shimpeftie.com Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response shimpeftie.com/	56 KB 16 KB	137ms 76ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash d9ab2abfe891df29cef039cf4a918deac857f5f4b990a664c175a206182d052e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8aa186b97b980a48-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Jul 2024 02:44:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NbyNVDtzOob1E%2BMo8xt2gNmq0asSHtMGS4uzKXD1IvIdKxPzgzOjFoai6DfEIfsJLYeVf9Q90v%2FnmM7XYxZ8IlZqp3njLd2NBDT0%2BcMrD0CRPH1%2BsfkK%2FU2NzouL5%2Bnaw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	01078460071229.png littlecdn.com/apps/contents/s/a3/6a/ee/278a72b666fefbf9bb04b8cb2e/	260 KB 261 KB	182ms 27ms	Image image/png	2606:4700::6812:bf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/apps/contents/s/a3/6a/ee/278a72b666fefbf9bb04b8cb2e/01078460071229.png Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2d44d2df843c6b59d9f661f0f4636d59dcce7fb8cbc234daa93c491e7f1125e Request headers Referer https://shimpeftie.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT cf-cache-status HIT age 1858 content-length 266197 last-modified Wed, 16 Feb 2022 10:30:33 GMT server cloudflare etag "620cd249-40fd5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control public, max-age=3600 accept-ranges bytes cf-ray 8aa186bafc2cb930-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range expires Sun, 28 Jul 2024 03:44:15 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 543 B	62ms 17ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=eb195753a1f25fd2786bc1d6a5a7cd94 Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b19dfcedb9de8633b62cbfb257499456703f5c4d4eb0b613908a4273a01eaf29 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	micro.tag.min.js Show response shimpeftie.com/pfe/current/	44 KB 16 KB	32ms 32ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3038ea5e50e6a506794417b0ce509010ad2198368ff940ceb4b83227664dcbf3 Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jul 2024 02:44:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 26 Jul 2024 12:16:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66a39393-b1e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4R72Qo%2FZpjOddeUX9Y%2FHC7jm1YEjxQI7CCiVzDt5VyKdmLCRNBXbhNs0jHVLwoXmqpPUh3fA%2FxLAaOE4vLEz5RnaoLholmRppl6BujGwMTatOEa1Uc7YBejXMczPf6S4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 8aa186bb0c820a48-AMS alt-svc h3=":443"; ma=86400
GET H2	200	gid.js Show response my.rtmark.net/	65 B 543 B	57ms 17ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 4f07a3e57bb588375367140f3ca30b39208063ba19be420c81bff7be0f0cc018 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	206	default.mp3 static.shimpeftie.com/templates/_assets/sounds/blip1/	7 KB 7 KB	65ms 28ms	Media audio/mpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.shimpeftie.com/templates/_assets/sounds/blip1/default.mp3 Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8 Request headers Referer https://shimpeftie.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Sun, 28 Jul 2024 02:44:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6028 Content-Range bytes 0-6711/6712 alt-svc h3=":443"; ma=86400 Content-Length 6712 last-modified Thu, 25 Jul 2024 16:00:55 GMT server cloudflare etag "66a276b7-1a38" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type audio/mpeg access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2682nBRamvUwgcMmGl5QtnjmgzHI5kYR%2BY79W7vM8p%2F5Y08qiyhmcuWFn0GM2V1MRrBVMqnpIx9oCbo9Bw4WGRY6O%2Bxk%2FSXbO3txwjGo16%2Fy8iiNxqVnP%2FZfaap2g8gR5yuyw2XO9A%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=86400 cf-ray 8aa186bb5cb00a48-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
POST H2	200	/ Show response shimpeftie.com/	2 B 386 B	37ms 34ms	XHR application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae&mprtr=1 Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koICvLWEa2jnTiwc9q9IrlHNwbhmMTQK8IJrdlDO8xI0sg1WJ%2F83IZYjcOBQX3BuSws82ixdEMrbabiGaZmNzwgZirZVVBDidg4JZCGsUMhQDh9aNsly7VKHH2V7uM%2Fhxw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8aa186bb2c930a48-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H3	200	5256482 shimpeftie.com/sw-check-permissions/	0 1004 B	45ms 45ms	Other application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/sw-check-permissions/5256482?var=5693907&var_3=16625707_43135&ymid=124967_43135&uhd=1&zoneId=5256482 Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Upg1p%2BTeB%2BNwDxm7UX1qQiEMsBitM8M9PBBuTbSnxXaYUzN0cLGsRu%2F%2FDxlqO9NdYUErgTrfzzXlVw%2Bx4jSGpdT1CxzsRuOACWWZcXeje0g88hCgo2VaDugTG1ltpvKykA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 8aa186bb5bd10eb0-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	custom shimpeftie.com/	39 B 661 B	32ms 31ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WmoUiTLe2HOE%2BmGI2FfSOGy3gMtixSzoVSd%2BVsj%2BPHku%2BAgnss0RJiRHM%2BqCupKBpGHmBy95H%2FnCVVD%2FPUwQVA%2FBd9z%2Fjv8aPL2AHy7LVpmdt747TbUnn1cM5x%2FqxS6rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb5bd30eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	zone shimpeftie.com/	0 565 B	31ms 30ms	Ping text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=shimpeftie.com&var=5693907&ymid=124967_43135&var_3=16625707_43135&var_4=&dsig=&tg=1&sw=3.1.543&trace_id=8dac9567-8d0c-4a98-97be-7e64c425446a&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf= Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CITH8%2BHjJXe4iDUw6pUpvzpLkmOMcAWjIntP3MLOjkwFA3KOSX4gOo1H4UDHPfAljc6vFfaVcnhBg92zgcz3jDucNcL4nKNkP%2Bnv206oRjJXNGF%2FvYSHbQTBoMzFR9eDg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb5bd50eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	gid.js Show response my.rtmark.net/	65 B 542 B	25ms 24ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5256482&checkDuplicate=true&ymid=124967_43135&var=5693907&source=pusher Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 0db2af3103e9314af325724acb3d710484abf5dd88aa91751ed0d76e2287cd85 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
POST H3	200	custom shimpeftie.com/	39 B 685 B	29ms 28ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZCslKRu317n4KJsfJR4Q0xyqNDV5Nz6L8dtHw%2FHuaGhK9u3X3l4oFP0s%2FSD4xLlYfwFOKnidmPmyPLG1ZUhtMiUjztYn0cTMVcIr3sFInevw7gIkBkSPeTQrWdhBds43Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb5bd60eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	custom shimpeftie.com/	39 B 650 B	29ms 28ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4K6l83OmQrN0mlQ2iR6tsiB3g8eEZIiSW1J%2FqPTGoxCPkBGvruiiHi3LU8nVZTAJM%2BWxTvFzX3aoP2MEZlt3hn9KicsbF%2FnkSYBFAamvBVfeKIAfeBoR2t0BSCMrWFfXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb5bd70eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	custom shimpeftie.com/	39 B 652 B	25ms 23ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXo%2Bcr9Kim83HT0nlN7eA%2BAlVAav4RIImnp8qFqlKP3sThJHLse0B4kp8jwGCulyjq4ufu6AyQ%2BewNrueAqD3RzwkfmQqEXk%2B4rWYFdMFFB1WuUopcrP6qjk8b4j9ouYBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb6bdd0eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	custom shimpeftie.com/	39 B 657 B	27ms 25ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkP6FVjc4Bnt%2BSpVGqLPaJMDUySPTq8OrTMIJ2Cq3P6iMytOZY68TcEquFlCAVF%2BH9giB9Bh1GWjWts9%2BX19RjJ97pAAW%2BNNkOkkZo7MuA6zaXp%2BwpSiBB%2BDu9QycDqQtA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb6bde0eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
GET H3	200	track-impression-applab Show response shimpeftie.com/	834 B 1 KB	29ms 28ms	Fetch application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/track-impression-applab?z=5693907&b=16625707&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae&var=124967_43135&var_3=16625707_43135&redirect=false&redirectUrl=https%3A%2F%2Ftrk.mail.ru%2Fc%2Fb1gnt7%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3Dzeydoo_2%253A5693907%253A124967_43135%253A1%253A%7Bbrowser%7D%26mt_sub2%3D5693907%26mt_creative%3D16625707%26land_state%3Dbefore_render%26land_id%3DbFOmaFrQTwZpWpj%26land_generation_time%3D2024-07-27_21%3A44%3A15%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3Deb195753a1f25fd2786bc1d6a5a7cd94%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20eda4b93913c2218255739a49b4f3cc12c26db49c1854c2e91baca2d745808c Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 2fd640326ae69cff16df307ca620c875 pragma no-cache accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NS0sfNZf8a1XVeD6OkSvp2A4MoYPObUvWoXhl5%2BGJokwoKxusSInPJ5i3j7d6PiDFazU5I%2FsZsHlzYdR34Kz%2B%2FlB4HWt56kpfZ69wLt7yb1wxaSyo5TvBOss7e7lqeAKkQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 8aa186bb8bed0eb0-AMS expires Tue, 11 Jan 1994 10:00:00 GMT
GET H3	200	rotate Show response shimpeftie.com/	199 B 922 B	32ms 31ms	Fetch text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/rotate?zz=5822560&var=5693907&ymid=124967_43135&uid=0800a7091d23413ae9c8cc5755b8c720&var_4=71421359d1fcf7c2a5ef2011bf2ad8ae&= Requested by Host: shimpeftie.com URL: https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38f44d525ec68136196ad6ee0c0dcb9a2e96175d24caee6cc71e5c686f8d28f0 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id c0247cbd474756116f6b12ab613e8649 pragma no-cache accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://shimpeftie.com/ report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zghpjt52U7Q%2Bsno0vpRykC6oW6LbAyTJIgUbnKZFpaJ1AiNr58ucwtvRJikFPvmnfFf3CzQtN%2BkaK%2FvqI%2Bj8C9%2Bwp7lqL04IEJuFNrQH82qjqZcnqbC0zoAPAkgUUw%2BuZg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 8aa186bb8bee0eb0-AMS expires Tue, 11 Jan 1994 10:00:00 GMT
POST H3	200	custom shimpeftie.com/	39 B 646 B	26ms 24ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rpkLPXFwVtxMBCVgEYm1APpg5sQHO5eInWlbXDKnT9Jw0Bz9ecqVABZCjgxC8Kb4nS090ko1Y98LV3wBibLeFkn9v01DMFeUr8jCLYphd2E2aLTrWVra9Z0aTafWk3ZsA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb8bf70eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	custom shimpeftie.com/	39 B 653 B	26ms 24ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXyRGGNm0iu7dx%2B35Ls4yUbSDbF6wE4RndctR2hWskkS6%2BZ%2FpMwPh9pzQquN5nfpYxLhA6K45i0hPdD%2BBz4Ak4lpr5G95RrVPIFLSAkMUCOWNmKrH2BmZJQcsj1uMPywYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bb8bf80eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
GET H3	200	zone Show response shimpeftie.com/	793 B 1 KB	30ms 30ms	Fetch application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/zone?&pub=0&zone_id=5256482&is_mobile=false&domain=shimpeftie.com&var=5693907&ymid=124967_43135&var_3=16625707_43135&var_4=&dsig=&tg=1&sw=3.1.543&trace_id=8dac9567-8d0c-4a98-97be-7e64c425446a&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0= Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa348c06561344f681f3f90469c684e334f46970a95470290ccc78f6dfc192e2 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebCCmpOOXsjHVBK0%2B8mgdZSWKVxLpvZxjpb%2B%2Fm1JAoHhlPYGmiC8aIKX2Y6gaJgT9H6RTAQmoF7TCKq0mh3uxUGhIv0quI1KXXnmeTKOYtatwTYhkHNVZ24hCHLefFvADQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 8aa186bb8bf90eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
GET H3	204	favicon.ico shimpeftie.com/	0 419 B	24ms 24ms	Other text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3249 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3m9Qizi%2B56tPl7A%2B2IJgQlR5DktdcEufI9OVUPwM5Y4Cn21HK8y8kgCVqemgDp3vFSlNx9khxUG4%2FUiqT%2F19QyLZw0cHPRftQdk6OeuLCZ%2BOUsXSCWCq6LhCTy4NXT4ybA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 cf-ray 8aa186bb9bfc0eb0-AMS alt-svc h3=":443"; ma=86400
POST H3	200	custom shimpeftie.com/	39 B 654 B	23ms 22ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:15 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmwxdGzOLCGGGAcjqE6uwEe%2BGOwGDAicZYkrB%2FlhU%2BK53%2FTZnzPgj0pWWl2Dij4SoZl8nE7wM661nv3cdffWVt0DhCNHqm8dCV4ap0REYg2%2FUHMltyXIA2tyGpRijgWeOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186bbcc160eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	custom shimpeftie.com/	39 B 655 B	26ms 24ms	Ping application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shimpeftie.com/custom Requested by Host: shimpeftie.com URL: https://shimpeftie.com/pfe/current/micro.tag.min.js?uhd=1&z=5256482&ymid=124967_43135&var=5693907&sw=/sw-check-permissions/5256482&var_3=16625707_43135 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://shimpeftie.com/?l=bFOmaFrQTwZpWpj&b=16625707&z=5693907&s=71421359d1fcf7c2a5ef2011bf2ad8ae&campid=43135&var=124967_43135&ymid=71421359d1fcf7c2a5ef2011bf2ad8ae User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jul 2024 02:44:16 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRHRXEsknixX6jPJGtzfSzXMhUSVlyn8QD4J1pQALRzQyaEM6YgP3KZ3QN84sIbDztohPvGpX8b9%2FmkDHPtYQIgsVjjo5WgsIt%2FOz%2FVUXSIVpzPoKxZrP7eAwKSAF%2FZ1jw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://shimpeftie.com access-control-allow-credentials true cf-ray 8aa186c509c90eb0-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| global_vars function| getCookie function| addURLParams object| osVerPromise function| SentryObj function| LogDB function| ErrorLogger function| ObservableVariable object| reverseConfig function| rtrDebugLog function| replaceInAllHrefs function| getGid function| processMarkerResponse function| writeCache function| readCache function| getData function| initAfterDOMReady function| IntentRedirector function| getRandomIntInclusive number| adxTraffic string| cpPushZone string| cpS string| cpZ string| cpDebug number| cpRetrySubReq string| srcDomain string| cpVar3 number| maxDefaultRDC string| mtRDC string| mtVar4 function| setCookie function| makePixelImg function| getIPPfromMarker string| ttbTime string| ttbUrl string| ttbZone string| ttbPZone string| ttbPParam function| redirectUrl function| backTb object| zfgformats object| __ds3dcv__

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			shimpeftie.com/	1970-01-20 22:22:18	Name: reverse Value: nneU39ARDfI6FFrzcHQ1qJg_yxyCTKSMTmn0l3gCDiA
			shimpeftie.com/	1970-01-21 07:07:50	Name: OAID Value: eb195753a1f25fd2786bc1d6a5a7cd94
			shimpeftie.com/	1970-01-21 07:58:14	Name: oaidts Value: 1722134654
			shimpeftie.com/	1970-01-20 22:32:19	Name: syncedCookie Value: true
			my.rtmark.net/	1970-01-21 07:07:50	Name: ID Value: 0180a71359e344daf8e35ebbae279f6b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

littlecdn.com
my.rtmark.net
shimpeftie.com
static.shimpeftie.com
139.45.195.8
188.114.97.3
2606:4700::6812:bf4
0db2af3103e9314af325724acb3d710484abf5dd88aa91751ed0d76e2287cd85
20eda4b93913c2218255739a49b4f3cc12c26db49c1854c2e91baca2d745808c
3038ea5e50e6a506794417b0ce509010ad2198368ff940ceb4b83227664dcbf3
38f44d525ec68136196ad6ee0c0dcb9a2e96175d24caee6cc71e5c686f8d28f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f07a3e57bb588375367140f3ca30b39208063ba19be420c81bff7be0f0cc018
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
b19dfcedb9de8633b62cbfb257499456703f5c4d4eb0b613908a4273a01eaf29
c2d44d2df843c6b59d9f661f0f4636d59dcce7fb8cbc234daa93c491e7f1125e
d9ab2abfe891df29cef039cf4a918deac857f5f4b990a664c175a206182d052e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa348c06561344f681f3f90469c684e334f46970a95470290ccc78f6dfc192e2
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881