6
ab2126b992d6a14be6a9e1cd4adca2c042735a11dcb9919a810cb81301cbbe10
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHfRYGe-6xs1W9YLnJGbmhe3yXXSK2dxadESy6GAe1ywqV7mD0x_BNDa6tS4NdN1uKk6nP1_7A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Mar 2023 20:54:11 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S2080837794%3A1678136051337692&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeKiAle9LWTuzBLqPD1qS8f-deQY_mvVaEZQfBHMCquXQQy2kSCvWxXgRsEU7p1cZ4LPEBTEQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-TejztGSKXmq_Anf7Q7SI6Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
set-cookie: __Host-GAPS=1:pRcoMgOfvZ7NxnQsGkGoEAC2HjqSbQ:0YnjabNr7dHaGqxm;Path=/;Expires=Wed, 05-Mar-2025 20:54:11 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 2.3 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
Hash 8f5fafdd26f7c0ea95ea83f09ff20df7
97a111aa8199088d87cce18db6fec8a7f98f2f52
2b19bf702716aeb8c149b0aa8b3031323065a6a697746a5c437f9b7d06bc9390
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 55jbWFyl+vPE5t56N+EJfPzwY6HiMYstrA+73lDiJ3OLiHE2Z1T+ocKNjJeyv1WszK8+ek3hxGJWzX9L/CBbgA==
date: Mon, 06 Mar 2023 20:54:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d1r90st78epsag.cloudfront.net/ldkdxNWIVKB9TXQIuFQhVT3VDDFpQLQJaDAZ6I0ADEA1CQA8RYQVPBkt3V1kDGCBMEwcYJEwERBcjEwhWUDIQCA8ZPRhZDhdiQ3NXWHdUB1JeMBhbBhkwAhBQRikFEFBGdkEbUlN0MxBQRjAYW1RCYkJ3R0R3CQNWU3QzEFBGNQcQUTd2QQBMRm5UB1IRIh-JeDVN1NwdSR3dBBFJHYkMFBB81FFMNDmJDc1NGcl8FRAN6QA
54.230.245.116200 OK 193 B URL HTTP/2 d1r90st78epsag.cloudfront.net/ldkdxNWIVKB9TXQIuFQhVT3VDDFpQLQJaDAZ6I0ADEA1CQA8RYQVPBkt3V1kDGCBMEwcYJEwERBcjEwhWUDIQCA8ZPRhZDhdiQ3NXWHdUB1JeMBhbBhkwAhBQRikFEFBGdkEbUlN0MxBQRjAYW1RCYkJ3R0R3CQNWU3QzEFBGNQcQUTd2QQBMRm5UB1IRIh-JeDVN1NwdSR3dBBFJHYkMFBB81FFMNDmJDc1NGcl8FRAN6QA
IP 54.230.245.116:0
File type ASCII text, with no line terminators
Hash db08103bd429c2bf4c632dbe285823d6
b8c1320925d624b02b0ff252e10fd8ae31e8c2d2
2cc5513f4cd63ca741d109b730402d925b7d0b5f79a6f09ba14e1c58551b575c
GET /ldkdxNWIVKB9TXQIuFQhVT3VDDFpQLQJaDAZ6I0ADEA1CQA8RYQVPBkt3V1kDGCBMEwcYJEwERBcjEwhWUDIQCA8ZPRhZDhdiQ3NXWHdUB1JeMBhbBhkwAhBQRikFEFBGdkEbUlN0MxBQRjAYW1RCYkJ3R0R3CQNWU3QzEFBGNQcQUTd2QQBMRm5UB1IRIh-JeDVN1NwdSR3dBBFJHYkMFBB81FFMNDmJDc1NGcl8FRAN6QA HTTP/1.1
Host: d1r90st78epsag.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edbritingsynt.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 193
date: Mon, 06 Mar 2023 20:54:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PbW91xoI6c0pHb0qVKCFxy6DvIEVSubvM8PkeiqqmgUFSYijNUPCRg==
X-Firefox-Spdy: h2
d1r90st78epsag.cloudfront.net/objZtcmENWQMUXhpfCU9WVwRfS1ZIXB4dDx4LHUFUOgABSwkhEBkIBVMGSx4AAFFQVAQAVVBDRw9SD09VSEIdHQpTQRcRERxBCxoAHBAYE1wDWRcbDQJXSEAnWxhdV1NeHhobDwpZGgFEXAYDBkRcBlxCT14TXjBEXAYaGw9YAkhBI0sEXQpXWhNeMERcBh-8ERF13XEJUQAZEV1NeUQgRCgETXzRTXgddQlBeB0hAUQhfHxcHAU5IQCdfBlhcUUhDUEM
54.230.245.116200 OK 553 B URL HTTP/2 d1r90st78epsag.cloudfront.net/objZtcmENWQMUXhpfCU9WVwRfS1ZIXB4dDx4LHUFUOgABSwkhEBkIBVMGSx4AAFFQVAQAVVBDRw9SD09VSEIdHQpTQRcRERxBCxoAHBAYE1wDWRcbDQJXSEAnWxhdV1NeHhobDwpZGgFEXAYDBkRcBlxCT14TXjBEXAYaGw9YAkhBI0sEXQpXWhNeMERcBh-8ERF13XEJUQAZEV1NeUQgRCgETXzRTXgddQlBeB0hAUQhfHxcHAU5IQCdfBlhcUUhDUEM
IP 54.230.245.116:0
File type ASCII text, with very long lines (757), with no line terminators
Hash f6e93f836f4ede99f98debd39382aa17
4c4ca02ad30b0b13cfd1a21ba7d5b1cade53e3f3
0f60fc92e0eea6a1fee9f6bbfe3d1385a59977735368026703cf11813506523e
GET /objZtcmENWQMUXhpfCU9WVwRfS1ZIXB4dDx4LHUFUOgABSwkhEBkIBVMGSx4AAFFQVAQAVVBDRw9SD09VSEIdHQpTQRcRERxBCxoAHBAYE1wDWRcbDQJXSEAnWxhdV1NeHhobDwpZGgFEXAYDBkRcBlxCT14TXjBEXAYaGw9YAkhBI0sEXQpXWhNeMERcBh-8ERF13XEJUQAZEV1NeUQgRCgETXzRTXgddQlBeB0hAUQhfHxcHAU5IQCdfBlhcUUhDUEM HTTP/1.1
Host: d1r90st78epsag.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edbritingsynt.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 553
date: Mon, 06 Mar 2023 20:54:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8wJtVug9F9FIhzDFQ4R0yyZAHzHHzZm4JS5NW6sIgmLbK8TjLmeAXA==
X-Firefox-Spdy: h2
d1r90st78epsag.cloudfront.net/XRUh2UTUmJxg3CjEhEmwNd3FDZAFjIgU+WzV1E2VUPR1EM1R3CxsrDX0eA3dBPyxLYRMpKRg2CGMtGDIIdG4XNVd4fFAlRSojSyZPJjgEJlMtKQR3QCR1Gz5PLCQaMBB3DkN/BWB6RnlCLCYSPkI2bURhWzFtRGEEdWZGdAYHbURhQiwmQGUQdgpTYwU9fk-J0BgdtRGFHM21FEAR1fVhhHGB6RjZQJiMZdAcDekZgBXV5RmAQd3gQOEcgLhkpEHcOR2EAa3hQJAh0
54.230.245.116200 OK 456 B URL HTTP/2 d1r90st78epsag.cloudfront.net/XRUh2UTUmJxg3CjEhEmwNd3FDZAFjIgU+WzV1E2VUPR1EM1R3CxsrDX0eA3dBPyxLYRMpKRg2CGMtGDIIdG4XNVd4fFAlRSojSyZPJjgEJlMtKQR3QCR1Gz5PLCQaMBB3DkN/BWB6RnlCLCYSPkI2bURhWzFtRGEEdWZGdAYHbURhQiwmQGUQdgpTYwU9fk-J0BgdtRGFHM21FEAR1fVhhHGB6RjZQJiMZdAcDekZgBXV5RmAQd3gQOEcgLhkpEHcOR2EAa3hQJAh0
IP 54.230.245.116:0
File type ASCII text, with very long lines (596), with no line terminators
Hash 7f0243ec92ba3881354012cc56b70c68
05fefdabbacdf47686cf7ec27f5ecdc657b78d23
1a3d4bd31d7c23e221e5904334a1c3cd0bf6f4773aba1fb3b5f345226d4a1e5f
GET /XRUh2UTUmJxg3CjEhEmwNd3FDZAFjIgU+WzV1E2VUPR1EM1R3CxsrDX0eA3dBPyxLYRMpKRg2CGMtGDIIdG4XNVd4fFAlRSojSyZPJjgEJlMtKQR3QCR1Gz5PLCQaMBB3DkN/BWB6RnlCLCYSPkI2bURhWzFtRGEEdWZGdAYHbURhQiwmQGUQdgpTYwU9fk-J0BgdtRGFHM21FEAR1fVhhHGB6RjZQJiMZdAcDekZgBXV5RmAQd3gQOEcgLhkpEHcOR2EAa3hQJAh0 HTTP/1.1
Host: d1r90st78epsag.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edbritingsynt.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 456
date: Mon, 06 Mar 2023 20:54:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wdf5JVLFQH_FqjJAZ55Qfxnb3E2byI7UmpQJeq-nKOIyVpDejUNODA==
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 498 B IP 172.64.199.35:0
File type ASCII text, with no line terminators
Hash f0d3e4f0de9adfd57369a0fc17c28784
78ca84d127ad93e221ba8871dab3a91d187f97d5
de24a2d2d7b491c7fcd274d5410440ccc48e6cce65c2dde44561ee018636bb6e
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: text/plain
set-cookie: csu=436438319563014@1@1678136051; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5YZHUiDDGGF%2FPsPTrOu1%2BMq%2FLluDERAUjZTdges9J7PD6uMkwQI5aRLgjdER3Ah%2ByyKELgViboelFXynljuUbrzDHJs7oMqKKo1aN1V%2FIrG9QlGdP%2F3EBxAx4Z31iss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e108b697576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 77982963841d53994bfe8072f54b8993
1fbb79f68a7ca758f816a8d16f5399cdc67ed4b4
af490bebe15ffb723479ee48de55cee28e9f080f6bf51905bad0813d7527fc2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/asd100.bin
172.64.199.35200 OK 103 kB IP 172.64.199.35:0
Size 103 kB (102871 bytes)
Hash e411c78ca6649496eff67f8dbff59e42
5c2da4a3b900e872ec7b069dff429e1f7a4e8dd9
b7511dbf863543a021bf75df87f477d8988726f33f0437245b30b154f72b0809
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6531
last-modified: Mon, 06 Mar 2023 19:05:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooobMoGT4RuASC9r0gY1900qYMi3%2F4faj5UoPW%2BapKs5nE18u%2BC4dYpQ0%2Br6O14UnmhlUx%2FDpoPcax%2FtFXieZLxo2ckl%2FsbP7YFteramc1Nw6UXNbzQ4TB9RSFiwkgOv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e108b637576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 77982963841d53994bfe8072f54b8993
1fbb79f68a7ca758f816a8d16f5399cdc67ed4b4
af490bebe15ffb723479ee48de55cee28e9f080f6bf51905bad0813d7527fc2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Mar 2023 19:53:25 GMT
expires: Mon, 06 Mar 2023 21:53:25 GMT
cache-control: public, max-age=7200
age: 3646
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
supertruco.com/icon.svg
192.0.78.218200 OK 28 kB IP 192.0.78.218:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ec20c8d5d011a304ea460bc6a7b47f25
1f6f5f84ab491086e11c316749bbcc554b4bf18b
fd5f51a2ad5911558ba73f9d8f8a0326973ac15b74d4ccebf78e2890b00bc1fd
GET /icon.svg HTTP/1.1
Host: supertruco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: image/svg+xml
strict-transport-security: max-age=31536000
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
vary: Accept-Encoding
etag: W/"630e2208-102b"
expires: Thu, 05 Jan 2023 19:54:43 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 77982963841d53994bfe8072f54b8993
1fbb79f68a7ca758f816a8d16f5399cdc67ed4b4
af490bebe15ffb723479ee48de55cee28e9f080f6bf51905bad0813d7527fc2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.vlitag.com/cli/b696d0f5c06dbd9fd83feb568718537b.json?hn=https://shrinke.me
104.22.59.199200 OK 42 B URL HTTP/2 services.vlitag.com/cli/b696d0f5c06dbd9fd83feb568718537b.json?hn=https://shrinke.me
IP 104.22.59.199:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ad6c72bac366a3178af25ddf1e6518de
b33e38efa71416bb8376d9d474f73848966fcae9
7468385a6f4aea4a6d7bf405cd629be0ca68793ffd8a0b5d4a0dafedfb467370
GET /cli/b696d0f5c06dbd9fd83feb568718537b.json?hn=https://shrinke.me HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: application/json; charset=utf-8
content-length: 42
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shrinke.me
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e13bfd8b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1353439d055988b34fcd4ed3687a89ed
1792b67b3d6cfdb774760b20987e1a735a8d66c4
547139b3001d8df694cc567b769930550c0041a39cf80a1d623c49e287df0f0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/eus2/s/0.7.2/clarity.js
13.107.238.53200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.2/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56772)
Hash 2f5c556be40aab0a0115054dfdeba665
f782838a5d25e854af6c2535922d069c4a650a7c
2e5fcfa7d71ab77ef6a135498eaf5d547a4ed9fa610d85e78c28d38523b8898e
GET /eus2/s/0.7.2/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d94d032bd8761c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 09qkFZAAAAAAKn2sjGJNbSZhVtPeAiYzCQU1TMDRFREdFMTgxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 081IGZAAAAABfxhpt1MbhS4XVLAm566KKU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 06 Mar 2023 20:54:11 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
68.219.88.97302 Found 0 B IP 68.219.88.97:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2F921A2FDFDC445687253B14D76AF801&RedC=c.clarity.ms&MXFR=29547727B1136E64056865EBB513606D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=29547727B1136E64056865EBB513606D; domain=.clarity.ms; expires=Sat, 30-Mar-2024 20:54:12 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 06 Mar 2023 20:54:11 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1353439d055988b34fcd4ed3687a89ed
1792b67b3d6cfdb774760b20987e1a735a8d66c4
547139b3001d8df694cc567b769930550c0041a39cf80a1d623c49e287df0f0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.vlitag.com/vld/1676977002/vl.json?page_url=https%3A%2F%2Fshrinke.me%2FVRiOcu8d
104.22.59.199200 OK 13 B URL HTTP/2 services.vlitag.com/vld/1676977002/vl.json?page_url=https%3A%2F%2Fshrinke.me%2FVRiOcu8d
IP 104.22.59.199:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7babbbdeca820a7e691913c68428f1c
873007e1c38b8fbea1d265afa40bb15ad6cc4fb5
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
GET /vld/1676977002/vl.json?page_url=https%3A%2F%2Fshrinke.me%2FVRiOcu8d HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: application/json; charset=utf-8
content-length: 13
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://shrinke.me
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Sun, 05 Mar 2023 15:05:44 GMT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e1529cdb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 21:48:03 GMT
expires: Fri, 01 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 342369
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:54:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 11:26:53 GMT
age: 34039
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 74 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8614847619bd534255903458227ebe9
1bc192b4421645affc6b13b9de32d9c65035ed8c
80a21e7bb52522c0ba4d83f8508c273c7052ff5296e021c2d3102260c64320c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:54:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab3964124c43755909f9891e162d3c7
c912f5fcb7985842877c76686c6bcd356b5977ff
34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10332
x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6iVE07oAMF28A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: VQHHejqNu7eIU2c9SrcpSjyZ0h9jEHoz3QdUEy8-5vJ8n-PTe5IZPw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:00:32 GMT
age: 82420
etag: "c912f5fcb7985842877c76686c6bcd356b5977ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02cd95c30a65a0c80928e653abedeefa
1099ae20c50109211fc9318ece50a784fec998f9
08162a68f91d9149ace613460e3dfae80ceac1dbe505c79642138032100335bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6155
x-amzn-requestid: 99998e44-c2f0-4973-bede-44c33036ba4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7U7HA-oAMFQww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050c1f-7f8fe3f96531b57c69584754;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:39:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zEWUxG77GT-uaewuPLzCl7DptXf5xbmQtBX7_tEaichah3kC3tmKAA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:16:20 GMT
age: 81472
etag: "1099ae20c50109211fc9318ece50a784fec998f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69536c57b14c2419255e2386dd07e825
dbae31696a00f5f6c8495de0983ff8a08e77f970
7e09f086bc5f848e3ff503a2ab61392a57a0149af47f20415e5adeb2408e02e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8161
x-amzn-requestid: c9201eea-8216-4a14-803c-b947465f327c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6k1GA4oAMFpkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050aeb-4c2595df7964fd650a9de81f;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CT8akW7CBkdgv11ADLeS94gm5CmU6zqTJ5DIDcOb7xi1fJp-xVffhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:45:52 GMT
age: 79700
etag: "dbae31696a00f5f6c8495de0983ff8a08e77f970"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18bfa351-16bf-432a-ae68-78856a5cd3cb.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18bfa351-16bf-432a-ae68-78856a5cd3cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41701ffc7b7299a6eeb3d0a3d5e191c8
579dd82050cba63d527e066ef0b67e3d015994e3
6769a7226568cad7489b72e861a6add459efa885f78ba6ed3cf3275ce4ffb1bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18bfa351-16bf-432a-ae68-78856a5cd3cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7283
x-amzn-requestid: 40be1d2c-3b61-4f66-9513-2533032e56a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7MIFGRoAMFghA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050be6-58eee1715cb9256849b7cece;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: t4S1VMsPXAyAlHs40CbmTZJ5jBeFn6aCD6W4yP88zkte6x8GJkA1TA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:56:40 GMT
age: 82652
etag: "579dd82050cba63d527e066ef0b67e3d015994e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a28abd5bcab3f7c22f6e49ba3d4e7c9
8910a1a41ae43ab84f5236e586fb18d136b89c00
6d9277a9136a9903160c1443d7ff67e59c18c973e03898e4b32e092d536bcd35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ca02e49637cae70036c1ba7262fc0f8b
47bf57169b3d8745b71b6fa0b5f45f95c93c8e14
308bed9f5e7535b310b5ef72083154ca2d5b15f8ec4480e028e83f0849a43ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49dbeca46074e859a5a2958fdec9b28b
c649916591826b4db490b98cbe530533818daf0d
cb33caa142deb6570ce9e8a382d7fce45ba0101cdbc65ee6319dd23693f22086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 5ae814e4-592b-4811-a724-d807b69ebd2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6hUHslIAMF26w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050ad4-051cb0632863689209d81d45;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: zlrwir3_2rfYf_Sr-2fQok_Sm2sLNVZfELD1DR3vdFL3avdVcsXJ4Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:56:28 GMT
age: 82664
etag: "c649916591826b4db490b98cbe530533818daf0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
142.250.74.98200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (39694)
Hash 541acba90db564fd9c3db1dd0879995f
f522d6c50ccdd34b8f287b5881f6b45d03346189
a13999994192371c98d96e36cb0c3b2bb7ee93e71cf14cfb173dfb554304f86c
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27034
date: Mon, 06 Mar 2023 20:54:12 GMT
expires: Mon, 06 Mar 2023 20:54:12 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1503 / 304 of 1000 / last-modified: 1678104817"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 20:54:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-137383949-1&cid=183918465.1678136052&jid=1161718401&_u=YEBAAUAAAAAAACAAI~&z=647541037 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 20:54:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a28abd5bcab3f7c22f6e49ba3d4e7c9
8910a1a41ae43ab84f5236e586fb18d136b89c00
6d9277a9136a9903160c1443d7ff67e59c18c973e03898e4b32e092d536bcd35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
143.204.55.116200 OK 5.3 kB URL HTTP/2 test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
IP 143.204.55.116:0
File type JSON data\012- , ASCII text, with very long lines (10330), with no line terminators
Hash 89332621f353a2e34f124e5fd8de508b
fceda9144206b961ff7d693d5ae7faaacdb2dca7
749d5c12812c44c0dc8314404d5763aebb2708716fd864119aa09f07cabe42f2
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Mon, 06 Mar 2023 03:00:43 GMT
last-modified: Tue, 28 Feb 2023 19:55:44 GMT
etag: W/"827ab5dd7888f65fa2e62721058d39d0"
x-amz-server-side-encryption: AES256
x-amz-version-id: uRgkyVnCszgWxLOEMMXOPZ0LpGeod8MZ
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lLNRSCS7wSkpa0IOvODRaat8ESpEixRAdxicYter9MTjaNXby6LVWQ==
age: 64410
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230306
151.101.65.229200 OK 878 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230306
IP 151.101.65.229:0
File type JSON data\012- , ASCII text, with very long lines (1590), with no line terminators
Hash f8c9772765253e27e53a5fb89dfb072c
7aa995cfc564d949e9bd51aa78c311db1a73829f
f448056778742ce2521b8c40668c6cfc784b27899f63aa27fcf435ddeeae7606
GET /gh/prebid/currency-file@1/latest.json?date=20230306 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1638
x-jsd-version-type: version
etag: W/"636-6Zylw4j3AYlTeu7oHM9VNBnL3Fw"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Mar 2023 20:54:12 GMT
age: 17604
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 878
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1032
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Mon, 06 Mar 2023 20:54:11 GMT
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAKrtBPBe-tYaZ-PAyr-qUYK-aAMwMUBaqtetRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAKrtBPBe-tYaZ-PAyr-qUYK-aAMwMUBaqtetRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAKrtBPBe-tYaZ-PAyr-qUYK-aAMwMUBaqtetRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cuKR317ht0NMaB%2FhK7pjdw2iZb6mkmP%2BENmv4L60PreGpcn5jbMb167hPiPtnLq73vI14GPPGvbA6gX6SRyfR1avRGnBjVfTC9JA8cndCeNlSFTGOWWoyQoCjATnLRwCadH%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18cf58b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNryytryyr-TwAa-PTYM-qUKU-ZtYATTTAUrPBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNryytryyr-TwAa-PTYM-qUKU-ZtYATTTAUrPBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNryytryyr-TwAa-PTYM-qUKU-ZtYATTTAUrPBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUhklnBv%2B6VJqlpGcbNkh3CxZQtBVc0JLozEyLmCSHuJ%2BxwAxGxoJq7Am8Sy68cEYAkrWvtkMWMwFYexK5qUCxKSuMfH66BEmF2Ihub2RCvQXidEzcbVibC2Dc4BcH%2FcmJbyNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18cf5eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZrMKArTa-rqyM-PeTw-aTww-BZPUyqAtyBUARdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZrMKArTa-rqyM-PeTw-aTww-BZPUyqAtyBUARdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZrMKArTa-rqyM-PeTw-aTww-BZPUyqAtyBUARdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAYWP7NPO7k%2BYJmAPMPXHk3qGJE7wzuNpYJdIDEvEvyQD6CpupYsNqvmU7CT4j27DL3Nq4oepxP070nb8FUAm8YlHizXnUMQSmse0JB%2BxAnLkNra8ftz85Km9VEPrW%2FQAHe8Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18df6bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZtYqUaUB-KMwa-PeUT-wZZZ-BweeUywAqawKRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZtYqUaUB-KMwa-PeUT-wZZZ-BweeUywAqawKRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZtYqUaUB-KMwa-PeUT-wZZZ-BweeUywAqawKRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnHs6zuDT8yimIFuV5OVILhgwKwg%2BLoqEJ50nqnVczhJYmniFTC49zWxIDzU6VasIQRW6yPmv0R1Cs4nAlaZACcUJXETPGGUXhTQ%2Fwut4Q9rM9yd7YDnPeDi9R7v96Z%2Bb%2FElZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18cf68b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKwqUeeqM-UYTq-PTUa-qMey-BMKyrrKrwywKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKwqUeeqM-UYTq-PTUa-qMey-BMKyrrKrwywKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNKwqUeeqM-UYTq-PTUa-qMey-BMKyrrKrwywKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPv9X%2FKSSX8xqBLJ%2FSX3n2OrbafPIFtgMT8RShsVgieCBZkz5E76COKL%2BYU%2F9BpXPiR52sVmrJ93vCE%2FfFN8AxK5yH8I3fBnNi%2BstWAhWL9IxcWpbfscYE%2BTRDdR7FHjxMtWMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18df7db4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNqarUMeaq-PZBY-PTPP-wTqM-KtKZAttyMwqeRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNpl
172.67.158.59200 OK 0 B URL HTTP/2 px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNqarUMeaq-PZBY-PTPP-wTqM-KtKZAttyMwqeRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNpl
IP 172.67.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNqarUMeaq-PZBY-PTPP-wTqM-KtKZAttyMwqeRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Mon, 06 Mar 2023 20:54:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B%2FAUyDJfjhLwLu4OElh3Yn%2F%2BDZVkbb3KXmGz4wghN%2FagdVtzlV88ZH9Y7q7%2BkHCAnrvJ6qDQJuJH4oUlWZXjMCbSXod%2F9xgDfQDWk07GWeUSmnx4TIY%2FV%2Bp%2BPU8R3r1zpwIaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e18df72b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.66.133:0
Hash b8a033c02971e1b042b56a6e903b5e67
8285e42f1e2c0d50c2c7590afd156b7d6c3c35ab
b068f131fc4c4b29c50ca054d4ba2b48962b6e434b3e66aefc601171fa39619f
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "18C7BEBF6A92B93405FD1E223E1E02062A828B06"
Expires: Tue, 07 Mar 2023 07:00:00 UTC
Last-Modified: Mon, 06 Mar 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Mon, 06 Mar 2023 20:54:12 GMT
Via: 1.1 varnish
Age: 3483
X-Served-By: cache-bma1658-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1678136053.714103,VS0,VE0
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2F921A2FDFDC445687253B14D76AF801&MUID=2DE27938E10969D0127C6BF4E0FC6845
68.219.88.97200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2F921A2FDFDC445687253B14D76AF801&MUID=2DE27938E10969D0127C6BF4E0FC6845
IP 68.219.88.97:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?ctsa=mr&CtsSyncId=2F921A2FDFDC445687253B14D76AF801&MUID=2DE27938E10969D0127C6BF4E0FC6845 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Wed, 15 Feb 2023 08:41:50 GMT
accept-ranges: bytes
etag: "ddef9591941d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 06-Mar-2023 21:04:12 GMT; path=/; SameSite=None; Secure;
date: Mon, 06 Mar 2023 20:54:12 GMT
content-length: 42
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
143.204.55.17200 OK 136 kB URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
IP 143.204.55.17:0
Size 136 kB (136348 bytes)
Hash 9fc727e3788080e4b031d48652b40f54
b625ea00e6f3528374cbc43b3f8b7ca8fcf5da9a
057d2bc1998e2ecc047a859aa7df532542ba50648293a63bfa3ec373e1fa7cd3
GET /tcfv2/23/cmp2ui-en.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
cache-control: max-age=172800
date: Mon, 06 Mar 2023 19:34:13 GMT
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AvSkX5bKlTvlQCQ-ejamDKGpMA8f354O17iYaDT8xOhmBPY45WAjog==
age: 4800
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a262ed896e81c715b16a98cdb1a15bfa
6b1e4ea9844ad329ad428024f6d421327c8280d8
a849bb5452d63f980baea3d2f559ba55c2a633a9dd4396e550914a29234282a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=0&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
54.230.241.131200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=0&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash 5c09a820a2aa691825ab040054eb620f
ef80c583092fd08a504c80c070bf1d3da7192c3c
8eb3204a7fb745b2dcad358a537b34daa9a8148740216a5500deabc6ca6123b7
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=0&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A29441%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Mon, 06 Mar 2023 20:54:13 GMT
x-amz-rid: GX67AVPMMGSSQT0617HH
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U9uqytxylci2UcH5rWHRF3ZqQRfaEE6lEPKCrfjF47teqeRbYuzGvg==
X-Firefox-Spdy: h2
redirector.googlevideo.com/videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-o097znzk&ms=au%2Conr&mv=m&mvi=2&pl=19&initcwndbps=3685000&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&mt=1678122822&fvip=4&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDArRPQifDU_LPeE4s7x1DH3FeJh7PYpZMudajVdCkUUCIQDurn9m1xlJZbPbi2zhRVukCamvbAR8G2o5w2Psb03Z7Q%3D%3D
142.250.74.78302 Found 1.2 kB URL HTTP/2 redirector.googlevideo.com/videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-o097znzk&ms=au%2Conr&mv=m&mvi=2&pl=19&initcwndbps=3685000&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&mt=1678122822&fvip=4&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDArRPQifDU_LPeE4s7x1DH3FeJh7PYpZMudajVdCkUUCIQDurn9m1xlJZbPbi2zhRVukCamvbAR8G2o5w2Psb03Z7Q%3D%3D
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1031), with CRLF, LF line terminators
Hash b7714abc46ab023c6529bd2a4c2bd79e
dd3d5019c8876fd39c2e171188e7edaa3b888e9f
71d683ab688d5b6b10ed32680fc64e8142a7b9d47b21144333284100f89606ec
GET /videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-o097znzk&ms=au%2Conr&mv=m&mvi=2&pl=19&initcwndbps=3685000&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&mt=1678122822&fvip=4&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDArRPQifDU_LPeE4s7x1DH3FeJh7PYpZMudajVdCkUUCIQDurn9m1xlJZbPbi2zhRVukCamvbAR8G2o5w2Psb03Z7Q%3D%3D HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Mar 2023 20:54:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
location: https://r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1678135755&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJFrp8h0O_Ukg3EBmFGTXJ5wynOCOrMBO_cT-IjhA9IXAiALYPYH4SNvishZR9jmhFR3Lo9wGD-JoFain5l05xvNpQ%3D%3D
content-type: text/html; charset=UTF-8
server: ClientMapServer
content-length: 1208
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=2&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
54.230.241.131200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=2&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash afcb7fc8a619e7598ea20664de08848b
3b876690b9d72b7c95eefbbe5bceda4fd8acf632
ecd747c35ff88c97d7af5d90510f69cf824d8a5f421515bd6e1f982a3ec3561e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=2&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A92666%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Mon, 06 Mar 2023 20:54:13 GMT
x-amz-rid: YKA2PCPKQ9WQSWAK3PNX
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rMJhzKU1MQCNSX9bLczde8Qe3FzBTt4nBQyt4u1eupMsVhyAxthPYw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 678eb6dcd4920efa7cb284ca7f423df2
ebb2c0c3dd50ebabc2ae4ff925a9b8b9bb8e7ed8
fc4e38304fcec8a1482892d6c15fa3b98f47180351b59e088ed0f25e5529755a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=1&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
54.230.241.131200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=1&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash 89912f179d4849af0c3b2d42708b9a09
cc96aba038dc8082d29f5c4bc85378963b14faed
c095a11e19ffa3176b9f2069f2af7ae24a0579e5d28d702283fa81ecb6c21cb4
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FVRiOcu8d&pid=wO6GaKsoeTWdG&cb=1&ws=1280x939&v=23.225.2013&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A29440%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C305%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Mon, 06 Mar 2023 20:54:13 GMT
x-amz-rid: G9W376ZHN5ZZX0AB36JK
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WBUTVYIp1Q0ELxto71ce4Y5LfYROeMEdiT4kWRI1DfCw9dGI0g_Ouw==
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain
54.239.38.253302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain
IP 54.239.38.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Mon, 06 Mar 2023 20:54:13 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: PSFAYJN131E9EQCFMXS2
Set-Cookie: ad-id=AxsRMqKFAU82hhsf-VO6eRM|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 20:54:13 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1678135755&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJFrp8h0O_Ukg3EBmFGTXJ5wynOCOrMBO_cT-IjhA9IXAiALYPYH4SNvishZR9jmhFR3Lo9wGD-JoFain5l05xvNpQ%3D%3D
91.90.45.173206 Partial Content 17 kB URL HTTP/1.1 r2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1678135755&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJFrp8h0O_Ukg3EBmFGTXJ5wynOCOrMBO_cT-IjhA9IXAiALYPYH4SNvishZR9jmhFR3Lo9wGD-JoFain5l05xvNpQ%3D%3D
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ISO Media, MPEG v4 system, Dynamic Adaptive Streaming over HTTP\012- data
Hash 41be74b5a8306a0ee02e5e50ef9ea649
738a8dd5bcdc4b03ee5186046230bbb8fcf7e6de
a98e6ee574f1b31f12ebe95d3e0b54ea2020c87ef7f8f6e7ff4f06b6bd4a44f3
GET /videoplayback?expire=1678144889&ei=GSEGZMymDNT-kgazjrTQCQ&ip=184.164.141.146&id=o-APACaOgiSdBhISjjRHMtNEN77n1B8HEwW6-wgq_T7oSf&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=uSMUcmIhyqd_3uaFYoHI6XsL&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=1LhdskZcc0W0Hd2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANVdd4O0XjHT__3LDRgJiKQiuiuXEI4p4CcYaX4Z50uxAiArOKuL9ZIvtfapcp0HvUgIj5khrSISjQxal3xrPlSzTg%3D%3D&cms_redirect=yes&mh=3a&mip=91.90.42.154&mm=31&mn=sn-capm-vnae&ms=au&mt=1678135755&mv=m&mvi=2&pl=21&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJFrp8h0O_Ukg3EBmFGTXJ5wynOCOrMBO_cT-IjhA9IXAiALYPYH4SNvishZR9jmhFR3Lo9wGD-JoFain5l05xvNpQ%3D%3D HTTP/1.1
Host: r2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Sat, 11 Feb 2023 16:00:34 GMT
Content-Type: video/mp4
Date: Mon, 06 Mar 2023 20:54:13 GMT
Expires: Mon, 06 Mar 2023 20:54:13 GMT
Cache-Control: private, max-age=8536
Content-Range: bytes 0-30541470/30541471
Accept-Ranges: bytes
Content-Length: 30541471
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain&dcc=t
54.239.38.253200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain&dcc=t
IP 54.239.38.253:0
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_ym_rbd_smrt_cnv_3lift_n-Outbrain&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Mon, 06 Mar 2023 20:54:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: JFFQH11B4QZVFHH1TZMX
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 620
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
date: Mon, 06 Mar 2023 20:54:13 GMT
X-Firefox-Spdy: h2
audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1678136052961%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-orku5yylhlxcwj9za61c%22%7D
18.158.134.217200 OK 2 B URL HTTP/2 audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1678136052961%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-orku5yylhlxcwj9za61c%22%7D
IP 18.158.134.217:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1678136052961%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-orku5yylhlxcwj9za61c%22%7D HTTP/1.1
Host: audit-tcfv2.quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:13 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
shrinke.me/VRiOcu8d
104.21.33.119200 OK 0 B IP 104.21.33.119:0
GET /VRiOcu8d HTTP/1.1
Host: shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Thu, 29-Feb-2024 20:54:09 GMT; Max-Age=31104000; path=/
AppSession=8ca847b76847290eff617dac72c3e986; path=/; HttpOnly
csrfToken=1db301a49f7da8ae61bda258bca3216942985d6b211b05435714677458b9df81a9b433f2c86e1c9be83015607584ce97c28d977ccb1a6f998a8a39fae9a9e4f8; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1OrMgMp2Oxs9XEJOihlX29ozoxUAXeTQi%2FMgbhKlv8Yx04lHayKIika3OY53rBrsPlSpoToSDHD8zluzfDIGNoOujh1Ktx3BEZBvyIxsTurlMqk5r%2BiCJQ9IHF6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3d7e07784bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.74200 OK 0 B URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.74:0
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 122295
date: Mon, 06 Mar 2023 20:54:12 GMT
expires: Mon, 06 Mar 2023 20:54:12 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
IP 142.250.74.106:0
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Mar 2023 20:54:10 GMT
date: Mon, 06 Mar 2023 20:54:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Mar 2023 20:54:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHfRYGe-6xs1W9YLnJGbmhe3yXXSK2dxadESy6GAe1ywqV7mD0x_BNDa6tS4NdN1uKk6nP1_7A
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-k4ED18K3Od0Mozj932qJDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:lwtRv1RwGL3nGo9upgjQ1K-jdbHXXQ:xO4HOko1ZQTn4_gt; Expires=Wed, 05-Mar-2025 20:54:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
104.22.59.199200 OK 0 B URL HTTP/2 services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
IP 104.22.59.199:0
GET /adv1/?q=b696d0f5c06dbd9fd83feb568718537b HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=559185
etag: W/"b696d0f5c06dbd9fd83feb568718537b 2023-03-06T02:34:16 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
age: 91
server: cloudflare
cf-ray: 7a3d7e0ebe91b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Origin: https://shrinke.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:11 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://shrinke.me
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6531
last-modified: Mon, 06 Mar 2023 19:05:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUR9v7r34eRKhqsmZ8G1h6wL1Ilmu0405PcBl%2FcAKY6LNCzTYYubFSY65sfN8FIw9QEjm6a7KSNMnYlFZBTgvjAdCOUQHNaG4ZrkOgsMPLK9nH37IpDERH1MLbA3as8p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3d7e108b6c7576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/tag/6j3srg4zo7
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/6j3srg4zo7
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/6j3srg4zo7 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=f6371730fac143528f35821b766e1321.20230306.20240305; expires=Tue, 05 Mar 2024 20:54:11 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 081IGZAAAAAAydWBnTcVgRK3ytYk+wUxxU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 06 Mar 2023 20:54:10 GMT
X-Firefox-Spdy: h2
services.vlitag.com/obj/1676977002/b696d0f5c06dbd9fd83feb568718537b.json?cc=NO&hn=https://shrinke.me
104.22.59.199200 OK 0 B URL HTTP/2 services.vlitag.com/obj/1676977002/b696d0f5c06dbd9fd83feb568718537b.json?cc=NO&hn=https://shrinke.me
IP 104.22.59.199:0
GET /obj/1676977002/b696d0f5c06dbd9fd83feb568718537b.json?cc=NO&hn=https://shrinke.me HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:54:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://shrinke.me
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Tue, 28 Feb 2023 05:58:29 GMT
cf-cache-status: HIT
age: 35176
server: cloudflare
cf-ray: 7a3d7e1529cfb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S856156638%3A1678136051279705&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfrbzpKC4rQFPVy6L9fJGGDFGQ0ms4FyMv_E-B4H0EhCBzjSwAhbumpVY-Lv-e2VArfJESO8w
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S856156638%3A1678136051279705&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfrbzpKC4rQFPVy6L9fJGGDFGQ0ms4FyMv_E-B4H0EhCBzjSwAhbumpVY-Lv-e2VArfJESO8w
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S856156638%3A1678136051279705&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfrbzpKC4rQFPVy6L9fJGGDFGQ0ms4FyMv_E-B4H0EhCBzjSwAhbumpVY-Lv-e2VArfJESO8w HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shrinke.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Mar 2023 20:54:11 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-FKbXtBJVywG4MRCKbaOaNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 06 Mar 2023 20:00:55 GMT
last-modified: Wed, 01 Mar 2023 21:30:51 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
etag: W/"2c112740356a90849c23eeb1700b20fb"
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: wsFLPGfAAeVnYL66nLI7yJUtWANnTJt1MfWZzFtksCjN7Q1YX-XADg==
age: 3198
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js
216.58.211.3200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js
IP 216.58.211.3:0
GET /recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164647
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 21:55:12 GMT
expires: Wed, 28 Feb 2024 21:55:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 514739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
143.204.55.17200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
IP 143.204.55.17:0
GET /GVL-v2/vendor-list.json HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrinke.me
Connection: keep-alive
Referer: https://shrinke.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 06 Mar 2023 03:00:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 06 Mar 2023 03:00:32 GMT
etag: W/"c90f0a75331b7344849cb093742523cf"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QN8NZPYSZQmTV6_5fqFKYe28rCBuISCSGWsFfBaf70UMsjmdJdh7yA==
age: 64417
X-Firefox-Spdy: h2