shiftproxy.io Open in urlscan Pro
104.21.37.38  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response shiftproxy.io/	19 KB 5 KB	878ms 584ms	Document text/html	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 441cecf706510ae30543d03c8ab440752c44b1d21a4e435b59ff86f2204e447b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 773256271f0d558d-SYD content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 02 Dec 2022 07:26:49 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpGyHlWZe4rqMuEOmxUyHcREU%2B5Kgk23UwNwMYQv6GcNPZe8WqpGmYFTb%2Fr80E4bR%2F0x42DAhg%2FHHhCSbKuaLdIhscPgkCPZrbArIoaFNgIwaBzKqklSCuXdZccaDY41"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	landing.css shiftproxy.io/assets/css/	19 KB 4 KB	559ms 558ms	Stylesheet text/css	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/assets/css/landing.css Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e38c70691292e40856dc7f7b5a4d24fc9892b68b3c8a05cea16e6dcdd1c3818f Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 18 Aug 2022 04:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4ab6-5e67cbc5b8180-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqNlcxRG%2F4e4g34%2BOxQpm3cG5kmOsPvjTg9MSzyx1xTdrRY8QQOrcmmzRWIALkkWZsxChyvFwJ31LRIzR4tz8PDCeYGPkgRxwE3hpvEMLYoZp8nYfZKlVdXjQR18WD5n"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 7732562ac901558d-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3239
GET H2	200	shiftProxy-logo.png shiftproxy.io/assets/img/landing/	13 KB 13 KB	562ms 561ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/shiftProxy-logo.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 595fe5bb1fc5863249a3f728dfccac86c5b4136d7490a9d4a18a9089b93b664a Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT cf-cache-status MISS last-modified Wed, 17 Aug 2022 21:43:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "342f-5e676c2c87600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3HYKgSS3dZiZ1ntR%2FGD00%2FHgqFhY4OIX0EgnDmwFWAR9LNS97MaSbuKFJh%2BT4MbrZqMfaZM1JWWsHFPaIoFGlJmXRF7xYA%2BF9AB3HnJ2MdoDwo%2Fdb2oUNH26MODzvcD"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732562ac902558d-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13359
GET H3	200	globe.png shiftproxy.io/assets/img/landing/	378 KB 378 KB	962ms 962ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/globe.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eef1aaa4be427cf1cfd7af502f338047a3dbb1ec47ae6654e4878a7a8a61af0 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:02:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5e75b-5e662e93fa880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICQtjgYutTjVYwVc%2FNA0oHSj603XkGl5BxyOFCXKeZUAmSM8rrawghu6V2sHwj4VvzVsd0hbKozdDAO5RVYsvIzhI6iutgp25XCTu7YT6pqbMya9CWDRhWuUSUGzwgdW"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732562ddb2fa7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 386907
GET H3	200	waves.png shiftproxy.io/assets/img/landing/	27 KB 27 KB	562ms 561ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/waves.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3911ea3fd932f7e475926bdefc1c8ffc92c66f96c14846af2902e57e2e12b6bb Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status REVALIDATED last-modified Tue, 16 Aug 2022 22:14:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6a90-5e66313175400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I4vZa7yuRUJcXiDlf%2BMi8T6xAtgUOJsq8n%2FE4EibSpWN0KYZW2Vn3BaM5eta08CK%2FUlCHuG9kETbr1NWWirYUJFZPLSThYISbeuTyC8VdmJ5%2Bd28s1MWwjYegExF92r"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732562e4be5a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27280
GET H3	200	rocket.png shiftproxy.io/assets/img/landing/	1 KB 2 KB	704ms 703ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/rocket.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 137aedd469a975d65228863b94fdffddc9f17eeaa12f32ceab828045d14ebbe1 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:35:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "468-5e6635d1ebe80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiTRlFFhBKHB963YJxMXG2ron7u3%2BX9ijmF6J8MiJ05ezClZzZ4mv3SJP5E95YSRVFlk248k5pwvgaG82Bs0eyCWfPnXpG0Ey5OpGNLFfqsiWDyQOdj05TDcM9VL%2FPTT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732562e4be8a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1128
GET H3	200	world.png shiftproxy.io/assets/img/landing/	1 KB 2 KB	705ms 704ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/world.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef53d49471e5d6968f14068819b89c56442edf0820d508514248d13320a30fa9 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:35:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "553-5e6635e316700" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGU2WfEDppaNxNgrO%2F%2Fo0b0hvvmqbyxglwTjSwFKlHA%2F1IvD5bAHueZy2ur5fmdwh9jQLi7eQptkEi42Ma5Og6VVKHN4GVhSj60bAT5EU7qfGlmHPA7wdtBoZdk16j6d"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732562e4beaa7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1363
GET H3	200	briefcase.png shiftproxy.io/assets/img/landing/	720 B 1 KB	890ms 889ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/briefcase.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1dd3cdeabb4635319b16daaf9edab2e9652eb1ec77d87d0883a7858e87cec5e Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:35:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2d0-5e6635ee88200" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeCKz79m%2FI9qxdb3lsdRnsiX0bgGAbbEl4KojvwjYaAyThRkxuK%2FYKelk0JQLBtGo7t9keYMTVxPq2F1pbXiTVW%2Fb9BLWozPYXiw6VGo1M3%2FGBBpEpXe43qjNpQ%2FVE3y"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 77325632b9f0a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 720
GET H3	200	api.png shiftproxy.io/assets/img/landing/	1 KB 2 KB	890ms 889ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/api.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71e6b3d022b2d0d3c608ac9271b2ef85a8eea21ec59b53e7a9035e57d55f84a6 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:35:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4f5-5e6635f440f80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGhcip0ZOLLOsOrPJusna%2Bu713f%2B0lnQnRVEyqT8rN2e2Z%2BXenNYmV2FQmwUwgcYEsxMIn0HdZqIXuMGWYTHkBdIQjqMRBhQV65KyYmX1RRdPAKrp8%2BmDhyKNv7Xq9gR"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 77325632b9f2a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1269
GET H3	200	anon.png shiftproxy.io/assets/img/landing/	986 B 1 KB	890ms 890ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/anon.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38d07dd23c7381bea80b64fcb699f6d19c816e2e363a3c0da83b7a98f59498f5 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:51 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:36:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3da-5e6635f811880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksjwynLr3Wx0vAH2fpz%2FGPJWw5XH4PFbKqzYNPZfVGnHm6lGfMATzqlcz3iNGCO8HtbraWEZEDdd7aaQTUxa2xY0eNqJWxd%2B1ZriHTrE84zO%2F%2BplxIqnjIkkXBk%2FdZL4"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 77325632b9f6a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 986
GET H3	200	star.png shiftproxy.io/assets/img/landing/	1 KB 2 KB	1666ms 1666ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/star.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fd85cc309add672343943049819da6db4cc362d2ced96d627134e954d25c632 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:52 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:36:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "536-5e6635ffb2a80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJagM1hYvJ84TGV%2F3lxiqebwXQjpEBL8MYsaCMO%2FaTbMlTbAqzpjIpzQRAD8rhA51ewxRzeJalX1y3K6ZNsgy8QW%2BmGt7f5Za3oQTk%2BI19GgQlSGD2s3nlUlS%2BeNRAtT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 773256336b5fa7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1334
GET H3	200	dashboard.png shiftproxy.io/assets/img/landing/	1 MB 1 MB	2073ms 2072ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/dashboard.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0bac0a5cec79339b5a1669552c2f180cdd4e4fc977f9f831eacd3efe58fbe7e5 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:53 GMT cf-cache-status MISS last-modified Thu, 18 Aug 2022 02:34:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "16fedc-5e67ad1cfac00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXy3vfZKEcQrmBg%2BOv9JSYxf%2B34I32vg06eS0GuTNCu8hogZynwCspEusZXxreWGTFw%2Fh66HEaBUxfkgnsHaw2EHgDnbUA%2FySNCB9wDOe7eOWSIi404u8n3V0lP%2F506i"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 773256336b61a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1507036
GET H3	200	map.png shiftproxy.io/assets/img/landing/	374 KB 375 KB	3073ms 3073ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/map.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19c42a16420569a7920f6709a7aadf96609265925729f6260b290572b25fc3a7 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:54 GMT cf-cache-status MISS last-modified Wed, 17 Aug 2022 11:13:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5d90e-5e66df3d1f400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIKXB%2FR2Hame8ByQKaek56rmSfz83xwKxr%2F%2FmGAwLhZvQgmKuQVgBUkG5syNKOiU6sFiOo4jzrJDUSCgDVLVVEpjzJ%2FV8ZHERySNubT7U0aVud6ekB8cCVB%2FtFb7OzEX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 773256336b63a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 383246
GET H3	200	review-icon.png shiftproxy.io/assets/img/landing/	75 KB 76 KB	1900ms 1900ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/review-icon.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13c8d6ccc91c391aca74f85eee274b9605fcf4adaed3d0fdef2d0a3677f2e911 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:54 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 15:08:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "12c61-5e65d1f3d2080" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=488P5W3XCs2b%2Bz%2B%2BUxwNcEfmYJ0gvW99Oaj6HisUuHqpVlW6LcGC7R%2F4wvIpjQ3Tx6A8DoFiNXRhmYCdr5vhU8rZO%2B5m1H8VDHZZiNs44Kq5o05P4f2vaYwvZU%2FlF%2FZ3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732563ace42a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 76897
GET H3	200	star-icon.png shiftproxy.io/assets/img/landing/	582 B 1 KB	1495ms 1495ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/star-icon.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f230f0bc37dd4a12a3da8b05d5a1a33409af16ce53341fd42fbc20d4f7b08f05 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:53 GMT cf-cache-status MISS last-modified Wed, 17 Aug 2022 11:24:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "246-5e66e1c3b6980" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PytUiSqqQ%2BqW3mPcUxfmCG7Y3mnIQiN3UGF4YslfHRBMgAsRPez%2B1ljgIMwJ%2BMGn%2BSgU3l%2Bdp1nhZsdfsPUDkZKhArCy3NMt3y%2FwRGjjwqs9EFl9p7mo5iv69yFH7R0D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7732563ace45a7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 582
GET H2	200	gsap.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/	64 KB 23 KB	440ms 148ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 44789 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23292 last-modified Fri, 22 Apr 2022 16:32:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6262d89e-5afc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqu6BMY11kA1hjMcE3rbg6SlZNCLlkZ7iQVmEcHcHsmaXYflHr4EmuLCKSTazlYmYWa%2Fw8jNzlKEq44X2fgqzzYBN%2B9Km0mLVmTgG%2BDQNmSdV9Jb4Zs%2Bsp0bBh1Jha0Vj0GFd21F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7732562cbd66dfa7-SYD expires Wed, 22 Nov 2023 07:26:50 GMT
GET H2	200	ScrollTrigger.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/	37 KB 14 KB	466ms 174ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ScrollTrigger.min.js Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eeea0ae57626a80aca153481285c67bf51f2d451d4b8a04bc7daf2e209f0f31 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1420639 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14324 last-modified Fri, 22 Apr 2022 16:32:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6262d89e-37f4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wkaDQEEo5TBlRXKiZJ1KYOnRWZtB1YnNgwLmcWIWb0epHaXjhCtceO6iHTu56PPlTPN7sLU9buw3FzrPAPM9UrsQ7uNNUnPPMg70Js6CJmsR44PYo45G2DJJ4meAWxxCl609WS5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7732562cbd67dfa7-SYD expires Wed, 22 Nov 2023 07:26:50 GMT
GET H2	200	jquery-3.6.0.js Show response code.jquery.com/	282 KB 83 KB	845ms 277ms	Script application/javascript	69.16.175.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.js Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software nginx / Resource Hash 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT content-encoding gzip x-sp-metadata HS256.CMrtppwGEogBCiQ2ZjI1ZmUzMy1jM2EyLTRjNmYtODY3ZS0wMzJlMjQzYzg1ZGQQ+OiCoKvU+wIaBgi60aacBiINMTE2LjkwLjc0LjIxNCjwsQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGM4ZjliMDRjLTBhN2MtNGUxNC1hZGMxLWRmMTdlMjk1MDZmNRjqlQU=.U+aU5Ieugfs5H94B78nskINANBWMA3ESdkgwFq1RDUw= last-modified Tue, 02 Mar 2021 17:27:20 GMT server nginx etag W/"603e7578-46744" vary Accept-Encoding x-hw 1669966010.dop033.la3.t,1669966010.cds256.la3.hn,1669966010.cds227.la3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 84714
GET H2	200	landing.js Show response shiftproxy.io/assets/js/	5 KB 1 KB	564ms 563ms	Script application/javascript	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/assets/js/landing.js Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caaf8c9825bc8f597de49b1d378882519c1b9ff3bd64f7e4a9038e7e75183028 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:50 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 18 Aug 2022 03:13:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "131b-5e67b5f500980-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTa8Yi2mTciakWtdeGmZCXz2wX7nIWKIv%2FuIgi42hsHfD0tdIvhdYBRZcX6q68No6sKEGwKHcwW%2FPd6XsmKvFFWISU8cmSpkD6kaRxCHV6pVAfma2OHXnnspSVv1lmVl"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 7732562ae911558d-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 950
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 77 KB	846ms 288ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-BK4VTJ3LY9 Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash 78ce49bffcabac3a736375b7667e5a112d670faab3d8573378f2c6574576db7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78552 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 02 Dec 2022 07:26:53 GMT
GET H2	200	css2 fonts.googleapis.com/	20 KB 1 KB	818ms 275ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: shiftproxy.io URL: https://shiftproxy.io/assets/css/landing.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 02 Dec 2022 07:26:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 02 Dec 2022 06:34:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 02 Dec 2022 07:26:51 GMT
GET H3	200	bg.png shiftproxy.io/assets/img/landing/	45 KB 46 KB	3053ms 3053ms	Image image/png	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shiftproxy.io/assets/img/landing/bg.png Requested by Host: shiftproxy.io URL: https://shiftproxy.io/assets/css/landing.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 575a89dd9d870a30cf2c87a97c7cb5bd0568bc0bb2f83dc1ab51f3174438d263 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/assets/css/landing.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:54 GMT cf-cache-status MISS last-modified Tue, 16 Aug 2022 22:29:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b480-5e6634823a680" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0OrY3BhjWrCWFYglkkO4Gfy6%2F%2Bx2jZr9SwdRHkZILwkdDR6L9NchsL6JHfy1jFiFlSMTtPKE24oaeO32GcIY6m7JbMhLSy6CZ5GjdDlDZbycDT7QhvXS%2FT2wSiSgr2l"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 773256339b8ca7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 46208
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v12/	37 KB 38 KB	823ms 274ms	Font font/woff2	172.217.194.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f94.1e100.net Software sffe / Resource Hash 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://shiftproxy.io accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 26 Nov 2022 18:43:31 GMT x-content-type-options nosniff age 477801 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37924 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:54:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 26 Nov 2023 18:43:31 GMT
GET H3	200	invisible.js Show response shiftproxy.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 4367	35 KB 17 KB	379ms 378ms	Script application/javascript	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1669953600 Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3272c36a8bce477cb614b2a89a1caf3b6740b581c449b1defd300025aa161eee Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:54 GMT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ9z%2BG05SzzxDUF3oB5I9hhkgroap4JJoLg8cB13gQiOYzOPnlGJ0hGx9hRQWPCcupi9fC7n2pszGCMqGp9lJ8P3tZVErK5%2Bg%2BrcLUV2tSIL1LH9f1uHWW36Wqmfwddw"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 773256442b4da7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	204	collect analytics.google.com/g/	0 345 B	814ms 270ms	Ping text/plain	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-BK4VTJ3LY9&gtm=2oebu0&_p=343283283&_gaz=1&cid=1842124709.1669966014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669966014&sct=1&seg=0&dl=https%3A%2F%2Fshiftproxy.io%2F&dt=Shiftproxy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BK4VTJ3LY9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 02 Dec 2022 07:26:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://shiftproxy.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 336 B	833ms 278ms	Ping text/plain	74.125.68.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BK4VTJ3LY9&cid=1842124709.1669966014&gtm=2oebu0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BK4VTJ3LY9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f154.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 02 Dec 2022 07:26:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://shiftproxy.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.co.nz/ads/	42 B 501 B	849ms 287ms	Image image/gif	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BK4VTJ3LY9&cid=1842124709.1669966014&gtm=2oebu0&aip=1&z=131255036 Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 02 Dec 2022 07:26:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pica.js shiftproxy.io/cdn-cgi/challenge-platform/h/g/scripts/ Frame 4367	19 KB 9 KB	151ms 150ms	Other application/javascript	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b57cd244673503901304b2d9618fe70cd43ea3a121e7e63a809561aa406e538 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Dec 2022 07:26:54 GMT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8h7YkM5ApKNyVwJ84Rc2S8cz7CqzT41fT%2BXsmFYc2ctaS%2BhCVbbZ4mNNlf8Gs6rftjoKnUFbKmE7J%2BZjBokotB6GJGawZVdrL%2FXV1IMp8PsIdQc%2F25TOwQeJ2l44CVNE"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 77325646eebda7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	773256271f0d558d Show response shiftproxy.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4367	2 B 679 B	176ms 171ms	XHR text/plain	104.21.37.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shiftproxy.io/cdn-cgi/challenge-platform/h/g/cv/result/773256271f0d558d Requested by Host: shiftproxy.io URL: https://shiftproxy.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1669953600 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers date Fri, 02 Dec 2022 07:26:55 GMT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3b24RqBT7B%2Fk5adJvLEYYY13WsZ6oo4TDpEGgB3buVHqyYtGtQTvl8FlX%2FzfRLG2bHSLKUcS98FawYuMCihDBD0%2Bu82ftylaiaFGmYIpfbJ8ydG2Q2o%2FSijuke8zfL9"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7732564999aba7ef-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	fcystlmu Show response widget.intercom.io/widget/	18 KB 7 KB	763ms 243ms	Script application/javascript	18.155.68.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/fcystlmu Requested by Host: shiftproxy.io URL: https://shiftproxy.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.68.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-68-47.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash dc5492d8d8bf004c79308a87e9a337aa429eb1ce37fbf4d6688698e54564e90b Request headers accept-language en-NZ,en;q=0.9 Referer https://shiftproxy.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id arer2yM8wkA0us.lUuV9yNy7RYtOcP6Q content-encoding gzip via 1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront) date Fri, 02 Dec 2022 07:16:50 GMT x-amz-cf-pop SIN52-P1 age 616 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 6170 last-modified Thu, 01 Dec 2022 16:44:15 GMT server AmazonS3 etag "35f0aa9e99c66338de998cc628144f93" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id uF1aBFAoCEqSEGLOxcCwLB5r7XUE4lIvjujAH8PQbKCAp88pEHpNBA==
GET H2	200	frame-modern.2b5dccc8.js Show response js.intercomcdn.com/ Frame 3C2A	459 KB 125 KB	790ms 269ms	Script application/javascript	13.35.8.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.2b5dccc8.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/fcystlmu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.8.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-8-129.sin5.r.cloudfront.net Software AmazonS3 / Resource Hash e6f6eb1b9ccb6c123b7608a1829afd0e42652d82391c5b9c641a73d5e56353cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id dwPvJHCD5FeBWRXrlGOTG16oIB5pjCsK content-encoding gzip via 1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront) date Fri, 02 Dec 2022 06:44:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 2550 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 127732 last-modified Thu, 01 Dec 2022 16:42:49 GMT server AmazonS3 etag "fcc2fcb312053efd27d6c53d73c06e67" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id oJ2Ao92EhlbfnU6Dro5oVjK6RQ72-b3fB1NlewWrfSQr-w89LX0I_g==
GET H2	200	vendor-modern.e7f7a621.js Show response js.intercomcdn.com/ Frame 3C2A	236 KB 73 KB	1316ms 795ms	Script application/javascript	13.35.8.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.e7f7a621.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/fcystlmu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.8.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-8-129.sin5.r.cloudfront.net Software AmazonS3 / Resource Hash f4fc9fa4fd2863e4319ea782226a00951524291d67a136aba37fa1f34d3f6bc8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id GFA88EW4QAFNIZSbGm_XVymTt.804N5x content-encoding gzip via 1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront) date Fri, 02 Dec 2022 05:50:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 5782 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 74347 last-modified Mon, 28 Nov 2022 11:48:23 GMT server AmazonS3 etag "24d93f1e68f80e6f2e2fd182462ff1b2" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id jhGrfQzUHY2gHw2zER7gpoq22p-WC4Dsm0m37q60vjIs6Zbvy6PS0g==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 3C2A	5 KB 3 KB	1382ms 702ms	XHR application/json	18.204.131.173
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.2b5dccc8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.204.131.173 -, , ASN (), Reverse DNS Software nginx / Resource Hash 5d314488653a7a45a264df4f480a0fe3afd4450ad62d364a7f2e902a5088586e Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 02 Dec 2022 07:26:58 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0e0148d2928d0c348 status 200 OK x-xss-protection 1; mode=block x-request-id 001nlar5vjs5jvolheog x-runtime 0.318859 server nginx etag W/"5d314488653a7a45a264df4f480a0fe3" x-ratelimit-remaining 13332 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://shiftproxy.io x-intercom-version 540f5d5aa55d5a0c60078bd4b38801d277c17cea cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1669966020 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| Observer function| ScrollTrigger function| $ function| jQuery object| intercomSettings function| Intercom function| gtag object| dataLayer object| _gsap function| _scrollTop function| _scrollLeft object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __intercomAssignLocation

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			shiftproxy.io/	1970-01-20 08:36:35	Name: PHPSESSID Value: n1b5v87i08c5ue6bfn864d0i30
			.shiftproxy.io/	1970-01-20 17:28:46	Name: _ga_BK4VTJ3LY9 Value: GS1.1.1669966014.1.0.1669966014.60.0.0
			.shiftproxy.io/	1970-01-20 17:28:46	Name: _ga Value: GA1.1.1842124709.1669966014
			.shiftproxy.io/	1970-01-20 07:52:47	Name: __cf_bm Value: r5UBt.VjDTU_xSTCkXns.48vro5Lc6rmDfYT9ZzGR3k-1669966015-0-AaxaOY8JhW/cCKolGb2bvDkt9rKGqAN+XEECqycSjvuS7FzfyhTLa+ofKdVvfoIsgZi4KpeaKlY+xgwZTPW13Xgl8OtvsPn60D/9rNuA1hoVAaDkgcLyyCg2K4tdEf0Gv10h7GYnWY7CEKFpKEBSzQQ=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api-iam.intercom.io
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
shiftproxy.io
stats.g.doubleclick.net
widget.intercom.io
www.google.co.nz
www.googletagmanager.com
104.17.25.14
104.21.37.38
13.35.8.129
142.250.4.94
142.250.4.97
142.251.12.101
172.217.194.94
18.155.68.47
18.204.131.173
69.16.175.10
74.125.24.95
74.125.68.154
0bac0a5cec79339b5a1669552c2f180cdd4e4fc977f9f831eacd3efe58fbe7e5
0eeea0ae57626a80aca153481285c67bf51f2d451d4b8a04bc7daf2e209f0f31
137aedd469a975d65228863b94fdffddc9f17eeaa12f32ceab828045d14ebbe1
13c8d6ccc91c391aca74f85eee274b9605fcf4adaed3d0fdef2d0a3677f2e911
19c42a16420569a7920f6709a7aadf96609265925729f6260b290572b25fc3a7
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3272c36a8bce477cb614b2a89a1caf3b6740b581c449b1defd300025aa161eee
38d07dd23c7381bea80b64fcb699f6d19c816e2e363a3c0da83b7a98f59498f5
3911ea3fd932f7e475926bdefc1c8ffc92c66f96c14846af2902e57e2e12b6bb
3eef1aaa4be427cf1cfd7af502f338047a3dbb1ec47ae6654e4878a7a8a61af0
441cecf706510ae30543d03c8ab440752c44b1d21a4e435b59ff86f2204e447b
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
575a89dd9d870a30cf2c87a97c7cb5bd0568bc0bb2f83dc1ab51f3174438d263
595fe5bb1fc5863249a3f728dfccac86c5b4136d7490a9d4a18a9089b93b664a
5d314488653a7a45a264df4f480a0fe3afd4450ad62d364a7f2e902a5088586e
71e6b3d022b2d0d3c608ac9271b2ef85a8eea21ec59b53e7a9035e57d55f84a6
78ce49bffcabac3a736375b7667e5a112d670faab3d8573378f2c6574576db7c
7fd85cc309add672343943049819da6db4cc362d2ced96d627134e954d25c632
9b57cd244673503901304b2d9618fe70cd43ea3a121e7e63a809561aa406e538
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
caaf8c9825bc8f597de49b1d378882519c1b9ff3bd64f7e4a9038e7e75183028
dc5492d8d8bf004c79308a87e9a337aa429eb1ce37fbf4d6688698e54564e90b
e38c70691292e40856dc7f7b5a4d24fc9892b68b3c8a05cea16e6dcdd1c3818f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f6eb1b9ccb6c123b7608a1829afd0e42652d82391c5b9c641a73d5e56353cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53d49471e5d6968f14068819b89c56442edf0820d508514248d13320a30fa9
f1dd3cdeabb4635319b16daaf9edab2e9652eb1ec77d87d0883a7858e87cec5e
f230f0bc37dd4a12a3da8b05d5a1a33409af16ce53341fd42fbc20d4f7b08f05
f4fc9fa4fd2863e4319ea782226a00951524291d67a136aba37fa1f34d3f6bc8