shrinke.me Open in urlscan Pro
2a06:98c1:3120::c  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S-1610574320%3A1663244343551920&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqvJnFXe5JXjDqOUsUXjyqQWFoJm7jHHxYjKk0TMFMz7RWazdnpItlDnUJAG07tm4YzYJTe-Q

Request Chain 17

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S-1072935358%3A1663244343558725&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWotNPuj343saHjf9-Euolb2IErumkHc3Vf6ehHVOcwy4DC-1DtfD6mmtoGR4xznL6gN59d4Sw

Request Chain 77

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=QyFfrnxOZUN6TlNwZWRhYTk0SlR3SUlJZHlKUjdHbC9TMzFOY1JNT1F2QnlacDdKRGVVTTRUbW5tTVc3eWpnMVBLb2RiMFplWklrZVZQMFdVZ1pXSXpNdWNxbHBZN2xMTlJlWVNFU2F5aDNDQnJSb0lqWERkWGVZSkJMc1liS0F0R0dJc0EyUXdVVUNCWUthSGRBLzNsaFo0Y1AwRnJ0Y25vZi9pR0ZQS3pzQVNXYkZMYW1IUjQ4SEE3QUorOXA5ZG5Oc25USEk0U3pJVDlMaGQxazRmbnBlVitEMGJQWlJPU00zeXpnN21weHJ4K1lZPXw&cppv=2

Request Chain 83

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=ZsYlNHxMOFlsVzYzcVlBTklJK3U5U1FleFhZMjNWSmVYR05OaGhmMXVXZjdoZEc0Rnd4cW0wWkdJOHZOei96M01LdDEyRVNDZEgrZHFqUDN1V0ROS1hYOTluMDdCTW1KNjl4ci9BZHhRaVEwaURINGUyM2xCTFRSdjNoa29ENVErWnZYa0R5OEpZY015L3k0MTN6OVRoeUJ3L0hibzFHMW5DZFM2TU8wUWVPQ0ZwVHpycm1NTUVnSmpFVENra3cwcEFCc0U3U2FJWDNjTlIrUEhSNTE3Rkd4aThaSHNRV0xVWWpxMndJcTlGc01yREtnPXw&cppv=2

Request Chain 131

• https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C29&mn=sn-5hne6nzd%2Csn-5hneknes&ms=au%2Crdu&mv=u&mvi=5&pl=23&vprv=1&mime=video%2Fmp4&ns=MrMnQkrH2mwkgifVOKsWWOUI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1663232161&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=7NzRS4vO9NP62UO5w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgGPSLuLf6VOgpqdHOEHZ5P2onXtIbEsFANa3aHLUh8OoCIQCGeQNlWiStNwvtMlkjK5sst1e509UL8KPDBslTQsa6KA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAOTPsGbQuOu2_dbdABajqVnkfE0TQVQxxxgdGDBZ7LFnAiAX8NAdyh2TQuyLiNmjfqSPcbQN6y5YPjvujG4yX60qiA%3D%3D HTTP 302
• https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MrMnQkrH2mwkgifVOKsWWOUI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=7NzRS4vO9NP62UO5w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgGPSLuLf6VOgpqdHOEHZ5P2onXtIbEsFANa3aHLUh8OoCIQCGeQNlWiStNwvtMlkjK5sst1e509UL8KPDBslTQsa6KA%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1af8:4020:a034:9876::7&mm=31&mn=sn-5hne6nzd&ms=au&mt=1663244012&mv=u&mvi=5&pl=49&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgM6dUNfaokmK4jwCUT1HgLpzdrqgkZgUQezZXkGlADxcCIQDjDTn8qPORJE5hEvBir8xB1ZCe9xthKbOwVdUtMEVtYw%3D%3D

Request Chain 160

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&bundle=c4RSrV85MjZ4ZVk2U2dxQ3hsMjA4Z0dHMXRFUHhpazVybElJbFhoZGVUTWlWMUZpS1RqVHZUNzlDakxyNHFMTkFtSmYzT1hvM1hXYnVBNHRJbXBsQUI1WXglMkJ6a2JrQ21XJTJGYlllRXUzdW1LTnMzNWxtZzc4RDBWalQ0M29paXBlWVZpdjI&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=7yoo8nxRYTJzRVpzSEFRbmdEZjJldjgwYncyb1RZdXlyT1k4SlhuZmk4d25xeXQzZzI4dlU3ZENJc0hmOWRhZVhYd056VzBkbCtTYTdycTNJdE5kVEpNOGd4S2wyYmZLZDhpTlZsTUlvVGE4NlpTeGlhdG1HUzBFYVJHci9VTTgwZU16NUNHKyt3YUM1VU4rTVZUTkg2NXRiVU5JWnhxcVNmVWk3eVduUHVDVkU0a21VenExdXdDc2JWbFBwamdCQXBjRU5LNUx2QVpZUEo4UElxNStsY3l3b3dGNVE0NTlDYVpacnZ5cmdaR2dPakxVPXw&cppv=2

Request Chain 181

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=pP3zU3xTM2lpOEc3S0ZUQXhhd3FXZkVQb0xoV2svYSs2YVJQWmFnd0s4dFdDRUFPOGRQVG15SXpSUkpUOXBHMlMxOThPQjc2T2x3VmIwc3czRkpYVWUyMThOM0dnd2NscjhuRUpDSW5KbHYxM1ZBSHM2cDNVUUh3dmJnbmFkN2tOZGtCR21pQnZ0V09CZHVFck1hQkUvcFZ4UURaeEtpbGdsaDRzd1JqT0Rlb0pyN3d3UHZOVERsWUtRRmowUjlSUko3RUcyS3BFaFpuRzRBNGlvWDFMYk9zQ01TMXZEL3FERWszWDhzNW0xSVRqNEVJPXw&cppv=2

Request Chain 185

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=b8uwlHx4M255eWt4NUZnbUZqS0RwbE9GaSsyVVQvOUh0T1RtL0dVOGJJNzZZQ3lLOVhtUHUxb2dDcXZIT0tteG9RS2h5ZmNRRFdRU0duTlcvMktxREJ1THdoN3o5UmFZUDk3NlZVL3IrcXRzeUdsMnJ2YTlrVG5ZYlpEcnIzbFd2NFZtRzgzeEtsc01zKzNmY3V1U1prbjZLRXQrK1ZlWnR4RDlRZGlGbmlXWi84TkVYaXVvMUNmOCtrR0x4QnVUZXYwNXZkK0JvbGViZFQwMkdtekdOUzFTRE4wcTdKb25BS1FlMXBzT0VwTERDYWQ0PXw&cppv=2

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Hci5ViNJ Show response shrinke.me/	69 KB 30 KB	149ms 79ms	Document text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4590ef188a2b31600a731ead025e006755078ae27cac83640d3ea4818d2d993a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 74b14ef7893591e1-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 15 Sep 2022 12:19:03 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLENjSjOJWGFUjvk958sHWH75kUkqLkBJLi9PJfnVvm3yaMY9r0lqnowAHPUgXwlMJQGGjk9CrezOv0Z7ZlrU%2FpUGeWw%2BqS8534PNCNmacQxygYYki6AtlKIBvDWQnYmVEz%2BsADI%2BtVj"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN, SAMEORIGIN x-robots-tag noindex, nofollow x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	83ms 31ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Sep 2022 12:04:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 15 Sep 2022 12:19:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Sep 2022 12:19:03 GMT
GET H2	200	styles.min.css shrinke.me/modern_theme/build/css/	187 KB 34 KB	35ms 34ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1749625 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"2ec69-5a22587d62000-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJgQyX%2BsGbR0v8eUiIiWmNlRZOKMf2en2TRDXgamaCbojJYQO8POwApbkFoEfZGZ%2FC0hyu1ejfPUsfAXGtSZszVjp39VQD8thapVWWfYGo8XMkf7FYDzVHHOOLqNVluTmsNhNl7x%2F%2F9k"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 74b14ef80a2891e1-FRA expires Sun, 25 Sep 2022 06:18:38 GMT
GET H2	200	/ Show response d301cxwfymy227.cloudfront.net/	293 KB 96 KB	326ms 218ms	Script text/plain	2600:9000:2304:800:12:fc33:3bc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:800:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2308f3ca260f88f87516643ce1a1a40e1389c3b8a0280835cc3fe699ae02bd70 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-amz-cf-pop VIE50-P1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 97882 via 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront) x-amz-cf-id cxui8pVKtaqOhAf9HMODuFrRZGDI0MdK6xpReNBPaInk-kXb0Xob_Q==
GET H2	200	logo-sm.webp shrinkme.io/	31 KB 31 KB	366ms 55ms	Image image/webp	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shrinkme.io/logo-sm.webp Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1749633 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31236 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag "7a04-5a22587d62000" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zei%2F1iCX7gGDxmxJMSqocFlfmc5rIDAj9xlAsF2dZqDDYciJ4ykz9%2FZ4ZolUBbxI849M4mwpfzUM%2Fbv5m05NrHrdjQXqsPJSDxWS7b2altQK2JQLH39%2FxlszWWjo8Wc6r2apq%2FRu8xwDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 74b14efaf8ff9290-FRA expires Sat, 26 Aug 2023 06:18:30 GMT
GET H2	200	async.js Show response cdn.adtrue.com/rtb/	7 KB 3 KB	99ms 37ms	Script application/x-javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/async.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status HIT last-modified Mon, 16 Nov 2020 01:20:45 GMT server cloudflare age 17171107 etag W/"5fb1d3ed-1c9f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAqWoYhQ9wssN7sZ7iapwEFMJa9AML4GvT7dBvfwBr4tOmjuUge58QOqk3SaMeASaH5xXcBjT%2Bjf6lfVTAtfSsY5mkv4bCuOurJP8J8FcZoy6yGx9V7K3I9VzBX5bxLAL%2FTfV%2BUMLOvKtlClPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efad9da9119-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 23 Feb 2023 18:33:56 GMT
GET H3	200	email-decode.min.js Show response shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	32ms 31ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 15 Sep 2022 11:39:48 GMT server cloudflare etag W/"63230f04-4d7" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4T8Or8L77Qvlpxr601iq1GufQgebnw80QyDpYl76qdUZsmxS%2BS1r%2FhrFa07wxULILe%2BAgRw813x8Z7u13Ko3L%2BkubzveTrxrWMoHKimhVQt1M6Bp0x5y4c9PI%2BOSXSNDo3ShRuUn7Oc"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14ef89d19bb59-FRA vary Accept-Encoding expires Sat, 17 Sep 2022 12:19:03 GMT
GET H3	200	ads.js Show response shrinke.me/js/	190 B 664 B	33ms 32ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/js/ads.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1749625 cf-polished origSize=191 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"bf-5a22587d62000-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q29mznTMkrAYB4BuGJcAO2IecgN%2BNBN%2B9dZ0KGhURxRYEdphTRbe676NbMkuxyz0HPT4extzDklAt1aupx%2F01G6tO0p4c5jWpWKlSy8k%2FKmNzpUHGmIjppIUyATwy%2BCMbQ2es9l%2FpV0b"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 74b14ef8cd85bb59-FRA expires Sun, 25 Sep 2022 06:18:38 GMT
GET H3	200	rocket-loader.min.js Show response shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	24ms 24ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 15 Sep 2022 11:39:48 GMT server cloudflare etag W/"63230f04-302c" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0emkaDBprqrvxuc6HSRkZKjP1kx6RodAe2qOvrfWbLZX%2F8V6%2F%2FMN5ndy%2FLeLIQ4IKa5VSR%2FnKN3DYSJY6eIc25KR35MvoruFKOkjnYwqTqkOhArPzAzAgC9qUmuG4KcFIxBG4sq7kj%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efaa8cfbb59-FRA vary Accept-Encoding expires Sat, 17 Sep 2022 12:19:03 GMT
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 101 KB	90ms 30ms	Fetch binary/octet-stream	172.64.106.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 15 Sep 2022 10:19:12 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wI9xHBGFoKhZqaDfZ7bSnNyCFeAxN7oI1djMDkfmpP7lMXJk5qPhMy6qJGopOCXQqkv8L2XErqX7jgzFqIl%2Fd5qH9qUnGrN2A3PgdHtJAs9vsOuPD8KdDa1j7YIXUYHH"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://shrinke.me cache-control max-age=14400 access-control-allow-credentials true cf-ray 74b14efadccc914c-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	27 B 353 B	190ms 131ms	Fetch text/plain	172.64.106.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23e23f6a7fefaf826b7cd85debe00e3fa57ccaa65962e92e7ee709fd0652bd8b Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET content-type text/plain access-control-allow-origin https://shrinke.me report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOuIQFxoelAlGV3QBY3L8ZwBL4Dsgd%2FSKBvrR0h26VNwu%2BdbDEUgSjCVBC9OtvKKdeKKlPyiBK6QLMc8AbUMagqb9%2FBkfuAC4yBbZb01go%2F6Dbe%2BnCyP4mQyJ%2Blfq77z"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74b14efadccd914c-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response ndbriolenproc.buzz/	0 486 B	224ms 141ms	XHR text/plain	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/utx?cb=i3zKCz69WrpS&top=shrinke.me&tid=792297 Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://shrinke.me cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id nv5WbqnV6oGq5hwvy7hJZhkYDqLEPJHgrKCWDzKfl2yMbovrAQC_ww==
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	81ms 33ms	Fetch binary/octet-stream	172.64.106.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 15 Sep 2022 10:19:12 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW%2FGgY%2BdcDayjRPFjmDj0DHfuYtZUfvIaOrpK%2FjiZe%2FomsCmOuvKuDhsGpjLDyE93nGq2ZPad0IgkdoDUcUe9f4ahAF7Ag2gbSWyo7v8s%2BAnwiMoLG%2FQ1SReGVe0nTWx"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://shrinke.me cache-control max-age=14400 access-control-allow-credentials true cf-ray 74b14efadcd1914c-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	26 B 372 B	178ms 130ms	Fetch text/plain	172.64.106.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec36c6e80cac1b241f7ebdf35ff4ea9530ba3a1be5b507ba87b79ff1c7e478b0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET content-type text/plain access-control-allow-origin https://shrinke.me report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4f0vhMICViKxlfEcTKKNLVgP3TVzelUfETCPAjOXHr1288%2B7RImFIlwcgLcO%2FfW353RRWR2VKzOd0HL9qu%2FOdJp7RvV8raLtliMfu7%2Bz5lunOp%2FLRSPSURrfOgNpAMm"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74b14efaecd5914c-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response ndbriolenproc.buzz/	0 485 B	213ms 141ms	XHR text/plain	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/utx?cb=SP396ITMuH2p&top=shrinke.me&tid=829554 Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://shrinke.me cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 9JCpaGeChz3q9adyM7naCLTEFYBR2ZD909U8jRTr4d7lRAf90mfB8w==
GET H2	204	QmdYRWxtWDs2UREdDnY5cyFvBCkQFQF2IQY2NRcEJCY8AzUFMn4xBSZab3xecF5vYxwrA2V0SjETOTEZMVppYwUsATd4SjRaaWtfdklqfUJzQS14XWQTKCQLf1Z+NRg2C2V0WnRUanFYcVNrcV92 joccupangno.xyz/	0 246 B	195ms 131ms	Image text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://joccupangno.xyz/QmdYRWxtWDs2UREdDnY5cyFvBCkQFQF2IQY2NRcEJCY8AzUFMn4xBSZab3xecF5vYxwrA2V0SjETOTEZMVppYwUsATd4SjRaaWtfdklqfUJzQS14XWQTKCQLf1Z+NRg2C2V0WnRUanFYcVNrcV92 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01Sf1cAvDpgEK3W4pm4HGcoxj1pAx9SAiA9bBAFlViT4gLuoi9grR4FfxYQdrr%2F7%2BPRTY5xnE0Ch0iuptGMw2q51MOARvIJtL%2F7I3ukmRgLjmmStp93Fqcy2wL9F%2Fjab%2FY8%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 74b14efb0b4a6901-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	131ms 81ms	Image text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/v3/signin/identifier?dsh=S-1610574320%3A1663244343551920&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSign...	0 0	91ms 45ms	Image text/html	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S-1610574320%3A1663244343551920&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqvJnFXe5JXjDqOUsUXjyqQWFoJm7jHHxYjKk0TMFMz7RWazdnpItlDnUJAG07tm4YzYJTe-Q Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 396 x-xss-protection 1; mode=block pragma no-cache server GSE date Thu, 15 Sep 2022 12:19:03 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S-1610574320%3A1663244343551920&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqvJnFXe5JXjDqOUsUXjyqQWFoJm7jHHxYjKk0TMFMz7RWazdnpItlDnUJAG07tm4YzYJTe-Q cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-NO9TUSepAq5h1SGD47sH3Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/v3/signin/identifier?dsh=S-1072935358%3A1663244343558725&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...	0 0	84ms 44ms	Image text/html	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S-1072935358%3A1663244343558725&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWotNPuj343saHjf9-Euolb2IErumkHc3Vf6ehHVOcwy4DC-1DtfD6mmtoGR4xznL6gN59d4Sw Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 396 x-xss-protection 1; mode=block pragma no-cache server GSE date Thu, 15 Sep 2022 12:19:03 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S-1072935358%3A1663244343558725&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWotNPuj343saHjf9-Euolb2IErumkHc3Vf6ehHVOcwy4DC-1DtfD6mmtoGR4xznL6gN59d4Sw cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-E_1LuOgU1RVRb6pVBvivLA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	popunder.gif joccupangno.xyz/	35 B 557 B	99ms 35ms	Image image/gif	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://joccupangno.xyz/popunder.gif Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma public date Thu, 15 Sep 2022 12:19:03 GMT cf-cache-status HIT last-modified Wed, 14 Sep 2022 15:37:05 GMT server cloudflare age 74518 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6MhOxhFTLe8%2Bb5AfqxDwIukrBP6KGOY9%2B8o%2FpvBGU%2F3oOeEgl0U8f7yoSXd3IeEh%2FFipLu%2F%2FSMl%2FOFwQKpQ2N2meocMAmmN3GCOca0ZbMA11GTX%2BdMqNvYqhd3X75FaCRQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efb0b4f6901-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	RGpXenJrVTQJTyYiDkkkDCQOKAUeBgY8GgEoADg3Ey9jPSgBK3EOGyBXYENAdlNvXAItDmpLSmIZIxsGMRlqS1QtBDEVT2IcaktcdERmVEFiH2pLVDAaNh1PdUwnDgYoV2ZMRHdYY05BcFljSUs joccupangno.xyz/	0 257 B	192ms 129ms	Image text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://joccupangno.xyz/RGpXenJrVTQJTyYiDkkkDCQOKAUeBgY8GgEoADg3Ey9jPSgBK3EOGyBXYENAdlNvXAItDmpLSmIZIxsGMRlqS1QtBDEVT2IcaktcdERmVEFiH2pLVDAaNh1PdUwnDgYoV2ZMRHdYY05BcFljSUs Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4gJY%2F19zoO1hubMuGrogbajHHIrNzKaHuoJtLq%2BUvHe7TDSU1zBb8FXSxAe8LUmGY4scHzPOz30%2FxBwij03Q57nJurPyWHK%2BqLbUdiZnNgasCZ19eHcS0keY%2F%2BUKgHRK78%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 74b14efb0b516901-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	dDFQYXpbDjMSRxB2KDk3HmMdORc1dxQkIBdoESQ3IHcGCDslZHYVExAMaFNDQQRkRwodVW1TQ1JCJAAOAUJtUFwdXzYOR1JHbVBURB9lWFRFFyVcS1JFIAAdSQB2EQ4AXW1QTEICYlVORwVjVU5A joccupangno.xyz/	0 244 B	197ms 134ms	Image text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://joccupangno.xyz/dDFQYXpbDjMSRxB2KDk3HmMdORc1dxQkIBdoESQ3IHcGCDslZHYVExAMaFNDQQRkRwodVW1TQ1JCJAAOAUJtUFwdXzYOR1JHbVBURB9lWFRFFyVcS1JFIAAdSQB2EQ4AXW1QTEICYlVORwVjVU5A Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey6Wv7ltbQeEOhELRgzUY0ECtuBnnuYbwZ1DPFCmm736yEDYdvvw83QAN9x0JmDYeIXAQHCl8w5UfSkATuSW%2FbiT7Dkwnt4Gmcgb7W839SP7eXCoE%2FTkRT2dTHieAC4CDQ4%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 74b14efb0b526901-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	header9.webp shrinkme.io/	127 KB 128 KB	107ms 62ms	Image image/webp	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shrinkme.io/header9.webp Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1749633 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 130482 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag "1fdb2-5a22587d62000" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QzIBtZRipOwuNJgCjxet49kOCt3DJ75ciKYTEmL8M8%2F%2BQ8XMa1Tsoz2G%2By9sJ4IdHjv3oMtmkhH%2BKBuAsrUH%2FmPdCP4dWHJpAae8%2BGevxPzVajdMAjor8BIbrYii0raPsAVAEMUuxcSdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 74b14efaf9019290-FRA expires Sat, 26 Aug 2023 06:18:30 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 30 KB	98ms 44ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://shrinke.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 17:46:43 GMT x-content-type-options nosniff age 153140 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Sep 2023 17:46:43 GMT
GET H3	200	fontawesome-webfont.woff2 shrinke.me/modern_theme/build/fonts/	75 KB 76 KB	34ms 33ms	Font font/woff2	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2 Requested by Host: shrinke.me URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0 Origin https://shrinke.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6364 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag "12d68-5a22587d62000" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA6mAUWJmq26ylwxJb4edxOD9kWF1lTj2wECGoiC6BRdTcV%2BjGm3mSWozCXJ%2BG6K024l3FOne0U1kodR5Qccq2hoXNbWqLMWg%2B%2FQJvC8VJVOH%2FHwNv3mHL0RxGGPlfX86J5Zc8ws5pcn"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 74b14efaa8e4bb59-FRA
GET H2	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v28/	30 KB 31 KB	75ms 22ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://shrinke.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 12 Sep 2022 17:42:58 GMT x-content-type-options nosniff age 239765 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31196 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:43:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Sep 2023 17:42:58 GMT
GET H3	200	Hci5ViNJ shrinke.me/	68 KB 68 KB	90ms 90ms	Image text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://shrinke.me/Hci5ViNJ Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efac905bb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache server cloudflare x-frame-options SAMEORIGIN, SAMEORIGIN vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdfuGWo%2FLBt%2Beg6A4KDn0R%2BYJ6iErUPu%2FSMJPvpxz0HWY09HtkaDks5XiHq6Zam0jt%2FV1rM%2BtnowN3r9%2BvoyO27gzMkrAbfZmxyltXB2iQXvjUQtOyZQJMLf9VMpa%2Bjuof9E%2BWIyLYw5"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate x-robots-tag noindex, nofollow expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	921 B 998 B	94ms 31ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 114f52a705e061c474c037663b9f836fb290527fc157655a90bcc14b7957bd11 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 585 x-xss-protection 1; mode=block expires Thu, 15 Sep 2022 12:19:03 GMT
GET H3	200	script.min.js Show response shrinke.me/modern_theme/build/js/	202 KB 61 KB	60ms 59ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0 Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/Hci5ViNJ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1749286 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 31 Mar 2020 12:16:00 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"32956-5a22587d62000-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzMdA%2FM3T85WkLz%2FU4RI5Mz%2BcEPVf3qUSqmMtpQFQC%2F%2BY3DUr7PNeY0RqCbqFKqI6upP1kFJ%2B%2B6oAy8JXGNMrTaqTd6262yhCKkmZArFPlqG%2F%2BU4j4HkBqdgsav0%2FX5hwByT3xx1b0fJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 74b14efad91ebb59-FRA expires Sun, 25 Sep 2022 06:24:17 GMT
GET H2	200	11628 Show response tags.orquideassp.com/tag/	823 B 1 KB	117ms 22ms	Script text/javascript	2600:9000:2057:e800:2:e529:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.orquideassp.com/tag/11628 Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:e800:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash ce36f676ef8ce52a9213048f1a08b0bb84d9c42597d327d4844feb68f368ab44 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront) x-content-type-options nosniff age 85 x-dns-prefetch-control off x-cache Hit from cloudfront date Thu, 15 Sep 2022 12:17:45 GMT content-length 823 x-xss-protection 1; mode=block server nginx/1.16.1 etag W/"337-b1qf5FlC4abtHU8zyRVmerh6bFM" x-download-options noopen x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * x-amz-cf-pop FRA6-C1 x-amz-cf-id t2T1l26GqiP0BbNHGoCW2WbTgXbJ-hQYcqOy785g3y0VHlLnRh6QBw==
GET H2	200	12656 Show response tags.orquideassp.com/tag/	823 B 1 KB	117ms 22ms	Script text/javascript	2600:9000:2057:e800:2:e529:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.orquideassp.com/tag/12656 Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:e800:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 2f7278404edca136bf89b7f73199f14c662e1fd6468a4d4f72ec8bcfbfa3d84a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront) x-content-type-options nosniff age 782 x-dns-prefetch-control off x-cache Hit from cloudfront date Thu, 15 Sep 2022 12:06:36 GMT content-length 823 x-xss-protection 1; mode=block server nginx/1.16.1 etag W/"337-qJ++jr3n04I22/Ou037JBvp6MKI" x-download-options noopen x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * x-amz-cf-pop FRA6-C1 x-amz-cf-id S2Sh-1DPHjaomki0vWjASzO64WAnqqU0RVmlrN3wXu8GlLDRwVaWGA==
GET H/1.1	403 Forbidden	1844b8e470c024a415cff51a0843d71c.js whizduly.com/18/44/b8/	0 0	320ms 102ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://whizduly.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Thu, 15 Sep 2022 12:19:03 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H2	200	/ Show response services.vlitag.com/adv1/	528 KB 137 KB	112ms 51ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 648492b8aba195f26b849ca9399491111358e4b14606baf80f24d2e14768b5bb Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 642 etag W/"b696d0f5c06dbd9fd83feb568718537b 2022-09-14T02:38:31 v1 default" x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 cf-polished origSize=540863 cf-ray 74b14efb3f478ff4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/	84 KB 29 KB	74ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip last-modified Fri, 20 May 2016 17:24:41 GMT server nginx etag W/"573f4859-14e4a" vary Accept-Encoding x-hw 1663244343.dop141.am5.t,1663244343.cds280.am5.hn,1663244343.cds218.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29811
GET H2	200	js Show response www.googletagmanager.com/gtag/	106 KB 42 KB	97ms 34ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-137383949-1 Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a09cbd44f096374bc15a6d5272598646703b43660756fdc5b091bce12f047deb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42396 x-xss-protection 0 last-modified Thu, 15 Sep 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Sep 2022 12:19:03 GMT
GET H2	200	QCYVACU Show response ndbriolenproc.buzz/Z080ZEMGLVcJfAZyVkI2FSMJQXEhagYiJ1R/BQc7EClNCTpVfQNKIAsgQQAlFSBaEG0JKkBBcSF2bgkZDiwEXAUkHkMyICUGZCYoUntsVRE2HFoMAiMNcQcKNRVWJ3M9agYmACM4diorABhxDQILBHUcAiEoXxYUVhVxLDpTBnUyejEEUw... Frame 562A	3 KB 2 KB	167ms 139ms	Document text/html	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/Z080ZEMGLVcJfAZyVkI2FSMJQXEhagYiJ1R/BQc7EClNCTpVfQNKIAsgQQAlFSBaEG0JKkBBcSF2bgkZDiwEXAUkHkMyICUGZCYoUntsVRE2HFoMAiMNcQcKNRVWJ3M9agYmACM4diorABhxDQILBHUcAiEoXxYUVhVxLDpTBnUyejEEUwMFP39+FAEQBnUwLRMOcQwKBAVyFyYhHWURACUacyIpMgRlJiA0LFMXCSANWw4AACt8NRILG2ciCTApYj4MIR1bDAIAJGIlBBcaYgM0Ly5YNhQyf3oMFQwBZikUFxpiDBYGBmImEDV/dSoSVh1nJ3ALHGBUbgMNUhMgMApcXDIiHnklBCQWZzVyJn5RCBU1G3EmdjZ+ZjcUHh57ISRfKVUIEgsdBCJmVQl3A3stCVkUFjEoYTMPJn9+N3I9dmIDFiwOZyUPJn9QJgAxK2MyclZqBiIQIQFgNy0XBmJVASAuWDYUIh19FAEfHngyLVcoYVUFIhZiMhI1Dm4dFRBpXhcsCT8JDXZWIW4HBjA/QCYVACU Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash d12bd3d84002e1fc7534b07ea12f7841f57ccc5a3733f0eb242572f630572040 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1237 content-type text/html date Thu, 15 Sep 2022 12:19:03 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) x-amz-cf-id t8cN_THVupjeqCgy48YAg32lx8Cvy3d99hjM1vNOcgwkiJjuOgpmSQ== x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront
GET H2	200	ICsMHyUMSzA9CxwqMi1cD0EWJh4yOj5PCw1LFR8IHC4wFSsLTwE1VHxKEiEKfxInGAMpRRguVS0ZJRoabE87JA Show response ndbriolenproc.buzz/WXhUd204GjcaUjhFNlEYKxRpUl8fXWYxCWpIZRQVLh4tGhRrSmNZDjUXIRMLKxc6A0M3HSBSXx8wNRwnNywMLicVKT8FPgtMJjZeGzoBRC8PHBFCIBI6BR4qGwhxRSsSAAY4JTA1Az4sHx4wJgo8LRZDWRhLFjA5GkwTPhUfIA42JDM+Ah... Frame 0A33	3 KB 2 KB	208ms 182ms	Document text/html	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/WXhUd204GjcaUjhFNlEYKxRpUl8fXWYxCWpIZRQVLh4tGhRrSmNZDjUXIRMLKxc6A0M3HSBSXx8wNRwnNywMLicVKT8FPgtMJjZeGzoBRC8PHBFCIBI6BR4qGwhxRSsSAAY4JTA1Az4sHx4wJgo8LRZDWRhLFjA5GkwTPhUfIA42JDM+AhMXCCsjJC4RQQAWGhQ0MgACMDwVOhgaASwjOhgqBy5dAyg3MQk1OQU6HhgBHTUqDhwCET8+HQ5GO2AqZQceD0o8MSYeHAIRPBw8GDErbC1lHCwIFm0wKDcqAC0rFyE3EDRgOjMuAxw7MyIsCgsAFigICzBGQAtOAzEBaSk6TioIET8nIgsLEy1cDDcBRgUgOy0mCR1KMCELCz0EPjwuEQxHVC4uLUMIHjtkPCYfNg01KwNBBUc/ICsMHyUMSzA9CxwqMi1cD0EWJh4yOj5PCw1LFR8IHC4wFSsLTwE1VHxKEiEKfxInGAMpRRguVS0ZJRoabE87JA Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash cc2cb79c0546deb450c491c9bf627c801c8c100b8ce5f01f8466d0fb5a54d1b5 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1219 content-type text/html date Thu, 15 Sep 2022 12:19:03 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) x-amz-cf-id OBd8-I9Hz0rLxQFI9P7WUfgtLdY7yVcy11RDkDvsaPfvGZxAIGxPqA== x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront
GET H2	200	CgoMFS0aOQ98DwlUGQY3FSkZPRgOChwdFhopFDQIDj4JYiQ8AzQ0cwIiDxMGHBQoKx0XCx4 Show response ndbriolenproc.buzz/Tk9sWkQvLQ83ey9yDnwxPCNRf3YIal4cIH1/XTk8OSkVNz18fVt0JyIgGT4iPCACLmogKhh/dggACA99JgA7FxMHDlU8HA8KARgVHC0+aR4bCyo+EAQdJg0AHxkVFgwtfSU9JzcePh8lBgsAPw5/AlsddX8qPg0vABgtahctJAg5ABwVFQ... Frame 6D1B	3 KB 2 KB	198ms 175ms	Document text/html	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/Tk9sWkQvLQ83ey9yDnwxPCNRf3YIal4cIH1/XTk8OSkVNz18fVt0JyIgGT4iPCACLmogKhh/dggACA99JgA7FxMHDlU8HA8KARgVHC0+aR4bCyo+EAQdJg0AHxkVFgwtfSU9JzcePh8lBgsAPw5/AlsddX8qPg0vABgtahctJAg5ABwVFQ8GdgwpCXUtCzkPBh44WQkcKX9YGCgpAS4zNwseG2MQASgtHwAmIF0ZAhsfKh00GildACYofz0WEX9/WBkCLQcrMCMdByocAgcdOTkRGxlJaAYbHQgOEQY4BhICCAkjGywWGTkcNRshGB0WfXc2HnUqLA02aQMFLT0Ra30qHhI5GikZdAUaLj4VKBwPFxELBQQPI3cIPml9BBoLKQYHKFw5ERoVHQ8zJR8kGRULByocAgUOPjsHDD8BCAU6GyozJxoZC24VLyMif3YIGgcMcho4ABQVBno1HgF/CgoMFS0aOQ98DwlUGQY3FSkZPRgOChwdFhopFDQIDj4JYiQ8AzQ0cwIiDxMGHBQoKx0XCx4 Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash be65edbec5c99d1efdd13d05a312af7c0e9e5c0ea5b099643bd5db732a100aae Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1237 content-type text/html date Thu, 15 Sep 2022 12:19:03 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) x-amz-cf-id pE38vN8oufo49slzyAnnMI9PBMRhBMgH4xh7TeO6343iTIwo9le0Qw== x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront
GET H2	200	multi Show response ndbriolenproc.buzz/	3 KB 2 KB	141ms 141ms	XHR text/plain	99.86.240.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ndbriolenproc.buzz/multi?cs=djVheWdOB1ZOX0QFVkpfTgxUSlY&abt=0&red=1&sm=76&k=highest%20payout%20short%20shrinkme%20shortener%20link%20earn%20money&v=1.0.59.1&sts=0&prn=0&emb=0&tid=829554&fs=1&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F105.0.5195.125%20safari%2F537.36&tzd=0&uloc=&if=0&_P6zL=1663244343556&crc=1 Requested by Host: d301cxwfymy227.cloudfront.net URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.240.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-240-33.vie50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 2ed344172b3bda7668c9c46f297a7ff48549602e8c4138bfeff875416fc35f33 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop VIE50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://shrinke.me cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1572 via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) x-amz-cf-id oKoqicaBbso3Zp7ibfw_4AK8m_ij2W0zmPYTMI3-ePpI5UAarXJJ1A==
GET H2	200	SFNTSnpIV1BGalRWERIpBxQLVn0gU1FEYVVQRAZyVw Show response d301cxwfymy227.cloudfront.net/9ZmZic08FCQwVcBIPBk54X1RQSnhADBEcIRZbC0Z+CDwBNhgWEiAlKAxAFgkrW1ZEHy4IAV9VKggFX0JpBwIATntAEhIcJFseFRQuCBUGFjUKQBcScgsJGBojCgdHQQlTSFJWfVZOFRohAgkVAGpUVgwHalRWU0NhVkNRMW... Frame 562A	766 B 837 B	206ms 206ms	Script text/plain	2600:9000:2304:800:12:fc33:3bc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d301cxwfymy227.cloudfront.net/9ZmZic08FCQwVcBIPBk54X1RQSnhADBEcIRZbC0Z+CDwBNhgWEiAlKAxAFgkrW1ZEHy4IAV9VKggFX0JpBwIATntAEhIcJFseFRQuCBUGFjUKQBcScgsJGBojCgdHQQlTSFJWfVZOFRohAgkVAGpUVgwHalRWU0NhVkNRMWpUVhUaIVBSR0ANQ1RSC3lST0-dBfwcWEh8qEQMAGCYSQ1A1elVRTEB5Q1RSWyQOEg8falQlR0F/Cg8JFmpUVgUWLA0JS1Z9VgUKASALA0dBCVdWV11/SFNTSnpIV1BGalRWERIpBxQLVn0gU1FEYVVQRAZyVw Requested by Host: ndbriolenproc.buzz URL: https://ndbriolenproc.buzz/Z080ZEMGLVcJfAZyVkI2FSMJQXEhagYiJ1R/BQc7EClNCTpVfQNKIAsgQQAlFSBaEG0JKkBBcSF2bgkZDiwEXAUkHkMyICUGZCYoUntsVRE2HFoMAiMNcQcKNRVWJ3M9agYmACM4diorABhxDQILBHUcAiEoXxYUVhVxLDpTBnUyejEEUwMFP39+FAEQBnUwLRMOcQwKBAVyFyYhHWURACUacyIpMgRlJiA0LFMXCSANWw4AACt8NRILG2ciCTApYj4MIR1bDAIAJGIlBBcaYgM0Ly5YNhQyf3oMFQwBZikUFxpiDBYGBmImEDV/dSoSVh1nJ3ALHGBUbgMNUhMgMApcXDIiHnklBCQWZzVyJn5RCBU1G3EmdjZ+ZjcUHh57ISRfKVUIEgsdBCJmVQl3A3stCVkUFjEoYTMPJn9+N3I9dmIDFiwOZyUPJn9QJgAxK2MyclZqBiIQIQFgNy0XBmJVASAuWDYUIh19FAEfHngyLVcoYVUFIhZiMhI1Dm4dFRBpXhcsCT8JDXZWIW4HBjA/QCYVACU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:800:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e62ab30190de0a2bd5c785f139f01816f08ec5804814d54bb0d6fd537e572702 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ndbriolenproc.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-amz-cf-pop VIE50-P1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 560 via 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront) x-amz-cf-id VJFPRNNPNNsft4CJH15ocaRzJhy7FebYmNx5y8HNLwqm34GZI7A91A==
GET H2	200	UkV6TwlNQH5YDE1EfVQcUUU8AF8CByZECyVAfFYXUENpFARS Show response d301cxwfymy227.cloudfront.net/OdU9hOWMWIA9fXAEmBQRbR3ZUDFdTJRJWDQVyLHc2IgcyQREaHDleJ1M7G11eRWkNWA0SckdcDRZyUB8CES1cDUUBPw5SXg04BlgNBisEQw9TOgAEDho1CFUPFGpTf1Zbf0QLU104CFcHGjgSHFFFIRUcUUV+URdTUHwjHF... Frame 6D1B	601 B 737 B	203ms 202ms	Script text/plain	2600:9000:2304:800:12:fc33:3bc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d301cxwfymy227.cloudfront.net/OdU9hOWMWIA9fXAEmBQRbR3ZUDFdTJRJWDQVyLHc2IgcyQREaHDleJ1M7G11eRWkNWA0SckdcDRZyUB8CES1cDUUBPw5SXg04BlgNBisEQw9TOgAEDho1CFUPFGpTf1Zbf0QLU104CFcHGjgSHFFFIRUcUUV+URdTUHwjHFFFOAhXVUFqUntGR38ZD1dcal-MJAgU/DVwUEC0KUBdQfScMUEJhUg9GR39JUgsBIg0cUTZqUwkPHCQEHFFFKARaCBpmRAtTFicTVg4QalN/UkV6TwlNQH5YDE1EfVQcUUU8AF8CByZECyVAfFYXUENpFARS Requested by Host: ndbriolenproc.buzz URL: https://ndbriolenproc.buzz/Tk9sWkQvLQ83ey9yDnwxPCNRf3YIal4cIH1/XTk8OSkVNz18fVt0JyIgGT4iPCACLmogKhh/dggACA99JgA7FxMHDlU8HA8KARgVHC0+aR4bCyo+EAQdJg0AHxkVFgwtfSU9JzcePh8lBgsAPw5/AlsddX8qPg0vABgtahctJAg5ABwVFQ8GdgwpCXUtCzkPBh44WQkcKX9YGCgpAS4zNwseG2MQASgtHwAmIF0ZAhsfKh00GildACYofz0WEX9/WBkCLQcrMCMdByocAgcdOTkRGxlJaAYbHQgOEQY4BhICCAkjGywWGTkcNRshGB0WfXc2HnUqLA02aQMFLT0Ra30qHhI5GikZdAUaLj4VKBwPFxELBQQPI3cIPml9BBoLKQYHKFw5ERoVHQ8zJR8kGRULByocAgUOPjsHDD8BCAU6GyozJxoZC24VLyMif3YIGgcMcho4ABQVBno1HgF/CgoMFS0aOQ98DwlUGQY3FSkZPRgOChwdFhopFDQIDj4JYiQ8AzQ0cwIiDxMGHBQoKx0XCx4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:800:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b8d3368034b71b9a6e658cf3687bf3fccd979dd3f61cc0320cf4108187f1c299 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ndbriolenproc.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-amz-cf-pop VIE50-P1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 460 via 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront) x-amz-cf-id 5vA4V-FSUt-LTnZ3pruVq7IuR1sAwRURifEMP2RRxL8h881b1fZexQ==
GET H2	200	Vg Show response d301cxwfymy227.cloudfront.net/HakJnTXYJLQkrSR4rA3BBU3BVdE5MKBQiGBp/KxROHiMWIAFfdQgeUB44A3BGTC4GIxFXZAIjFVdzQSwSCH9TawMLfwoiDAMuCyxTWARSY0ZPcFdlAQMsAyIBGWdVfRgeZ1V9R1psV2hFKGdVfQEDLFF5U1kAQn9GEnRTZF... Frame 0A33	192 B 461 B	207ms 207ms	Script text/plain	2600:9000:2304:800:12:fc33:3bc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d301cxwfymy227.cloudfront.net/HakJnTXYJLQkrSR4rA3BBU3BVdE5MKBQiGBp/KxROHiMWIAFfdQgeUB44A3BGTC4GIxFXZAIjFVdzQSwSCH9TawMLfwoiDAMuCyxTWARSY0ZPcFdlAQMsAyIBGWdVfRgeZ1V9R1psV2hFKGdVfQEDLFF5U1kAQn9GEnRTZFNYcgY9BgYnECgUASsTaEQsd1-R6WFl0Qn9GQikPORsGZ1UOU1hyCyQdD2dVfREPIQwiX09wVy4eGC0KKFNYBFZ9Q0RySXhHU3dJfERfZ1V9BQskBj8fT3AheEVdbFR7UB9/Vg Requested by Host: ndbriolenproc.buzz URL: https://ndbriolenproc.buzz/WXhUd204GjcaUjhFNlEYKxRpUl8fXWYxCWpIZRQVLh4tGhRrSmNZDjUXIRMLKxc6A0M3HSBSXx8wNRwnNywMLicVKT8FPgtMJjZeGzoBRC8PHBFCIBI6BR4qGwhxRSsSAAY4JTA1Az4sHx4wJgo8LRZDWRhLFjA5GkwTPhUfIA42JDM+AhMXCCsjJC4RQQAWGhQ0MgACMDwVOhgaASwjOhgqBy5dAyg3MQk1OQU6HhgBHTUqDhwCET8+HQ5GO2AqZQceD0o8MSYeHAIRPBw8GDErbC1lHCwIFm0wKDcqAC0rFyE3EDRgOjMuAxw7MyIsCgsAFigICzBGQAtOAzEBaSk6TioIET8nIgsLEy1cDDcBRgUgOy0mCR1KMCELCz0EPjwuEQxHVC4uLUMIHjtkPCYfNg01KwNBBUc/ICsMHyUMSzA9CxwqMi1cD0EWJh4yOj5PCw1LFR8IHC4wFSsLTwE1VHxKEiEKfxInGAMpRRguVS0ZJRoabE87JA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:800:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 62b8d525fd7481d7e8bcd7cc79dbc959ba278cc46c9f023cc57a6be52e7948fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://ndbriolenproc.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding gzip x-amz-cf-pop VIE50-P1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 184 via 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront) x-amz-cf-id 9hcT9D0wGxKPdx9fkmjTQa4jByvS0drb4unE8VOJQocHrIIcARcxcg==
GET H2	200	/ Show response d301cxwfymy227.cloudfront.net/	47 B 447 B	287ms 205ms	Fetch	2600:9000:2304:800:12:fc33:3bc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d301cxwfymy227.cloudfront.net/ Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:800:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-amz-cf-pop VIE50-P1 x-cache Miss from cloudfront access-control-allow-origin https://shrinke.me cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform access-control-allow-credentials true content-length 73 via 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront) x-amz-cf-id phbDPlkIFIrWJUcbuM1zyw8wSn6mpnPJ2TGnGemH69m9rlyBOHv0gg==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	71ms 22ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4623 date Thu, 15 Sep 2022 11:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 15 Sep 2022 13:02:00 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	86 KB 29 KB	99ms 36ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: shrinke.me URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 3b385067b8325f24d6ce8c88366513a70e741383e5cd8b30762d4f88d69bd372 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29171 x-xss-protection 0 server sffe etag "1334 / 91 of 1000 / last-modified: 1663240024" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	impress Show response exchange.adtrue.com/delivery/ Frame 8153	5 KB 2 KB	50ms 41ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bf6bd13dc2093cdb45172ffe0cd0385233c80088be6a767d0a00f957bb0a6cf Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-adtrue-instance adt-backend-2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBNdnPDEpe7pH5hhFpBiOGBdKm1d%2BEpNDF4ULj%2FuETtKn55Pxd0Ok9uY0lD5V31kZOLolIeMBAb3ulJgftFacrq2bq0G0kghUQOmY7RdbUL7vzRlgyimP0I%2F1HJz7Slqp0jfh3nRjeSE5PLn9UY5h%2FM5"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 74b14efdcee79119-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	icon.svg supertruco.com/	4 KB 2 KB	225ms 173ms	Image image/svg+xml	192.0.78.218 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://supertruco.com/icon.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.218 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 30 Aug 2022 14:43:20 GMT server nginx etag W/"630e2208-102b" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Thu, 15 Sep 2022 12:19:04 GMT x-ac 3.ams _atomic_ams expires Thu, 22 Sep 2022 12:19:04 GMT
GET H2	200	impress Show response exchange.adtrue.com/delivery/ Frame 34DC	5 KB 2 KB	44ms 43ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f87590ce192ea004e69219be56c0dd7c64222820f9db41555de4f23e9bd09b81 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-adtrue-instance adt-backend-2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GXoUZ9TCHnUfxyADduZClYpno4plihbyR5qcgdnA3KCgCYaeEn3AKokUPBvZoEJXUYEpF%2FceAAGrTteBToREwtI2DxBy9zrWfiQzaQUc4EFIjSFX5cfNfXVgqZhWXb8pT5lcLD%2Bm%2F0O1yjhWm%2FxXWuB"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 74b14efdcee99119-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	b696d0f5c06dbd9fd83feb568718537b.json Show response services.vlitag.com/cli/	42 B 355 B	216ms 168ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/b696d0f5c06dbd9fd83feb568718537b.json?hn=https://shrinke.me Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec968d42479dde38d4861d0ba85aa90e5623774b9f43855f8e4562b43e8a4011 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status BYPASS server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding content-type application/json access-control-allow-origin https://shrinke.me cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes cf-ray 74b14efe4f439957-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 42 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/	388 KB 389 KB	71ms 21ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__nl.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e21251fc46b15390066f2728781cf918a41214c67ed9ed34c5c626407d5d5fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shrinke.me/ Origin https://shrinke.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 18:37:15 GMT x-content-type-options nosniff age 150109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 397317 x-xss-protection 0 last-modified Tue, 06 Sep 2022 00:04:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 13 Sep 2023 18:37:15 GMT
GET H3	200	prebid.js Show response cdn.adtrue.com/pb/ Frame 8153	295 KB 89 KB	64ms 37ms	Script application/x-javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/pb/prebid.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a6e1485395d9ac3a976ed476918e5fdd87dd4efbe7920f7dd5a8121968c4907 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status HIT last-modified Mon, 20 Jun 2022 03:02:14 GMT server cloudflare age 6943616 etag W/"62afe336-49d30" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG5bUFpfLAng2J8nulN584ThRA5f2WmOvf%2FLCvrcq%2FdXpxoQir%2F647om7MTOv9SLEKpt0MC%2BhrGGXEOMDrHWGz93mA0583NH1HIDOITCtRWRI5b44%2BoKVg%2FKNj4e1J32TWW%2FHjeg7J%2BRPV0h%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efe3ac19247-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 22 Jun 2023 03:32:08 GMT
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 8153	255 KB 79 KB	123ms 34ms	Script text/javascript	184.51.9.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-34.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers unused62 8096267 date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip last-modified Wed, 27 Oct 2021 05:33:12 GMT server Apache etag "1241a12-3fca8-5cf4eee137dd8" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=116617 accept-ranges bytes content-type text/javascript content-length 80538 expires Fri, 16 Sep 2022 20:42:41 GMT
GET H2	200	request Show response track.adtrue.com/track/ Frame 11B9	377 B 541 B	59ms 44ms	Document text/html	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://track.adtrue.com/track/request?pzoneid=20034&domain=shrinke.me&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&loc=https%3A%2F%2Fshrinke.me%2FHci5ViNJ Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74b14efe2f7d9119-FRA content-encoding br content-type text/html date Thu, 15 Sep 2022 12:19:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y31PPuR8bv9kV8Rk%2BgvECp9UVfIt4%2FUidIlNUJyztuM8unVoDGS5Gre20fYfjHSS5dlLfX5IZFVq73K2pnqobE9dIguYJRDErTV98lEDU0aHEoyJPJbTfgmI47ca6wlBjAblsfVXoPkv4PSbJ7g"}],"group":"cf-nel","max_age":604800} server cloudflare x-host-name adt-backend-1
GET H3	200	prebid.js Show response cdn.adtrue.com/pb/ Frame 34DC	295 KB 89 KB	60ms 42ms	Script application/x-javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/pb/prebid.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a6e1485395d9ac3a976ed476918e5fdd87dd4efbe7920f7dd5a8121968c4907 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status HIT last-modified Mon, 20 Jun 2022 03:02:14 GMT server cloudflare age 6943616 etag W/"62afe336-49d30" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etZEFurA2DqsrdcB%2B0Giq%2BlPI3wOXaJCAITXwwksWVXlZ59WHe36OnOqf69xtkch69ojBpnlQOQHxf6hyhKohMW%2FC%2F5RIvSJzeBQycSMA6Y%2FWtNZ8wbAj5yOV%2F5whdM4onlMFLnEhbhL3mwGVA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74b14efe3ac09247-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 22 Jun 2023 03:32:08 GMT
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 34DC	255 KB 79 KB	153ms 72ms	Script text/javascript	184.51.9.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-34.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers unused62 8096267 date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip last-modified Wed, 27 Oct 2021 05:33:12 GMT server Apache etag "1241a12-3fca8-5cf4eee137dd8" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=116617 accept-ranges bytes content-type text/javascript content-length 80538 expires Fri, 16 Sep 2022 20:42:41 GMT
GET H2	200	request Show response track.adtrue.com/track/ Frame 6D83	377 B 490 B	51ms 44ms	Document text/html	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://track.adtrue.com/track/request?pzoneid=20033&domain=shrinke.me&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&loc=https%3A%2F%2Fshrinke.me%2FHci5ViNJ Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cb=394303717&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/Hci5ViNJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74b14efe2f7b9119-FRA content-encoding br content-type text/html date Thu, 15 Sep 2022 12:19:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql%2FoUGYvkV16BrMsaDUDwNZR4KvYkbyrAu9jZCNqcWGa8HT9PfNIM%2BoPAkE8Nf0OCscxAMz1cbgzxRYLu4oxgtmSvvdHEmKmUk5LbekM159sC3P3rvzWofcmweVKCs0fWprz2sMt%2F8Umtg8Q31Ao"}],"group":"cf-nel","max_age":604800} server cloudflare x-host-name adt-backend-1
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	74ms 29ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=811759108&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1110664435&gjid=1678378796&cid=928105237.1663244344&tid=UA-137383949-1&_gid=87376431.1663244344&_r=1&gtm=2ou9e0&z=1718138835 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubads_impl_2022090801.js Show response securepubads.g.doubleclick.net/gpt/	382 KB 130 KB	69ms 22ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:06:45 GMT content-encoding gzip x-content-type-options nosniff age 739 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133090 x-xss-protection 0 last-modified Thu, 08 Sep 2022 08:35:47 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 15 Sep 2023 12:06:45 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	133 B 123 B	104ms 56ms	XHR application/json	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shrinke.me Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 42a62ebeb9edb872975da2792988cf135a9498ede38bace7299d8734b62cfecd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98 x-xss-protection 0 expires Thu, 15 Sep 2022 12:19:04 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 438 B	86ms 24ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137383949-1&cid=928105237.1663244344&jid=1110664435&gjid=1678378796&_gid=87376431.1663244344&_u=YEBAAUAAAAAAAC~&z=1385740265 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 15 Sep 2022 12:19:04 GMT content-type text/plain access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 11B9	116 KB 45 KB	97ms 52ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Requested by Host: track.adtrue.com URL: https://track.adtrue.com/track/request?pzoneid=20034&domain=shrinke.me&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&loc=https%3A%2F%2Fshrinke.me%2FHci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9b53e2eceeca9c6e398c227863aa73aff9bd85f097b6361491f6eacd1d3eff67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45576 x-xss-protection 0 last-modified Thu, 15 Sep 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 6D83	116 KB 45 KB	81ms 37ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Requested by Host: track.adtrue.com URL: https://track.adtrue.com/track/request?pzoneid=20033&domain=shrinke.me&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&loc=https%3A%2F%2Fshrinke.me%2FHci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 70405334094fcf3ff7f7ba43dfd9524c8b05329d449fc25b4735a94e03401e04 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45579 x-xss-protection 0 last-modified Thu, 15 Sep 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Sep 2022 12:19:04 GMT
POST H2	204	cdb Show response bidder.criteo.com/ Frame 34DC	0 211 B	96ms 27ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=75293655694 Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Thu, 15 Sep 2022 12:19:03 GMT server Finatra vary Origin access-control-allow-origin https://shrinke.me access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 34DC	0 112 B	64ms 17ms	XHR text/plain	198.47.127.22 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://shrinke.me date Thu, 15 Sep 2022 12:19:04 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 34DC	42 B 729 B	100ms 20ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 15 Sep 2022 12:19:04 GMT X-Proxy-Origin 95.211.199.155; 95.211.199.155; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid db31d998-f75d-4e0f-8839-95ff51def341 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://shrinke.me Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 42 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	anchor Show response www.recaptcha.net/recaptcha/api2/ Frame F065	43 KB 22 KB	117ms 50ms	Document text/html	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__nl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 207c9de9d3d5c7ac42638168b2b033036448a02d691ec44ea30e019db292ae2b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bT--89GS8rMzyCF4o_WIpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22884 content-security-policy script-src 'report-sample' 'nonce-bT--89GS8rMzyCF4o_WIpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 15 Sep 2022 12:19:04 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	cdb Show response bidder.criteo.com/ Frame 8153	0 212 B	53ms 22ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=35249361496 Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Thu, 15 Sep 2022 12:19:03 GMT server Finatra vary Origin access-control-allow-origin https://shrinke.me access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 8153	0 56 B	29ms 20ms	XHR text/plain	198.47.127.22 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://shrinke.me date Thu, 15 Sep 2022 12:19:03 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 8153	42 B 729 B	64ms 21ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 15 Sep 2022 12:19:04 GMT X-Proxy-Origin 95.211.199.155; 95.211.199.155; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 2ffb3cf7-d766-4637-b12f-a5a7c9492a88 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://shrinke.me Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 42 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1663171543/	13 B 269 B	36ms 36ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1663171543/vl.json?page_url=https%3A%2F%2Fshrinke.me%2FHci5ViNJ Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status HIT last-modified Wed, 14 Sep 2022 16:06:12 GMT server cloudflare age 66443 x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding content-type application/json access-control-allow-origin https://shrinke.me cache-control public, immutable, max-age=31536000 accept-ranges bytes cf-ray 74b14eff59969957-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13
GET H3	200	b696d0f5c06dbd9fd83feb568718537b.json Show response services.vlitag.com/obj/1663171543/	47 KB 5 KB	34ms 34ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1663171543/b696d0f5c06dbd9fd83feb568718537b.json?cc=NL&hn=https://shrinke.me Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 828f81a6c1d90c93b344f22fb6f0ddb77b9a8863907c4a06ac80b373d7ed191f Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status HIT last-modified Wed, 14 Sep 2022 16:06:42 GMT server cloudflare age 72706 x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding content-type application/json access-control-allow-origin https://shrinke.me cache-control public, immutable, max-age=31536000 cf-ray 74b14eff59999957-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	107 B 792 B	155ms 30ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=shrinke.me Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	106ms 32ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=shrinke.me Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	40 KB 17 KB	214ms 213ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179444866979395&correlator=1014817789545325&eid=31068498%2C31068367&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3910693916&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663244344247&lmt=1663244344&dlt=1663244343034&idt=1186&adxs=632&adys=164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=928105237.1663244344&ga_sid=1663244344&ga_hid=811759108&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 726fc53f2bb9634e9594c06fc3c8eb68e267c4ff4d4e9cbca8205872feffa092 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16911 x-xss-protection 0 google-lineitem-id 6067800919 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138403996686 content-type text/plain; charset=UTF-8 access-control-allow-origin https://shrinke.me cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	40 KB 16 KB	215ms 215ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179444866979395&correlator=1014817789545325&eid=31068498%2C31068367&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=608930018&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663244344251&lmt=1663244344&dlt=1663244343034&idt=1186&adxs=650&adys=1005&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=928105237.1663244344&ga_sid=1663244344&ga_hid=811759108&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 50d95e9045fdf0d254c54293d040c1ccaa0986aa05a91b5f387f08645749f9fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16755 x-xss-protection 0 google-lineitem-id 6067800919 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138400878712 content-type text/plain; charset=UTF-8 access-control-allow-origin https://shrinke.me cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	123ms 72ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e2bbad9d191dc085aa6915a74528d298bc5b8267de8d00467b2ac877e6fe01ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11177 x-xss-protection 0
GET H2	200	container.html Show response 0a63953c6de897e4dfcc0a960058ed22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACE1	6 KB 4 KB	107ms 29ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0a63953c6de897e4dfcc0a960058ed22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 15 Sep 2022 12:19:04 GMT expires Fri, 15 Sep 2023 12:19:04 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	45ms 14ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://shrinke.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:03 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 296847 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 8153 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=QyFfrnxOZUN6TlNwZWRhYTk0SlR3SUlJZHlKUjdHbC9TMzFOY1JNT1F2QnlacDdKRGVVTTRUbW5tTVc3eWpnMVBLb2RiMFplWklrZVZQMFdVZ1pXSXpNdWNxbHBZN2xMTlJlWVNFU2F5aDNDQnJSb0lqWERkWGVZSkJMc1...	378 B 657 B	52ms 19ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QyFfrnxOZUN6TlNwZWRhYTk0SlR3SUlJZHlKUjdHbC9TMzFOY1JNT1F2QnlacDdKRGVVTTRUbW5tTVc3eWpnMVBLb2RiMFplWklrZVZQMFdVZ1pXSXpNdWNxbHBZN2xMTlJlWVNFU2F5aDNDQnJSb0lqWERkWGVZSkJMc1liS0F0R0dJc0EyUXdVVUNCWUthSGRBLzNsaFo0Y1AwRnJ0Y25vZi9pR0ZQS3pzQVNXYkZMYW1IUjQ4SEE3QUorOXA5ZG5Oc25USEk0U3pJVDlMaGQxazRmbnBlVitEMGJQWlJPU00zeXpnN21weHJ4K1lZPXw&cppv=2 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 33473935bceadc63de41b2adccae034f402b100ce7f1a2020fe6d27abba96930 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1464192 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT server Kestrel location https://mug.criteo.com/sid?cpp=QyFfrnxOZUN6TlNwZWRhYTk0SlR3SUlJZHlKUjdHbC9TMzFOY1JNT1F2QnlacDdKRGVVTTRUbW5tTVc3eWpnMVBLb2RiMFplWklrZVZQMFdVZ1pXSXpNdWNxbHBZN2xMTlJlWVNFU2F5aDNDQnJSb0lqWERkWGVZSkJMc1liS0F0R0dJc0EyUXdVVUNCWUthSGRBLzNsaFo0Y1AwRnJ0Y25vZi9pR0ZQS3pzQVNXYkZMYW1IUjQ4SEE3QUorOXA5ZG5Oc25USEk0U3pJVDlMaGQxazRmbnBlVitEMGJQWlJPU00zeXpnN21weHJ4K1lZPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 659143 content-length 0 expires 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	112ms 63ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=928105237.1663244344&jid=1110664435&_u=YEBAAUAAAAAAAC~&z=1823838387 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 501 B	124ms 47ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=928105237.1663244344&jid=1110664435&_u=YEBAAUAAAAAAAC~&z=1823838387 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	passback.js Show response cdn.adtrue.com/rtb/ Frame 6B12	753 B 924 B	29ms 29ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/passback.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 754201 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 28 Oct 2020 03:26:52 GMT server cloudflare etag W/"5f98e4fc-2f1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie2VtnkPiX70vAxtI8YeflKN%2FfNBMWBLeyz7fVsGb2xUyFLuFKKPlc03emn6rRv0%2FLyfPq5UdOXt8sK%2Bi3uxKwhiOl6w6yfrdIEyzZRoNlmRyrhq1fxweUsRy7TnUo%2F0u9%2BjyzXOHogNhdZecw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31104000 cf-ray 74b14effde0c9247-FRA expires Fri, 01 Sep 2023 18:49:03 GMT
GET H3	200	passback.js Show response cdn.adtrue.com/rtb/ Frame DA00	753 B 924 B	28ms 28ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/passback.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 754201 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 28 Oct 2020 03:26:52 GMT server cloudflare etag W/"5f98e4fc-2f1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BopFgYt8nu%2FCR84MRmj%2FL249p0kJt0d5F66Qy%2FnbiAO8kZF6WpjhTtWKeZbGUL%2BzzSh9aFpn7SRE%2BJBh0NWe1a1RflfJ86ENgQF0Zf37oEIvzqIS1HBOWLD5uDTVU3FcUKsmAJfPmwvcvcULQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31104000 cf-ray 74b14effde0f9247-FRA expires Fri, 01 Sep 2023 18:49:03 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	22ms 15ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://shrinke.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:03 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 278483 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 34DC Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=ZsYlNHxMOFlsVzYzcVlBTklJK3U5U1FleFhZMjNWSmVYR05OaGhmMXVXZjdoZEc0Rnd4cW0wWkdJOHZOei96M01LdDEyRVNDZEgrZHFqUDN1V0ROS1hYOTluMDdCTW1KNjl4ci9BZHhRaVEwaURINGUyM2xCTFRSdjNoa2...	351 B 642 B	52ms 19ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=ZsYlNHxMOFlsVzYzcVlBTklJK3U5U1FleFhZMjNWSmVYR05OaGhmMXVXZjdoZEc0Rnd4cW0wWkdJOHZOei96M01LdDEyRVNDZEgrZHFqUDN1V0ROS1hYOTluMDdCTW1KNjl4ci9BZHhRaVEwaURINGUyM2xCTFRSdjNoa29ENVErWnZYa0R5OEpZY015L3k0MTN6OVRoeUJ3L0hibzFHMW5DZFM2TU8wUWVPQ0ZwVHpycm1NTUVnSmpFVENra3cwcEFCc0U3U2FJWDNjTlIrUEhSNTE3Rkd4aThaSHNRV0xVWWpxMndJcTlGc01yREtnPXw&cppv=2 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash a0cf91176634683c10dd15dd8f5af9462cb4052ffe34a09e6f5fbde2e11c4e6c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1775888 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:03 GMT server Kestrel location https://mug.criteo.com/sid?cpp=ZsYlNHxMOFlsVzYzcVlBTklJK3U5U1FleFhZMjNWSmVYR05OaGhmMXVXZjdoZEc0Rnd4cW0wWkdJOHZOei96M01LdDEyRVNDZEgrZHFqUDN1V0ROS1hYOTluMDdCTW1KNjl4ci9BZHhRaVEwaURINGUyM2xCTFRSdjNoa29ENVErWnZYa0R5OEpZY015L3k0MTN6OVRoeUJ3L0hibzFHMW5DZFM2TU8wUWVPQ0ZwVHpycm1NTUVnSmpFVENra3cwcEFCc0U3U2FJWDNjTlIrUEhSNTE3Rkd4aThaSHNRV0xVWWpxMndJcTlGc01yREtnPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 669280 content-length 0 expires 0
GET H2	200	cmp-v2.0.1.js Show response assets.vlitag.com/plugins/cmptcf2/	267 KB 72 KB	48ms 33ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1825634 cf-polished origSize=489839 cf-ray 74b14f001e778ff4-FRA cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 29 Dec 2020 02:18:12 GMT server cloudflare etag W/"5fea91e4-7796f" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow expires Thu, 25 Aug 2022 09:41:35 GMT
GET H2	200	prebid-7.11.0.js Show response assets.vlitag.com/prebid/default/	526 KB 155 KB	56ms 42ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.11.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1c8a6645bbd557b6f18a1250e649337822e02189e85bfd404320ba52b11c690 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1825646 cf-polished origSize=540102 cf-ray 74b14f001e768ff4-FRA cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 22 Aug 2022 07:32:45 GMT server cloudflare etag W/"6303311d-83dc6" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow expires Thu, 25 Aug 2022 09:41:34 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	86 KB 29 KB	114ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b385067b8325f24d6ce8c88366513a70e741383e5cd8b30762d4f88d69bd372 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29171 x-xss-protection 0 server sffe etag "1334 / 740 of 1000 / last-modified: 1663240024" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	377 KB 126 KB	97ms 29ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 128594 x-xss-protection 0 expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	46ms 32ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1825646 cf-ray 74b14f001e788ff4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow expires Thu, 25 Aug 2022 09:41:34 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	166 KB 43 KB	93ms 25ms	Script application/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 15 Sep 2022 11:37:04 GMT via 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) last-modified Thu, 01 Sep 2022 20:50:54 GMT server AmazonS3 age 2521 etag W/"d9d3c87337955401df6a2e4474e61700" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA60-P1, FRA56-C1 content-encoding gzip x-amz-cf-id AOXX81NRsfakRPW38ofPcyU5Wfkfm1pLftTnV6Hx8rfBmFBHfgiVVA==
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 6D83	49 KB 20 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4624 date Thu, 15 Sep 2022 11:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 15 Sep 2022 13:02:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 6D83	207 KB 73 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 13b77f665b7f77f4b7750b9184a05ac3300d4addb5ddf7494f821cdb445257ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74799 x-xss-protection 0 expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 11B9	49 KB 20 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4624 date Thu, 15 Sep 2022 11:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 15 Sep 2022 13:02:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 11B9	207 KB 73 KB	40ms 40ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9d5de7bb54606f3fb845442f58b153b27c371202087d29950984e240b1b74a8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74709 x-xss-protection 0 expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame F065	52 KB 24 KB	66ms 22ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 10:45:14 GMT content-encoding gzip x-content-type-options nosniff age 5630 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Tue, 06 Sep 2022 00:04:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Sep 2023 10:45:14 GMT
GET H3	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame F065	388 KB 388 KB	77ms 33ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__nl.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e21251fc46b15390066f2728781cf918a41214c67ed9ed34c5c626407d5d5fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 18:37:15 GMT x-content-type-options nosniff age 150109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 397317 x-xss-protection 0 last-modified Tue, 06 Sep 2022 00:04:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 13 Sep 2023 18:37:15 GMT
GET H3	200	passback Show response exchange.adtrue.com/tag/ Frame 6B12	444 B 757 B	50ms 50ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=1756903448&ref=undefined Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/rtb/passback.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61f1895013d2c3275424eda464800b342ee587a7a8e5f7eec9129c68d8265146 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2Nf%2FKIedBA5sz46BxsBxVYCA7euCwAo4BrEcI36c4v69eqFXN2OX26twUPGsVHiL4mCnZ3xLxMFSECmaUgkgLhhWwhEQiJC2tfFJr7hCbuxrYBBk8rhMRnHTAEVVJIIfyCPpYP%2BDvLxUEuki2gi0qEb"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 74b14f002ea79247-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	passback Show response exchange.adtrue.com/tag/ Frame DA00	299 B 719 B	47ms 46ms	Script application/javascript	2606:4700:3030::ac43:90ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=1054444953&ref=undefined Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/rtb/passback.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbdd2ee2a6245e818664984007dd3ca9eb31dff1d18b626efe873639a4e9ea55 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1l5vobkV1jniPFulpLf170JAMxZc0OhTO84EF7QFxZ36kvKA22%2B76nIgXyHK7DgqsQlMCEbZ33sAhOgDm1Rbl%2FQQ%2BiF%2BB536WXbZG6MU1tAnUfVu7CTtWPWE30yB8I85mjx%2Fqh%2F4v8uTixEOHQbBbRu"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 74b14f002eab9247-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	254ms 16ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QyFfrnxOZUN6TlNwZWRhYTk0SlR3SUlJZHlKUjdHbC9TMzFOY1JNT1F2QnlacDdKRGVVTTRUbW5tTVc3eWpnMVBLb2RiMFplWklrZVZQMFdVZ1pXSXpNdWNxbHBZN2xMTlJlWVNFU2F5aDNDQnJSb0lqWERkWGVZSkJMc1liS0F0R0dJc0EyUXdVVUNCWUthSGRBLzNsaFo0Y1AwRnJ0Y25vZi9pR0ZQS3pzQVNXYkZMYW1IUjQ4SEE3QUorOXA5ZG5Oc25USEk0U3pJVDlMaGQxazRmbnBlVitEMGJQWlJPU00zeXpnN21weHJ4K1lZPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:03 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 604594 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	255ms 17ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=ZsYlNHxMOFlsVzYzcVlBTklJK3U5U1FleFhZMjNWSmVYR05OaGhmMXVXZjdoZEc0Rnd4cW0wWkdJOHZOei96M01LdDEyRVNDZEgrZHFqUDN1V0ROS1hYOTluMDdCTW1KNjl4ci9BZHhRaVEwaURINGUyM2xCTFRSdjNoa29ENVErWnZYa0R5OEpZY015L3k0MTN6OVRoeUJ3L0hibzFHMW5DZFM2TU8wUWVPQ0ZwVHpycm1NTUVnSmpFVENra3cwcEFCc0U3U2FJWDNjTlIrUEhSNTE3Rkd4aThaSHNRV0xVWWpxMndJcTlGc01yREtnPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:04 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 547919 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	925ms 875ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 15 Sep 2022 12:19:05 GMT
GET H2	200	cmp-list.json Show response test.quantcast.mgr.consensu.org/GVL-v2/	10 KB 3 KB	92ms 22ms	XHR application/json	2600:9000:225e:3200:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:3200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb Request headers Accept application/json, text/plain, */* Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 03:00:57 GMT content-encoding gzip age 33487 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Thu, 01 Sep 2022 19:55:38 GMT server AmazonS3 etag W/"6956b949229e4f70c6801a6ba073ae1e" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id 7JVvY2BjkVZ63YlCse_n1XAdPqJrPXIl via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA60-P4 content-type application/json x-amz-cf-id FLDlTrTh_9TK6VpqOsk3LVi_FJg1Jrrp3AXCOYfKMbRGYDJ6C2BV_g==
GET H2	200	adtrue.shrinke.me.994621.js Show response jsc.adskeeper.co.uk/a/d/ Frame DA00	2 KB 1 KB	103ms 39ms	Script text/javascript	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=1054444953&ref=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34ae52aa6cc177d00b5cef3830c2fe9a876fcf4a2eb0e5fb08f84a6e8ba16ba7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip cf-cache-status HIT age 410 cf-ray 74b14f0139786963-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 912 x-amz-id-2 hMpXdYXDhFhrtwVXFVfFf17kMc+RPOQugqNTH2bF2zjf4RjP5fJqRFfK8/1xxzUok9xjpcWCanD19rHE8/a1/g== last-modified Wed, 17 Aug 2022 07:40:21 GMT server cloudflare etag "629a0041c35acea5bccd8c4f920fdc8f" vary Accept-Encoding x-amz-request-id CHBRR631Z0SBF6J6 cache-control public, max-age=14400 x-amz-version-id 8nsnfW9RVHCq_SthgY44E96G7xs_9oGW accept-ranges bytes content-type text/javascript expires Thu, 15 Sep 2022 16:19:04 GMT
GET H/1.1	403 Forbidden	invoke.js whizduly.com/2b7825b40010ad17ac7b5777c664449c/ Frame 6B12	0 0	118ms 117ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://whizduly.com/2b7825b40010ad17ac7b5777c664449c/invoke.js Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Thu, 15 Sep 2022 12:19:04 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6C24	0 0	58ms 57ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_YNXsQLVMwIf79YlnU6cUeiBqDUCDmOkDFtQWlVp-RGCVHJZbw-Mdz8DG0DXkqKBmVh_BiLhq5APrGPoTckcHY3boAVOVMxs2kCcQbCWFneP2FmZEAwBtdDEg01te6ExaGjefSxU1eZYzNQ7Z-c0K-wA1QdCXP-TgOotHSoxcRJYnub03Yb8yu747TqxOxvTSLX0gFLYSh9_GR6LJ-GRTRODYVQA6g0IvnZowqpRwmioBem-bz_OuEPfenL0vzePwB1HPw5OLnAWhlZ_rG6UTRh0pdWYcxtcnwkD8D87Wt8Ndyu1tJKZGuippuT-bgtlqBgb6Fr4GaSx1_Jgacg&sai=AMfl-YR4exTRH792BE6DKvyyteDJhk_-xGi7RPB-t-mYyW_Sdw2Vr1NDx8277FXCzp5l6fyTLKux7Pnaz7-iALqdMRo1J6ZoCqJxdlah7UrOJHvxYGiw9OhABnk3NmzI_pNcwg&sig=Cg0ArKJSzOY-_e8oSAXhEAE&uach_m=[UACH]&adurl= Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 6C24	23 KB 10 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:15:39 GMT content-encoding gzip x-content-type-options nosniff age 205 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9560 x-xss-protection 0 server cafe etag 8244505166375133744 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Sep 2022 12:15:39 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6C24	3 KB 1 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:08:04 GMT content-encoding gzip x-content-type-options nosniff age 660 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Sep 2022 12:08:04 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6C24	141 KB 44 KB	91ms 48ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44609 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1663155654979086" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6C24	0 0	77ms 31ms	Image text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd_VRcWwoBuAE_V33S0NQDpFC9yvn6Ho3n3dJGquIdg3Pl8M0U4bFyW_Ce97mc9MqXAYw6 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
GET H2	200	8838957918618561588 tpc.googlesyndication.com/simgad/ Frame 6C24	34 KB 34 KB	25ms 24ms	Image image/jpeg	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8838957918618561588 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a4a6a11783316dfb469c0b982a0e9ffe54db38f74ec86a73d80552f5fb3619d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 09 Sep 2022 00:33:23 GMT x-content-type-options nosniff age 560741 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34482 x-xss-protection 0 last-modified Fri, 09 Sep 2022 00:31:11 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 09 Sep 2023 00:33:23 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 69C1	0 0	57ms 57ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9O7Bw5k4OoI-GmmKSHCYGobuAkNr6XE6gdzZr_iGrx1kMM0g4wLqS_gthybjHLd5tYiDmSON91Q95w1Roa1BUTjQMJ11SUgZHwZP5lolW5cSdBCvA8MGA-S006tP_jADmuj-AGIoC1130ERat9ByjqajJebA3u_7d8dNKr-_8myfWge2vhV7XlBz3dH0vWMVYGxjYGqqhITZdPfGH5OswemcsFYdXWRlB5munRrkx-r1wzcPJABfVx_mkoeUTTgoTgc_imXwoK-G6w5MczmBiGlAJJ8C3_Yv1oZfwlAcd7_5QXOtRi7J56XJ6v-uEzDWHFMWTzAcxpmrOzzmj&sai=AMfl-YQ1qIQrUJvVv0NtpMKFIwQUT81yA7GLXbucBqxBbOOEg9rLgwF2ZzKcQEM8CW0OXHvRajP5DtFz4TICvgcGjgs2ZVgIr3QYjcwMkkSajUYZ&sig=Cg0ArKJSzB1sZ8H1tp-OEAE&uach_m=[UACH]&adurl= Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 69C1	23 KB 9 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:15:39 GMT content-encoding gzip x-content-type-options nosniff age 205 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9560 x-xss-protection 0 server cafe etag 8244505166375133744 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Sep 2022 12:15:39 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 69C1	3 KB 1 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:08:04 GMT content-encoding gzip x-content-type-options nosniff age 660 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Sep 2022 12:08:04 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 69C1	141 KB 44 KB	63ms 31ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44609 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1663155654979086" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 15 Sep 2022 12:19:04 GMT
GET H2	200	2866739143757130475 tpc.googlesyndication.com/simgad/ Frame 69C1	46 KB 46 KB	42ms 42ms	Image image/jpeg	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2866739143757130475 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 93406e5796bac55ca21a3558f359d825a7c260cc128b20f70e93bbf79bde1343 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 08 Sep 2022 21:18:49 GMT x-content-type-options nosniff age 572415 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46912 x-xss-protection 0 last-modified Thu, 04 Aug 2022 21:14:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 08 Sep 2023 21:18:49 GMT
GET DATA	200 OK	truncated / Frame F065	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame F065	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame F065	2 KB 2 KB	22ms 21ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 08 Sep 2022 19:40:09 GMT x-content-type-options nosniff age 578335 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 15 Sep 2022 19:40:09 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F065	15 KB 15 KB	67ms 23ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 11:18:05 GMT x-content-type-options nosniff age 176459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 13 Sep 2023 11:18:05 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	67ms 22ms	XHR application/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 41930 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 24 Aug 2022 19:06:24 GMT server AmazonS3 date Thu, 15 Sep 2022 00:49:32 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA56-C1 x-amz-cf-id ePy_Kdd-W1IYK3F2A-xirbSI3RnnXNvvXkhJZqNGfXlat88CZa7O1Q==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 303 B	22ms 22ms	XHR text/plain	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 10:27:43 GMT via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) server Server age 6681 x-cache Hit from cloudfront access-control-allow-origin https://shrinke.me cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 x-amz-cf-id eeeNb_7025_2B0o2x_cxgTQiWU0fFbj9eg8Db6vM5KkLfKFhtiDC0w==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	57ms 14ms	XHR application/json	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220915 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d19e77c3e509ce67db30a495fceab362cf6ca1fb9afd00ca754cc4f20e7b5fc3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 33481 x-jsd-version 1.0.1463 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 798 etag W/"670-yUbc/vq6Sya8oMwgyPfufvrgUuc" x-served-by cache-fra19134-FRA, cache-ams21030-AMS x-jsd-version-type version date Thu, 15 Sep 2022 12:19:04 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 273 B	214ms 148ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNrBPytweP-tryy-PZPr-Mqwe-yMBaArMwrZqBRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbTAA,BYAbZA,BAAbTAA,BAAbKZRrdzNqdqmgfRwkjNARmNYaPPTRleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngWinAE1Ms6QSa5pX2kYbFvJjND%2F%2BymNSBS6YYnqLwwLDeToqEYXdCPSiO2mVjwsQTW0OvLbs8%2FmJtNU1UHT9h%2Fdy5V3KMHssxAOgT6Ec17OS8DFhwzPugFDxUPjJw800gEN8AmWGUlVQobwtdX%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259cf9bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 269 B	213ms 147ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNawMAZKYt-YYqt-PMaZ-MqaY-qayryeaqYtKZRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy0VmAsj3AakoJveyUXWCl4UBhNjmfAqfTIYTUH4sLH5%2B3mVeOjab8I9UuA1GlbHYuFcJ0BXrbclVd2LrWvIOpwOxL859x3jUwwdSCSxXoyk45bNHf0vuLqdkZY3wr%2F0r3im%2Bg20MPXkm7ugzVyCTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259d29bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 277 B	218ms 152ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNZAYUyaqB-PUMw-PtAt-aaUt-etqYUwTBBywZRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNaYUUURleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJFVw%2BVE7YUAAoRUyGXYjPWsUIqRSrY%2BQjuTkaF30kNmtwPTPC27FadDXjC3KcCxnT%2BkSRMv6l6Vww0%2BcUi5ekhvt8GkSUELmWNoSJGfwqxyn1hfZI7Q3d4F9C23ua%2FwFn%2F%2BpjkvokDp2EQNY8vdNw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259d49bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 545 B	210ms 145ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNYaABtMtr-TYaY-PqKq-Mryq-eZKBeUTKBBPwRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNaYUUURleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8Au8DSSRr%2FbJXfrk9IwAuOPc6%2BfHTIN8%2FsdP0s8LSgGbjydsy0F2yadlUJRFo3AgCE0fKeRjP%2B6ohZJFwpUjBFIsyXEDk0DSdqG9NLpLCpvL1DLWfnHH9tFL9x3WLm14oJxo6GzLGzDt5O79qnnGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259d59bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 271 B	213ms 150ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNMwwTeAZY-aeaY-PBtw-wZtr-aKMeewMAyAMURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulswmC7UbM0j9Mm%2B7o%2B%2BTMuu3U9tx74UMwIFeYxf%2FvyO2Er9L0gQj1o8PdPzdtGuRMk1GMeSPh6B95MWxWxK4rHJEaeG4FAavnYhRWT4CdIOLrBOu7GeK3233MlC05rqBYS7YWy3p1xy0hVpsFkr%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259d79bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 265 B	215ms 153ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNYqMBUtey-BAMq-PrMy-qBAY-tAeBMKqtqqwwRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNPPPTZRleNpl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status MISS last-modified Thu, 15 Sep 2022 12:19:04 GMT server cloudflare x-robots-tag noindex, nofollow, noarchive, nosnippet vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7jae7zd4gTHwg7F%2B7OH8bTkKAlPTGbA5VYRcCUs0cgpilWF7wtLMPt6oWVE03tWIKYRYAGqBrIhA6glwCSsQLFwO42koq874bitxSvgLJ2FAw1XtDqXpBSxHkaupdxSbXQiB6qsddAqd8miU1klSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 74b14f0259da9bef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H3	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	192 KB 192 KB	104ms 57ms	Image image/jpeg	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff cf-cache-status HIT age 1825646 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 196267 x-xss-protection 1; mode=block last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" x-robots-tag noindex, nofollow vary Accept-Encoding content-type image/jpeg expires Thu, 25 Aug 2022 09:41:35 GMT cache-control max-age=16070400 accept-ranges bytes cf-ray 74b14f026dbe9b2d-FRA cf-bgj imgq:85,h2pri
GET H2	200	vendor-list.json Show response quantcast.mgr.consensu.org/GVL-v2/	384 KB 51 KB	93ms 24ms	XHR application/json	2600:9000:206f:d800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:d800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92bc86f5b4bd321419e20ee6d4ac001bdac0d60275ab0c05ce3d13df458f6a4c Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 03:00:48 GMT content-encoding gzip vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 33497 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 15 Sep 2022 03:00:35 GMT server AmazonS3 etag W/"1eb4631408fa6170c2b320ff34ecf832" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 x-amz-cf-id aDUtGAFEV0NEzhWRrODesJWjTNORFwcU78kiNESeWuDyiYUgcFVQjA==
GET H3	200	webworker.js www.recaptcha.net/recaptcha/api2/ Frame F065	102 B 134 B	123ms 123ms	Other text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=nl&v=g8G8cw32bNQPGUVoDvt680GA Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 20b1b4b84de4d14829163dcb1ead0c02e7d3bcf27a74dca378af2e8f5cfba0ec Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&size=normal&cb=y3ttxu8512ba User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	206	videoplayback r5---sn-5hne6nzd.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y https://redirector.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C135%2C1... https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C1...	132 KB 0	97ms 15ms	Media video/mp4	2a00:1450:400e:13::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MrMnQkrH2mwkgifVOKsWWOUI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=7NzRS4vO9NP62UO5w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgGPSLuLf6VOgpqdHOEHZ5P2onXtIbEsFANa3aHLUh8OoCIQCGeQNlWiStNwvtMlkjK5sst1e509UL8KPDBslTQsa6KA%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1af8:4020:a034:9876::7&mm=31&mn=sn-5hne6nzd&ms=au&mt=1663244012&mv=u&mvi=5&pl=49&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgM6dUNfaokmK4jwCUT1HgLpzdrqgkZgUQezZXkGlADxcCIQDjDTn8qPORJE5hEvBir8xB1ZCe9xthKbOwVdUtMEVtYw%3D%3D Protocol H3 Server 2a00:1450:400e:13::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT x-restrict-formats-hint None last-modified Mon, 21 Sep 2020 08:51:28 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-10427992/10427993 client-protocol quic cache-control private, max-age=9477 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 10427993 x-content-type-options nosniff expires Thu, 15 Sep 2022 12:19:05 GMT Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1663254122&ei=CuoiY5uaDoSlkgaQpJzYAQ&ip=184.164.141.146&id=o-APhftF8M-_2d6nX9VgUmJ1PnOgiCNb8appTG5GaYerPm&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=MrMnQkrH2mwkgifVOKsWWOUI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=7NzRS4vO9NP62UO5w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgGPSLuLf6VOgpqdHOEHZ5P2onXtIbEsFANa3aHLUh8OoCIQCGeQNlWiStNwvtMlkjK5sst1e509UL8KPDBslTQsa6KA%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1af8:4020:a034:9876::7&mm=31&mn=sn-5hne6nzd&ms=au&mt=1663244012&mv=u&mvi=5&pl=49&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgM6dUNfaokmK4jwCUT1HgLpzdrqgkZgUQezZXkGlADxcCIQDjDTn8qPORJE5hEvBir8xB1ZCe9xthKbOwVdUtMEVtYw%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1291 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 456 B	59ms 59ms	XHR text/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&pid=r03XYRctfTosY&cb=0&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x100%22%2C%22320x50%22%2C%22300x100%22%2C%22300x75%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid 17C5B0NEG0H6RM97QSPA vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://shrinke.me access-control-allow-credentials true strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id zoNfYTHTfPMWFwR-JUU2MOEwpMYcyX518XL3odXsb4373iHifaNTfg==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 457 B	63ms 63ms	XHR text/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&pid=r03XYRctfTosY&cb=1&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid 5VADJGBN11X99Q1MTJZQ vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://shrinke.me access-control-allow-credentials true strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id QiZ0y-jU-nK6RtnX6GW3ZvHRr7r4fYXVO0VvT1d0XHszdtk6zr984w==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 456 B	63ms 63ms	XHR text/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&pid=r03XYRctfTosY&cb=2&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid GE98JHKRH8W1MC2P187J vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://shrinke.me access-control-allow-credentials true strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id nhfKKN-gs_bSdX37P08vlj7Z1I8oj03aXmgUyKffDe5bSmHT4mtVug==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 458 B	61ms 61ms	XHR text/javascript	65.9.71.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&pid=r03XYRctfTosY&cb=3&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-118.fra56.r.cloudfront.net Software Server / Resource Hash 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid FDQVHA2CSGQCGRWD4MFX vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://shrinke.me access-control-allow-credentials true strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id xdd6ajpTF5vck1VauCz06nSKOwAKIDajgISLZuGX3jz0G8iAbgtHJQ==
GET DATA	200 OK	truncated / Frame 69C1	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 695c8292332c41618cda8e7ddcb5a3b51d5637a94aae81402dcdd83a722d03d1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adtrue.shrinke.me.994621.es6.js Show response jsc.adskeeper.co.uk/a/d/ Frame DA00	249 KB 75 KB	57ms 31ms	Script text/javascript	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb9c3e0d088eaf1ddfdc97fd8b6cb257619860dd2f96e08750e2ff4b65d6b4ac Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip cf-cache-status HIT age 2276 cf-ray 74b14f02b91c994a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 76740 x-amz-id-2 ddZTVAT80T9KLYe8TVpsivVQyy9EpuV9N03IPjQRim8e7XRu7afVlfI9nEhqXfpm3WUm7PNR8mk= last-modified Wed, 24 Aug 2022 10:10:11 GMT server cloudflare etag "72b8cb9b57a120e0a6de0c9cedd01a43" vary Accept-Encoding x-amz-request-id HNXSVKWMRNQ0SF2F cache-control public, max-age=14400 x-amz-version-id GyvE5w8z2NGDKxx9jhxaVFGw1Saq7IQ8 accept-ranges bytes content-type text/javascript expires Thu, 15 Sep 2022 16:19:04 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6C24	0 0	58ms 57ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKU4DJpR2M97EqzsfNw7mjkcGbWtE-jku05ZP2cdPxVYjQ2ioksHsau2COJPzbApBafwlRKJ0fpyIFGiC4_DaSQjRQBYslG4ycJN2oOawvwgHO2X_qqJUDgfyzbZMJQhn6ITfYwY-ow2OImeuoU8eAg-L3ZxrQHCGlJw028-lzyUJQRAqEI4d1js9RfbD0B1qac4gJMLOQmVy-wwMHwMYd1MaO5ttvWzyoB7fAFaFjY6JMrbS1UkN1SWW9JufT9UyYlDGy0Bc8888gVAZLiTKjdrANQuutke29cQxKy31CPAMlMf2Ksw7qnBYg8rP6dz4-_9eIkDa41Ph5FyFkHTjJ&sai=AMfl-YQZqEjy8oTOH5Q3XZDYx9dAlIgJePW2tyT80iahaDVLCwTiHZc3iXR5g7yJx3W-QrR3CYEExq3IdEqqU3a_6j1l7fDUH4zXMoC4fs9mdjmyRBd81TgHMRnqYeI_d35V5Q&sig=Cg0ArKJSzBhksBIg9L-QEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Thu, 15 Sep 2022 12:19:04 GMT
GET DATA	200 OK	truncated / Frame 6C24	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash babc16fb87af0ebb3c0f0519d410093b9fa1a0d36010cad4c2883b84b48d21df Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 69C1	0 0	59ms 59ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV8oYkcWFK0ZtUNsdGN11_2eRg3itYmszW2ADGN97_H2fgoD_xMF0goUOdKqswbpVC03X_QI179PMim-v0abvIXJtOQ8w9cxl7dp4u41n29_PZThzFacBpKizLP7hDucanrmurmLWb6T9OViAcocL3LfGrtu9hnSHwg1AGq0RFwgmAds_46cO8ChpsMb5FoiAPfNCMWK_RmOl8czEJ70C0dDicX0gi44vRfay-PFhK7jdWO1QXlmnOaVhf6lOUh3wm2lWzKHFDRDsEDeffK696gJSSM9sWEqABKRbgDCdVuG4JFsDq6eXU2zqNWP8Ub10eLrd2y-PLFJovXZUesTs&sai=AMfl-YT7suwKkeRf9CQvANA1wtE_wRLEDi42s1rJzx6Ly-HtXDv202J5CBwlvx9ZLThHNTc82IqIUfqmLNKUH47W3AoHVs4jmtViSuG4fgwUdly4&sig=Cg0ArKJSzPv6Z2DAjmG4EAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Sep 2022 12:19:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Thu, 15 Sep 2022 12:19:04 GMT
GET H3	200	bframe Show response www.recaptcha.net/recaptcha/api2/ Frame 529A	7 KB 1 KB	32ms 32ms	Document text/html	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__nl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash da347dff1ccc24d683a74b7992138b752963090579e315edb4021ec86254b2d5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wa2vUPjHUOKqAf09xLI8Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1113 content-security-policy script-src 'report-sample' 'nonce-wa2vUPjHUOKqAf09xLI8Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 15 Sep 2022 12:19:04 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	cmp2ui-en.js Show response quantcast.mgr.consensu.org/tcfv2/23/	469 KB 124 KB	68ms 24ms	Script text/javascript	2600:9000:206f:d800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:d800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 14 Sep 2022 18:15:06 GMT content-encoding br age 65039 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Fri, 18 Dec 2020 15:09:43 GMT server AmazonS3 etag W/"b999c652510fc4edd897a1d667aaee33" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA56-C1 x-amz-cf-id ujpgY3bkDp2cJezMztKrMoeDJgB9rTDiKHxwMJODjYGfjqE2po8nfQ==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 529A	52 KB 24 KB	22ms 22ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 10:45:14 GMT content-encoding gzip x-content-type-options nosniff age 5630 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Tue, 06 Sep 2022 00:04:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Sep 2023 10:45:14 GMT
GET H3	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 529A	388 KB 388 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__nl.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=g8G8cw32bNQPGUVoDvt680GA&k=6LexvKshAAAAAH4PZur6F5r2Y0-fvm6DCsS4xcve Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e21251fc46b15390066f2728781cf918a41214c67ed9ed34c5c626407d5d5fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 18:37:15 GMT x-content-type-options nosniff age 150109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 397317 x-xss-protection 0 last-modified Tue, 06 Sep 2022 00:04:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 13 Sep 2023 18:37:15 GMT
GET BLOB	200 OK	f120ba8b-b347-41ad-8722-c674cb1a7580 https://shrinke.me/ Frame DA00	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://shrinke.me/f120ba8b-b347-41ad-8722-c674cb1a7580 Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	637adb48-237c-442c-9303-f56cdddf6a6f https://shrinke.me/ Frame DA00	245 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://shrinke.me/637adb48-237c-442c-9303-f56cdddf6a6f Requested by Host: shrinke.me URL: https://shrinke.me/Hci5ViNJ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Length 245 Content-Type text/javascript
GET H2	200	/ Show response c.adskeeper.co.uk/pv/ Frame DA00	0 43 B	65ms 50ms	Script text/plain	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adskeeper.co.uk/pv/?tcfV2=1&pv=5&cbuster=1663244344895250935694&uniqId=16777&consentData=&gdprApplies=1&uspString=1---&lct=1661299200&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cxurl=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&lu=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&sessionId=63231839-11816&pageView=1&pvid=18341169e3f8324fa34&site=630298&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 74b14f03bdba6963-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET BLOB	206 Partial Content	82ea8ce5-8a0f-4d75-8291-869e19fb94d7 https://shrinke.me/ Frame DA00	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://shrinke.me/82ea8ce5-8a0f-4d75-8291-869e19fb94d7 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	adskeeper_svg.svg cdn.adskeeper.co.uk/images/ Frame DA00	4 KB 1 KB	43ms 29ms	Image image/svg+xml	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip cf-cache-status HIT age 2751 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id P23RQEJ25BNW6PMB x-amz-id-2 L3w/xnCEkbihZfBeuEHW9mXiAttGvQPvwOL/9lifnISsnDxvmWEr5kjYCawv7mafaoWb4UcI7XM= last-modified Tue, 08 Dec 2020 08:34:59 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root etag W/"93f6d1136fb77e38a0a2c72108588f09" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 x-amz-version-id null cf-ray 74b14f03edff6963-FRA expires Thu, 15 Sep 2022 16:19:04 GMT
GET H2	200	/ Show response audit-tcfv2.quantcast.mgr.consensu.org/	2 B 101 B	95ms 21ms	XHR text/plain	18.184.40.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22shrinke.me%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1663244344964%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-4n7e6cvepufswtbrralw%22%7D Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.40.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-40-219.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-origin * date Thu, 15 Sep 2022 12:19:05 GMT content-length 2 content-type text/plain; charset=utf-8
GET H2	200	1 Show response servicer.adskeeper.co.uk/994621/ Frame DA00	1 KB 966 B	67ms 53ms	Script application/x-javascript	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.adskeeper.co.uk/994621/1?tcfV2=1&pv=5&cbuster=1663244345038734556474&uniqId=16777&consentData=&gdprApplies=1&uspString=1---&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&cxurl=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&lu=https%3A%2F%2Fshrinke.me%2FHci5ViNJ&sessionId=63231839-11816&pageView=1&pvid=18341169e3f8324fa34&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6825150a68c4bb5b1bb558fae49987255c3fefeda300b7b3f73a8baf7641d0ce Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cf-ray 74b14f04af6c6963-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	adskeeper_svg.svg cdn.adskeeper.co.uk/images/ Frame DA00	4 KB 1 KB	33ms 33ms	Image image/svg+xml	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip cf-cache-status HIT age 2752 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id P23RQEJ25BNW6PMB x-amz-id-2 L3w/xnCEkbihZfBeuEHW9mXiAttGvQPvwOL/9lifnISsnDxvmWEr5kjYCawv7mafaoWb4UcI7XM= last-modified Tue, 08 Dec 2020 08:34:59 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root etag W/"93f6d1136fb77e38a0a2c72108588f09" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 x-amz-version-id null cf-ray 74b14f04fceb994a-FRA expires Thu, 15 Sep 2022 16:19:05 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS81NTM0ODYvNTY0M... s-img.adskeeper.co.uk/g/14049214/492x277/-/ Frame DA00	10 KB 10 KB	344ms 290ms	Image image/webp	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/14049214/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS81NTM0ODYvNTY0MWU5NjI4MTk2MDE4ZjcwYjA0NWQ1NTA3NGUwZWYuanBn.webp?v=1663244345-WR_gWwZglbOxwH3aqAS0E3TQUSWfMbA9GP1mqvM2Ncs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9534bb37c884f4360134463f1731f70b1acdd63a663c51c1a41f93f2d86871e Request headers Referer https://shrinke.me/ Origin https://shrinke.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT cf-cache-status MISS last-modified Mon, 12 Sep 2022 05:13:56 GMT x-mg-request-uuid c7652a8b-2e93-4f14-a724-d6b2190ec630 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 74b14f055b129b71-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10164 server cloudflare
GET H2	200	i.js Show response cm.adskeeper.co.uk/ Frame DA00	0 37 B	153ms 140ms	Script application/javascript	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i.js?&cbuster=1663244345115938200146&consentData=&gdprApplies=1&uspString=1--- Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:05 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 74b14f0518556963-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	i-noref.js Show response cm.adskeeper.co.uk/ Frame F684	0 101 B	139ms 132ms	Script application/javascript	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i-noref.js?cbuster=16632443451219519056&consentData=&gdprApplies=1&uspString=1--- Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:05 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 74b14f0518586963-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame DA00	209 KB 67 KB	42ms 42ms	Script application/javascript	184.51.9.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-34.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip last-modified Tue, 30 Aug 2022 10:48:20 GMT server Apache vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=74969 accept-ranges bytes content-type application/javascript content-length 68097 expires Fri, 16 Sep 2022 09:08:34 GMT
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/ Frame DA00	48 KB 14 KB	102ms 46ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 31 Aug 2022 11:00:45 GMT server cloudflare age 535 etag W/"b17c28d6fd88a6b12feea5c52e9a7485" vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 strict-transport-security max-age=15552000; includeSubDomains; preload cf-ray 74b14f057e8b9974-FRA x-amz-request-id 1TWQ8VB55K84BS7R x-amz-id-2 J4NU61+MGpx9+S6W1chPAuXhC6J9/Jbe+4c91djcESM2topqs3mDAeunWWYHhm7bnasz4WOwtEI=
GET H2	200	publishertag.prebid.123.js Show response static.criteo.net/js/ld/ Frame 34DC	87 KB 28 KB	1359ms 713ms	Script text/javascript	2406:2600:4::1 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.123.js Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:03 GMT server nginx etag W/"6271101f-15b58" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 16 Sep 2022 12:19:05 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	16ms 16ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&bundle=c4RSrV85MjZ4ZVk2U2dxQ3hsMjA4Z0dHMXRFUHhpazVybElJbFhoZGVUTWlWMUZpS1RqVHZUNzlDakxyNHFMTkFtSmYzT1hvM1hXYnVBNHRJbXBsQUI1WXglMkJ6a2JrQ21XJTJGYlllRXUzdW1LTnMzNWxtZzc4RDBWalQ0M29paXBlWVZpdjI&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://shrinke.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:04 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 458595 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame DA00 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&bundle=c4RSrV85MjZ4ZVk2U2dxQ3hsMjA4Z0dHMXRFUHhpazVybElJbFhoZGVUTWlWMUZpS1RqVHZUNzlDakxyNHFMTkFtSmY... https://mug.criteo.com/sid?cpp=7yoo8nxRYTJzRVpzSEFRbmdEZjJldjgwYncyb1RZdXlyT1k4SlhuZmk4d25xeXQzZzI4dlU3ZENJc0hmOWRhZVhYd056VzBkbCtTYTdycTNJdE5kVEpNOGd4S2wyYmZLZDhpTlZsTUlvVGE4NlpTeGlhdG1HUzBFYVJHci...	362 B 652 B	15ms 15ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=7yoo8nxRYTJzRVpzSEFRbmdEZjJldjgwYncyb1RZdXlyT1k4SlhuZmk4d25xeXQzZzI4dlU3ZENJc0hmOWRhZVhYd056VzBkbCtTYTdycTNJdE5kVEpNOGd4S2wyYmZLZDhpTlZsTUlvVGE4NlpTeGlhdG1HUzBFYVJHci9VTTgwZU16NUNHKyt3YUM1VU4rTVZUTkg2NXRiVU5JWnhxcVNmVWk3eVduUHVDVkU0a21VenExdXdDc2JWbFBwamdCQXBjRU5LNUx2QVpZUEo4UElxNStsY3l3b3dGNVE0NTlDYVpacnZ5cmdaR2dPakxVPXw&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4ed7850b0da76aba9f1baed6d75f2422a66b06709a9721b98f25d257fd78bd4d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:04 GMT content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 603382 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:05 GMT server Kestrel location https://mug.criteo.com/sid?cpp=7yoo8nxRYTJzRVpzSEFRbmdEZjJldjgwYncyb1RZdXlyT1k4SlhuZmk4d25xeXQzZzI4dlU3ZENJc0hmOWRhZVhYd056VzBkbCtTYTdycTNJdE5kVEpNOGd4S2wyYmZLZDhpTlZsTUlvVGE4NlpTeGlhdG1HUzBFYVJHci9VTTgwZU16NUNHKyt3YUM1VU4rTVZUTkg2NXRiVU5JWnhxcVNmVWk3eVduUHVDVkU0a21VenExdXdDc2JWbFBwamdCQXBjRU5LNUx2QVpZUEo4UElxNStsY3l3b3dGNVE0NTlDYVpacnZ5cmdaR2dPakxVPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 626918 content-length 0 expires 0
GET H2	200	idp.min.js Show response content.zeotap.com/sdk/ Frame DA00	55 KB 19 KB	115ms 60ms	Script application/javascript	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://content.zeotap.com/sdk/idp.min.js Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding br cf-cache-status HIT age 990 x-guploader-uploadid ADPycdtoepWXZP7adLLZIi59BGIbOw7qbNv87Rc8Zu9XB5qsDReP--k3W6mVFZ_aSu5OTEnyQkVSm9F_7KrQpnoFQVUYpBgvS65c x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-type application/javascript last-modified Wed, 16 Feb 2022 08:59:03 GMT server cloudflare etag W/"ab1a346bb1160bca58c151a07ab8582b" vary Origin, Accept-Encoding x-goog-hash crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw== x-goog-generation 1645001943546675 cache-control public,max-age=3600 x-goog-stored-content-length 56329 cf-ray 74b14f05da929bb0-FRA
GET H2	200	publishertag.prebid.123.js Show response static.criteo.net/js/ld/ Frame 8153	87 KB 28 KB	1163ms 556ms	Script text/javascript	2406:2600:4::1 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.123.js Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:03 GMT server nginx etag W/"6271101f-15b58" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 16 Sep 2022 12:19:05 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	16ms 15ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=7yoo8nxRYTJzRVpzSEFRbmdEZjJldjgwYncyb1RZdXlyT1k4SlhuZmk4d25xeXQzZzI4dlU3ZENJc0hmOWRhZVhYd056VzBkbCtTYTdycTNJdE5kVEpNOGd4S2wyYmZLZDhpTlZsTUlvVGE4NlpTeGlhdG1HUzBFYVJHci9VTTgwZU16NUNHKyt3YUM1VU4rTVZUTkg2NXRiVU5JWnhxcVNmVWk3eVduUHVDVkU0a21VenExdXdDc2JWbFBwamdCQXBjRU5LNUx2QVpZUEo4UElxNStsY3l3b3dGNVE0NTlDYVpacnZ5cmdaR2dPakxVPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:05 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 975209 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 959E	13 KB 5 KB	78ms 21ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 723 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 15 Sep 2022 12:07:02 GMT expires Fri, 15 Sep 2023 12:07:02 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 30C4	783 B 533 B	35ms 35ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ae4cfe8430c51b39aa9fb722a7311a49e3c015118bc8df28faf61a9909bfd1b4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2v_n_cEFBI0g-hdUTUmKBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-2v_n_cEFBI0g-hdUTUmKBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 15 Sep 2022 12:19:05 GMT expires Thu, 15 Sep 2022 12:19:05 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 30C4	0 0	56ms 56ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=179444866979395&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
GET H3	200	5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js Show response pagead2.googlesyndication.com/bg/ Frame 959E	36 KB 16 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 11:05:29 GMT content-encoding gzip x-content-type-options nosniff age 4416 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16025 x-xss-protection 0 last-modified Thu, 08 Sep 2022 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Sep 2023 11:05:29 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 959E	0 10 B	21ms 20ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?3WngpQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:05 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6C24	42 B 64 B	122ms 56ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswR6fvpRdanURwG5CmzNSCdI_m0ep5BlWr-zZkOdA8mqBrllFL6q3gaxyAc7EK0wkjdm7onxplnckdwI5UpDCYE8JyNwtsa0ho35RdwVOig_Du2WfQ&sig=Cg0ArKJSzLPi877N--0xEAE&id=lidar2&mcvt=1000&p=164,632,444,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3910693916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663244344515&rpt=258&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	57ms 57ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=179444866979395&bg=!VlWlVRHNAAbG3AOo5tw7ACkAdvg8WjQRdTRf_vDftjvt3sMT7u_c_wp4qp7ycDn6pN0fUHq1qXmbcwIAAACLUgAAAAJoAQcKAGTccg2T7uiq3BnKCWZvR-lH91_wu815fbpRitHAsiFkvZMfhUkzgPTX6o8VwlAwGVlecW-fXChAJmtVKOvzKsla2rPnv7Yso8HMK1F6rwowcb3Yx3A4RpdADHJuNRTzMMNCA24DmQLvksMLvkXGSCHQHC-qnI7bt4CrV6YjWJLDB7-XQBBjLSlDpCibnoIdbl44TFGo1LpCDGK4VJb0ErcCqnt9k3UoR0u5Y2Hi_g7NRhlsZrUHxkYmdrKGFl2HE5_2KbRuwcnf2yUamOco0ebVdUS1AsmfzPs6bLIYgXIe9gUzPT61rBQJMYDHv66NiaqjX2E4N2N70MO8jM4DENKVOsuXwh2_dJsJUn9fmlCaYwCb1_443SsGHueAIddW7f0Oz8d4JJzlHA6pYYaDLyatCGeo4qWxxihkTtIqSG4RQuhWCZRT4SZ0Y0-ye1ZqAVBaO6xXGVP-MbKpociuOUXTS1t_UE8JlFV2Oz6IRPsScFZ57qp-ih7G58P0RibmWJvZ2AZKI1jjMjUwh81t3taJRekfurONWDbc8gPA2_1Xb_G_wABHsvLjR4sfnW-HRQ1F3EoYlugEt0QTDzrPD_kVyQUBoFU5l3_nfGguNQuK0oQ8jQfCvXYTG6enNe0qjwV_mFL1HQkJeYezBm9rlMrQxjGydh_kg1hm7Z935LWfqptuILuzKvhOBTL7SQK21AP4nx2GyBti_VitBlqKzQ45PWkkX4dnLTsimid7Hz_4nmP2qqhwd5s0Zvp7xBy0eBalA51mJ7P8cA8gt8dNWs5LddKkzcoRWOuZMZkTQeY_jyKn2vcNkz1pKNUWra3bTYt7G3VoC5tI06y8q_NudaoqqPODE0zi06P0tU5Q53oATmf8VPrPjy2t_slvBfeotD5S2fPBtDimUPj3KXnrR3Of6DnESk0wu58gWTcXSticvQ5dYuSF8GwYWtxFSHJOJY8wuchr36nziR2IpByTNMv-d9pgPlxBZgcyr5ZrOtw_P9yqZW1aYpWN-2iIHifxnd-VH8bGNRGr0Cl3fvKfzxwuqhk-aDXJjG4iv02RTvtFdUZT9MJVlgIUjyyXVaVlGh83D48QIj7lYXIO_2Ljas7y7Imv0kTj-XcmMNQSsezehxHQrUNm6w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
POST H/1.1	200	806.json Show response id5-sync.com/g/v2/ Frame 8153	216 B 620 B	96ms 24ms	XHR application/json	141.95.33.111 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/806.json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203177.ip-141-95-33.eu Software / Resource Hash 79f51c68b038c57a0f99cd0f1893a38faddce4c5e31fbeb6371a9640f5b66455 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://shrinke.me date Thu, 15 Sep 2022 12:19:05 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json;charset=UTF-8
GET		envelope api.rlcdn.com/api/identity/ Frame 8153	0 0
GET H2	200	id Show response id.crwdcntrl.net/ Frame 8153	63 B 333 B	139ms 65ms	XHR application/json	34.249.7.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-7-180.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash f44b40ec592f82ed75a3449258f172ff9f5b773ed268eccc90313ad0508b3c5f Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://shrinke.me cache-control no-cache x-server 10.45.18.12 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/ Frame 8153	63 B 386 B	105ms 32ms	XHR application/json	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 21f03879dfb76a7decb8b027ba47d6dc1c40124ba2f1d2be5abbc2d5acfddd17 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Thu, 15 Sep 2022 12:19:06 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://shrinke.me cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Sat, 15 Oct 2022 12:19:06 GMT
POST H/1.1	200	806.json Show response id5-sync.com/g/v2/ Frame 34DC	216 B 620 B	76ms 26ms	XHR application/json	141.95.33.111 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/806.json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203177.ip-141-95-33.eu Software / Resource Hash f6504e2785673174fdf190167094160f7cdb454f57ba6c37601945b11c7fc7ff Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://shrinke.me date Thu, 15 Sep 2022 12:19:05 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json;charset=UTF-8
GET H2	200	id Show response id.crwdcntrl.net/ Frame 34DC	63 B 333 B	156ms 100ms	XHR application/json	34.249.7.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-7-180.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 77f8406f35a017f04179b9e7a8ea363e92094831967039101e57589990954d6b Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://shrinke.me cache-control no-cache x-server 10.45.24.187 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/ Frame 34DC	63 B 385 B	88ms 32ms	XHR application/json	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 21f03879dfb76a7decb8b027ba47d6dc1c40124ba2f1d2be5abbc2d5acfddd17 Request headers Referer https://shrinke.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Thu, 15 Sep 2022 12:19:06 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://shrinke.me cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Sat, 15 Oct 2022 12:19:06 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 8153	88 KB 29 KB	1300ms 740ms	XHR text/javascript	2406:2600:4::1 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:07 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 11:36:03 GMT server nginx etag W/"631f19a3-160f4" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 16 Sep 2022 12:19:07 GMT
GET H3	200	c c.adskeeper.co.uk/ Frame DA00	43 B 213 B	41ms 40ms	Image image/gif	2606:4700::6812:1aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.co.uk/c?f=1&pv=3&v=300|250|28|Zo6hFDEowSpPw4XdcJ69sGAmAzjDskpOFirTMo22JljweYt4neSKcX2K5bBfhtaf9YUzCYlAijmDfT0XARpTSw**&fw=1&extjs=66044&cid=994621&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*&rid=97225d6f-34f0-11ed-8915-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=18341169e3f8324fa34&cbuster=1663244346497803183270&consentData=&gdprApplies=1&uspString=1--- Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:06 GMT cf-cache-status DYNAMIC x-mg-request-uuid 5df0c6ba-eb45-4077-8e76-350dc974002d content-type image/gif cf-ray 74b14f0dace2994a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 server cloudflare
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 34DC	88 KB 29 KB	841ms 567ms	XHR text/javascript	2406:2600:4::1 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:07 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 11:36:03 GMT server nginx etag W/"631f19a3-160f4" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 16 Sep 2022 12:19:07 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 34DC Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 https://mug.criteo.com/sid?cpp=pP3zU3xTM2lpOEc3S0ZUQXhhd3FXZkVQb0xoV2svYSs2YVJQWmFnd0s4dFdDRUFPOGRQVG15SXpSUkpUOXBHMlMxOThPQjc2T2x3VmIwc3czRkpYVWUyMThOM0dnd2NscjhuRUpDSW5KbHYxM1ZBSHM2cDNVUUh3dmJnbm...	368 B 667 B	17ms 16ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=pP3zU3xTM2lpOEc3S0ZUQXhhd3FXZkVQb0xoV2svYSs2YVJQWmFnd0s4dFdDRUFPOGRQVG15SXpSUkpUOXBHMlMxOThPQjc2T2x3VmIwc3czRkpYVWUyMThOM0dnd2NscjhuRUpDSW5KbHYxM1ZBSHM2cDNVUUh3dmJnbmFkN2tOZGtCR21pQnZ0V09CZHVFck1hQkUvcFZ4UURaeEtpbGdsaDRzd1JqT0Rlb0pyN3d3UHZOVERsWUtRRmowUjlSUko3RUcyS3BFaFpuRzRBNGlvWDFMYk9zQ01TMXZEL3FERWszWDhzNW0xSVRqNEVJPXw&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 84dd254a1eef3256501ebf775075b8d995caf8aa0ce0909909b8e44443f3ac3f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1443963 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT server Kestrel location https://mug.criteo.com/sid?cpp=pP3zU3xTM2lpOEc3S0ZUQXhhd3FXZkVQb0xoV2svYSs2YVJQWmFnd0s4dFdDRUFPOGRQVG15SXpSUkpUOXBHMlMxOThPQjc2T2x3VmIwc3czRkpYVWUyMThOM0dnd2NscjhuRUpDSW5KbHYxM1ZBSHM2cDNVUUh3dmJnbmFkN2tOZGtCR21pQnZ0V09CZHVFck1hQkUvcFZ4UURaeEtpbGdsaDRzd1JqT0Rlb0pyN3d3UHZOVERsWUtRRmowUjlSUko3RUcyS3BFaFpuRzRBNGlvWDFMYk9zQ01TMXZEL3FERWszWDhzNW0xSVRqNEVJPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 507263 content-length 0 expires 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	15ms 15ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://shrinke.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:06 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 399918 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 64FE	52 KB 17 KB	153ms 37ms	Document text/html	184.51.9.18 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-18.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 15 Sep 2022 12:19:07 GMT ETag "623de86a-cf34" Expires Fri, 16 Sep 2022 12:19:09 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 70DE	15 KB 6 KB	34ms 33ms	Document text/html	184.51.9.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495 Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-34.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes cache-control max-age=156530 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Thu, 15 Sep 2022 12:19:07 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Sat, 17 Sep 2022 07:47:57 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 8153 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 https://mug.criteo.com/sid?cpp=b8uwlHx4M255eWt4NUZnbUZqS0RwbE9GaSsyVVQvOUh0T1RtL0dVOGJJNzZZQ3lLOVhtUHUxb2dDcXZIT0tteG9RS2h5ZmNRRFdRU0duTlcvMktxREJ1THdoN3o5UmFZUDk3NlZVL3IrcXRzeUdsMnJ2YTlrVG5ZYlpEcn...	362 B 663 B	16ms 16ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=b8uwlHx4M255eWt4NUZnbUZqS0RwbE9GaSsyVVQvOUh0T1RtL0dVOGJJNzZZQ3lLOVhtUHUxb2dDcXZIT0tteG9RS2h5ZmNRRFdRU0duTlcvMktxREJ1THdoN3o5UmFZUDk3NlZVL3IrcXRzeUdsMnJ2YTlrVG5ZYlpEcnIzbFd2NFZtRzgzeEtsc01zKzNmY3V1U1prbjZLRXQrK1ZlWnR4RDlRZGlGbmlXWi84TkVYaXVvMUNmOCtrR0x4QnVUZXYwNXZkK0JvbGViZFQwMkdtekdOUzFTRE4wcTdKb25BS1FlMXBzT0VwTERDYWQ0PXw&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 064beee9b24157a79b347c581ebfe73b5ee532c5dfb37de0a74d0c6ae01e9f27 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://shrinke.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1045301 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Thu, 15 Sep 2022 12:19:06 GMT server Kestrel location https://mug.criteo.com/sid?cpp=b8uwlHx4M255eWt4NUZnbUZqS0RwbE9GaSsyVVQvOUh0T1RtL0dVOGJJNzZZQ3lLOVhtUHUxb2dDcXZIT0tteG9RS2h5ZmNRRFdRU0duTlcvMktxREJ1THdoN3o5UmFZUDk3NlZVL3IrcXRzeUdsMnJ2YTlrVG5ZYlpEcnIzbFd2NFZtRzgzeEtsc01zKzNmY3V1U1prbjZLRXQrK1ZlWnR4RDlRZGlGbmlXWi84TkVYaXVvMUNmOCtrR0x4QnVUZXYwNXZkK0JvbGViZFQwMkdtekdOUzFTRE4wcTdKb25BS1FlMXBzT0VwTERDYWQ0PXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 622874 content-length 0 expires 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	56ms 56ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://shrinke.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://shrinke.me cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:06 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 569588 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 2C5A	15 KB 6 KB	33ms 32ms	Document text/html	184.51.9.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495 Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-34.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes cache-control max-age=156530 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Thu, 15 Sep 2022 12:19:07 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Sat, 17 Sep 2022 07:47:57 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 4198	52 KB 17 KB	146ms 36ms	Document text/html	184.51.9.18 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-51-9-18.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://shrinke.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 15 Sep 2022 12:19:07 GMT ETag "623de86a-cf34" Expires Fri, 16 Sep 2022 12:19:09 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	15ms 15ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=pP3zU3xTM2lpOEc3S0ZUQXhhd3FXZkVQb0xoV2svYSs2YVJQWmFnd0s4dFdDRUFPOGRQVG15SXpSUkpUOXBHMlMxOThPQjc2T2x3VmIwc3czRkpYVWUyMThOM0dnd2NscjhuRUpDSW5KbHYxM1ZBSHM2cDNVUUh3dmJnbmFkN2tOZGtCR21pQnZ0V09CZHVFck1hQkUvcFZ4UURaeEtpbGdsaDRzd1JqT0Rlb0pyN3d3UHZOVERsWUtRRmowUjlSUko3RUcyS3BFaFpuRzRBNGlvWDFMYk9zQ01TMXZEL3FERWszWDhzNW0xSVRqNEVJPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:06 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 507675 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 70DE	0 42 B	310ms 20ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32945100&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 12:19:06 GMT content-length 0
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	22ms 22ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=b8uwlHx4M255eWt4NUZnbUZqS0RwbE9GaSsyVVQvOUh0T1RtL0dVOGJJNzZZQ3lLOVhtUHUxb2dDcXZIT0tteG9RS2h5ZmNRRFdRU0duTlcvMktxREJ1THdoN3o5UmFZUDk3NlZVL3IrcXRzeUdsMnJ2YTlrVG5ZYlpEcnIzbFd2NFZtRzgzeEtsc01zKzNmY3V1U1prbjZLRXQrK1ZlWnR4RDlRZGlGbmlXWi84TkVYaXVvMUNmOCtrR0x4QnVUZXYwNXZkK0JvbGViZFQwMkdtekdOUzFTRE4wcTdKb25BS1FlMXBzT0VwTERDYWQ0PXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Thu, 15 Sep 2022 12:19:06 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 619982 strict-transport-security max-age=31536000; preload; vary Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.rlcdn.com

URL

https://api.rlcdn.com/api/identity/envelope?pid=1258