adshnk.com Open in urlscan Pro
104.21.1.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adshnk.com/ZK6uvP#google_vignette
Effective URL:
https://adshnk.com/ZK6uvP
Submission Tags: falconsandbox
Submission: On December 28 via api (December 28th 2024, 11:47:41 pm UTC) from US — Scanned from CA

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 104.21.1.15, located in and belongs to CLOUDFLARENET, US. The main domain is adshnk.com.
TLS certificate: Issued by WE1 on December 18th 2024. Valid for: 3 months.

This is the only time adshnk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.21.1.15 104.21.1.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.32.97 142.251.32.97	15169 (GOOGLE) (GOOGLE)
9	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	169.197.85.95 169.197.85.95	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
1	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
13	142.250.80.110 142.250.80.110	15169 (GOOGLE) (GOOGLE)
1	142.250.80.46 142.250.80.46	15169 (GOOGLE) (GOOGLE)
1	142.250.81.238 142.250.81.238	15169 (GOOGLE) (GOOGLE)
1	138.199.40.58 138.199.40.58	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	142.251.40.100 142.251.40.100	15169 (GOOGLE) (GOOGLE)
3	3.13.165.196 3.13.165.196	16509 (AMAZON-02) (AMAZON-02)
1	142.251.32.99 142.251.32.99	15169 (GOOGLE) (GOOGLE)
1	142.250.176.195 142.250.176.195	15169 (GOOGLE) (GOOGLE)
1	77.111.240.180 77.111.240.180	51468 (ONECOM On...) (ONECOM One.com A/S)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
48	16

4 104.21.1.15 (None, )

ASN13335 (CLOUDFLARENET, US)

adshnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.97 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.46 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.40.58 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 138-199-40-58.bunnyinfra.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.13.165.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-165-196.us-east-2.compute.amazonaws.com

wurfl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.111.240.180 (Copenhagen, Denmark)

ASN51468 (ONECOM One.com A/S, DK)
PTR: webcluster53.webpod11-cph3.one.com

www.shrink-service.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 apis.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 3	229 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	195 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	171 KB
4	adshnk.com adshnk.com	25 KB
3	wurfl.io wurfl.io — Cisco Umbrella Rank: 28567	4 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	239 KB
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	76 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	67 B
1	shrink-service.it www.shrink-service.it	841 B
1	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 22986	10 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	944 B
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 14048	50 KB
48	13

	Domain	Requested by
13	fundingchoicesmessages.google.com	adshnk.com
9	cdnjs.cloudflare.com	adshnk.com
7	cdn.jsdelivr.net	adshnk.com
4	adshnk.com	adshnk.com
3	wurfl.io	adshnk.com wurfl.io
2	cdn.ampproject.org	adshnk.com cdn.ampproject.org
1	pagead2.googlesyndication.com
1	www.shrink-service.it	cdn.jsdelivr.net
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	adshnk.com
1	cdn.trackjs.com	adshnk.com
1	apis.google.com	adshnk.com
1	www.google-analytics.com	adshnk.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	i.ibb.co	adshnk.com
48	16

This site contains links to these domains. Also see Links.

Domain
litl.cc

Subject Issuer	Validity	Valid
adshnk.com WE1	`2024-12-18` - `2025-03-18`	3 months	crt.sh
misc-sni.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
ibb.co E5	`2024-12-20` - `2025-03-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.apis.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdn.trackjs.com R10	`2024-12-04` - `2025-03-04`	3 months	crt.sh
wurfl.io Amazon RSA 2048 M02	`2024-11-10` - `2025-12-09`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.shrink-service.it E6	`2024-11-09` - `2025-02-07`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://adshnk.com/ZK6uvP
Frame ID: EB2B21AB79F333D954FD9C3DE8257E61
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Adshrink.it | Affiliate Network

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

/semantic(?:-([\d.]+))?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Lightbox (JavaScript Libraries) Expand

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

1024 kB
Transfer

3562 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://litl.cc/5eyt7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request ZK6uvP Show response
adshnk.com/ 88 KB
20 KB 416ms
375ms Document
text/html 104.21.1.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshnk.com/ZK6uvP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.1.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002e7ffc6b9a83a80b94c7cc818cb97d82799fdbe68d7b425be23023bcd02dd3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f956fb4bd0053ef-YYZ
content-encoding: zstd
content-type: text/html
date: Sat, 28 Dec 2024 23:47:36 GMT
expires: Sat, 28 Dec 2024 23:47:35 GMT
last-modified: Mon, 16 Dec 2024 19:06:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
panel: hpanel
platform: hostinger
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5qCOYxOllAkYAQpDgDo3sACf1bQISa%2FOnu9PlVZMa38yhI7%2F5dZvq4IDg6lyz0AizSx1DPDPtvvOHsfy%2FCN19GFcGmwnsUOrUcnXuK0eMhSCLqeJDedXNPFhXp5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=20683&min_rtt=19352&rtt_var=4953&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4489&delivery_rate=572&cwnd=12000&unsent_bytes=0&cid=68a4b1c93c887649&ts=385&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 131ms
47ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: br
etag: "6cd5bd85d22351ce"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 23:47:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73112
x-xss-protection: 0
server: sffe

GET
H3 200 semantic.min.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ 614 KB
78 KB 88ms
34ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.min.css?v=0.0.1

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f666e439f561a3764f5df33b5bcb15d929ddac60ee87bc2ec8b8edb167932354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fcd-99720"
age: 315471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TwBwJ4WPyag8i4QQj7YUtBXLKg4%2BAsSk7zFdLSuGk00XWM6scFjbF94zYR38Gj7fZ8NSC0tc9Ba8hPFbKP07wy5vdZBscuDQvuLIFqJ5JoqsCkujJI6DTmM1bmT7lGBHQsEA7IU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:13 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fb7abf4ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79623
server: cloudflare

GET
H3 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/ 7 KB
3 KB 85ms
31ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/toastr.min.css

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f3-a50"
age: 387720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGYSM%2BdzSQFtuzJ0xtzypuGTKYJJUn6j4EARf9eCtiBrcZ8eLp3Dvs%2B6%2BAGKhki8hvrjC6OvHoaXoKs4RfQCXFku2ZAh%2BOXlaPiUiV5pg17MWUR25QYjKj%2FENYfjjvJ4KZdb4ErF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fb7abf3ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2640
server: cloudflare

GET
H2 200 all.min.css
cdn.jsdelivr.net/gh/tallesairan/FA5PRO/css/ 498 KB
91 KB 72ms
21ms Stylesheet
text/css 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/tallesairan/FA5PRO/css/all.min.css

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

47aa5aff3a5b873f488c92005ca3ffd0a939ddc4707ec8dd8a4e0e8dff653ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"7c7bb-ChCFxzqeIYW335rK++NGjnPyN8c"
age: 32258
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230054-FRA, cache-yyz4567-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 93143
x-jsd-version: 6.4.0

GET
H3 200 alert.css
adshnk.com/src/css/ 1 KB
1 KB 96ms
94ms Stylesheet
text/css 104.21.1.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshnk.com/src/css/alert.css?v=1
Requested by: Host: adshnk.com
URL: https://adshnk.com/ZK6uvP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.1.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa3b8f5f64859be05c5be61f7b59b002735eb06447d87905d1b4584e07a70b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/ZK6uvP

Response headers

content-encoding: zstd
cf-bgj: minify
etag: W/"567-64184be7-5c9f591d7d85e87f;br"
age: 23184449
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OluhR%2FwcvFxLoG6DpKKkrEZrncmZjglLS0fsY83EPuo4w78esMZHixaUQVTbwcvHW3h12Wr6MkNW9SKo%2BNO853ex%2FVAkDEoyoudUNN9FDFbJIGdSAy9XvWVVIgLm"}],"group":"cf-nel","max_age":604800}
expires: Fri, 04 Apr 2025 15:30:44 GMT
cf-polished: origSize=1383
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24110&min_rtt=19352&rtt_var=6400&sent=32&recv=20&lost=0&retrans=1&sent_bytes=25342&recv_bytes=5191&delivery_rate=10274&cwnd=18000&unsent_bytes=0&cid=68a4b1c93c887649&ts=521&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/css
last-modified: Mon, 20 Mar 2023 12:04:55 GMT
vary: Accept-Encoding
platform: hostinger
priority: u=0,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f956fb7a89453ef-YYZ
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 Untitled-1.png
i.ibb.co/cTJVC59/ 50 KB
50 KB 114ms
37ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cTJVC59/Untitled-1.png
Requested by: Host: adshnk.com
URL: https://adshnk.com/ZK6uvP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 036e194eec317a38c958d7b53335ebc713838f97515b0dfcf4e3efc4f5a60d3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51359
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: image/png
last-modified: Wed, 11 Dec 2024 15:50:23 GMT
server: nginx

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/latest/ 85 KB
31 KB 26ms
25ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/latest/jquery.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
age: 2035291
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230150-FRA, cache-yyz4567-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31984

GET
H3 200 react.production.min.js Show response
cdnjs.cloudflare.com/ajax/libs/react/17.0.2/umd/ 11 KB
5 KB 31ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/react/17.0.2/umd/react.production.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6059360d-2cb0"
age: 399246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FFtXoGQQ2bP2xrWyvx910S5GuMI%2B2nQSnl9Cf5uVCK0dkVKIIbggvH%2Bpl64ZBOGmNwVaNeBTQzpq6S5kzr2Zt6ijKd6FCJ%2Fi0R%2B9TNMMLjspZa2OItaQLeokhv0FxoCVmTa8%2F61"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 23 Mar 2021 00:27:57 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fb8fdb2ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4019
server: cloudflare

GET
H3 200 cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Cookies.js/1.2.1/ 3 KB
2 KB 31ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Cookies.js/1.2.1/cookies.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034205888a7c988cf08fbb943aaa5d242e0163ccd4100b5fb3f297712a1edb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03cee-a00"
age: 143317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81viG0K8jBYqQ%2B%2FhZoBkahMrDspGgwuR1C6jyTIpR8OJOrMexZJjfVlv68lNrOrhntwQxIykjctgCxhrB1HsvshTaRDjIB1Pw3uDmOdM594ToOywy2kFp482UxEBIOc69Meg85Ew"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:03:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fb92df4ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 951
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 3 KB
944 B 144ms
53ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.min.css?v=0.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 23:47:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 28 Dec 2024 22:19:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 pub-7059238300655615 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 153ms
69ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7059238300655615?ers=2

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

332bfc738e43ea1a631f28d0e23c9dfe18bcaf49bde450d0d6f2b88d7828ced1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-twpqlyJAgVK9_8eelt21RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcMyYc2g3m8CM_5N3MClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAefhFVw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-twpqlyJAgVK9_8eelt21RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 pub-7059238300655615 Show response
fundingchoicesmessages.google.com/i/ 197 KB
64 KB 84ms
70ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7059238300655615?ers=3

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

20f3f000832dfdb6de265e460f9335c038853d6aeef8cdd08a5d5dc5b697abee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-793ZXgGRdkxF_enGPXKE1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XDMmHNoN5vAiy3NH5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwA0OtKlg"
content-security-policy: script-src 'report-sample' 'nonce-793ZXgGRdkxF_enGPXKE1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 pub-7059238300655615 Show response
fundingchoicesmessages.google.com/i/ 197 KB
64 KB 97ms
84ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7059238300655615?ers=1

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

38fd54169844460e6b6c2850077d4faa0b221205e25741d9cd39834a69f2f831

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHorYZwhJTcY0Y5aB7Q-Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcMyYc2g3m8CGlq0fmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDAB4sEVQ"
content-security-policy: script-src 'report-sample' 'nonce-vHorYZwhJTcY0Y5aB7Q-Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 496ms
132ms Script
text/javascript 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
age: 4436
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 29 Dec 2024 00:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 22:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 platform.js Show response
apis.google.com/js/ 63 KB
24 KB 195ms
54ms Script
text/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=on_load_gapi

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

sffe /

Resource Hash

6437fdeb13d214f0693871559e00317545624f213a733a5f6e6a34f7eac967b5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
etag: "84678cc0c5a4d7a1"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 23:47:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24182
x-xss-protection: 0
server: sffe

GET
H3 200 moment.min.js Show response
cdn.jsdelivr.net/momentjs/latest/ 50 KB
18 KB 54ms
45ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/momentjs/latest/moment.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"c909-Mv32cwvjRTjgk3jsbMVSKdmnAVE"
age: 2040300
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220050-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18139

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
10 KB 187ms
47ms Script
application/javascript 138.199.40.58
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: adshnk.com
URL: https://adshnk.com/ZK6uvP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "f62a120cfe36e652de667aaed72b7815"
date: Sat, 28 Dec 2024 23:47:36 GMT
last-modified: Wed, 06 Dec 2023 15:35:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-amz-id-2: RCNVc7b+qfyt3YUGxtzcaxojT5FocIsvsIrULZT3LvQFu7daM0OIEaewNXNzoGOa8XmYVukXJko=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
x-amz-meta-content-type: application/javascript
cache-control: public, max-age=604800, s-max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-requestpullcode: 200
cdn-uid: cd4e6a4c-6811-495a-bea9-94fbb4c46859
cdn-requestid: c232eb71ef2855e1cfad649b8d917807
cdn-pullzone: 1606702
cdn-proxyver: 1.06
x-amz-request-id: HFJV60AAYHEFKKBT
access-control-allow-origin: *
cdn-cachedat: 11/29/2024 23:49:09
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: CA
x-amz-server-side-encryption: AES256

GET
H3 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.15/ 72 KB
24 KB 33ms
25ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.15/lodash.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"11e2d-MvCew+wJUPR6NfwNZWVZ1bFk2s0"
age: 1031456
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230160-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23747
x-jsd-version: 4.17.15

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/ 5 KB
2 KB 65ms
56ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f5-75c"
age: 122863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sl0aH1mR6y7VjSA5gfTqTZRCjzzSbIN%2FmqgFEFoYfAqtLVzjwchH14I2lRBvEPFI6FWyXjTBYPmgo5QrB%2Ftd8D1Ur%2FNlS9hXJ0EKlg3q%2FEYM6VSNDpdZWJeklG6mhw8%2F5cK0Gv3X"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:29 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fbacf3aab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1884
server: cloudflare

GET
H3 200 semantic.min.js Show response
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/ 269 KB
56 KB 42ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.1/semantic.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fcd-43512"
age: 387050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45qLapY30sOQYJeTOtV8x2PaGu8gAo4VlxRuyg3BEjvTtx4XKF0md%2FFMb7f5Nob0Lba0d02NXp0lw4DdEQLLjE7j5djW3o%2BvCURQnyrLr9SxGAQtcfLjkSadUEp%2F2LpU9Oq6UzeR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:13 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fbaaf0fab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57071
server: cloudflare

GET
H3 200 url.min.js Show response
cdn.jsdelivr.net/gh/adshrink/skip.prod.js@main1.117/ 4 KB
2 KB 33ms
25ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adshrink/skip.prod.js@main1.117/url.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc00ee0897f1bf6e7a24c28a479e3e5b476e3079fcf56e114544b8490b40f625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"ed6-ppWYOTr6wgy7Dwa610j+CnsmvVs"
age: 2391
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230023-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1773
x-jsd-version: main1.117

GET
H3 200 react-dom.production.min.js Show response
cdnjs.cloudflare.com/ajax/libs/react-dom/17.0.2/umd/ 118 KB
34 KB 84ms
76ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/react-dom/17.0.2/umd/react-dom.production.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "605933ce-1d709"
age: 393039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccawhTfefcX2OXVzyWbPDHgt4DiwryKmjfWJ8qRrgZ%2Fa1glq42uPfGFF0%2F6MtUj1wZZvcW5Spq00gJvxVsJj%2B15BdC4aKpOQpWZnPl9GDFenhpw8guHxM5JpqSrSoZ6ssq4PgNUY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 23 Mar 2021 00:18:22 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fbadf43ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34508
server: cloudflare

GET
H3 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/ 14 KB
5 KB 39ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03d6a-36a9"
age: 313316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o45XhNW40LcE1f2kifQTFkViZlzl%2BB7%2FhCtsz1Yw8MoIpFxDuW6BF%2FXLsASE6n%2BrOez0nFcexldj9bJA3yEyAJeimVc7rhQ0RqWoUYkCnOcJ%2ButfElZHauoqAgM3d5%2BeEI%2FTL8OJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:06:02 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fbaaf11ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4253
server: cloudflare

GET
H3 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/ 7 KB
3 KB 97ms
88ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/lazyload.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1d61-wcBCP//7m5LJeuNOb3Rtiff9UGo"
age: 1533889
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220115-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2545
x-jsd-version: 17.3.1

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
999 B 189ms
61ms Script
text/javascript 142.251.40.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=explicit

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f4.1e100.net

Software

ESF /

Resource Hash

039f8ceb6179d891eb74aaea051f0525393c105917c0c9ee9f6efa276608f5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 23:47:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 28 Dec 2024 23:47:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK wurfl.js Show response
wurfl.io/ 7 KB
3 KB 237ms
52ms Script
application/json 3.13.165.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/wurfl.js
Requested by: Host: adshnk.com
URL: https://adshnk.com/ZK6uvP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.165.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-165-196.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: b357cdf474f1d623608ccaf8f1c8d590d460df28749b81d24e7094a6e6a15ea7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

Cache-Control: no-cache
Content-Encoding: br
Cross-Origin-Opener-Policy: cross-origin
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Cross-Origin-Embedder-Policy: cross-origin
Content-Length: 2712
Date: Sat, 28 Dec 2024 23:47:36 GMT
Content-Type: application/json
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version

GET
H3 200 botDetector.js Show response
cdn.jsdelivr.net/gh/adshrink/skip.prod.js@main1.111/ 3 KB
1 KB 32ms
24ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adshrink/skip.prod.js@main1.111/botDetector.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c005994721a3b8eda3e95f77f917354e6a8924bd79ab1420b264694cef8c1129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"a6d-TRTQx3gUTRylEZgjIj8fN8JzC6E"
age: 1163
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220148-FRA, cache-yyz4557-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 684
x-jsd-version: main1.111

GET
H3 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.8.1/ 35 KB
10 KB 104ms
96ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.8.1/fingerprint2.min.js

Requested by

Host: adshnk.com
URL: https://adshnk.com/ZK6uvP

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5c-8d59"
age: 4599627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgnplWyJr90xF2E7umMdfUIDLVrTBYiRz51mP3rqGx2RXQwOMDpnjcFOnTtSdgsBrCZcY%2BXWi7u8VQjKZ%2BLAgPFfA4UuvqEkBc5cG8ii7btK%2FsVTOWCwsS%2FyT%2Fg%2BhVGX7mz51heO"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 23:47:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:04 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f956fbaaf12ab9f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9260
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 85ms
37ms Font
font/woff2 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://adshnk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 188839
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Dec 2025 19:20:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 19:20:17 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 8 KB
4 KB 160ms
41ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://adshnk.com
Referer: https://adshnk.com/

Response headers

content-encoding: br
etag: "f0f2b169fa87a905"
age: 126037
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 12:46:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 12:46:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2970
x-xss-protection: 0
server: sffe

GET
H3 200 s.js Show response
adshnk.com/cdn-cgi/zaraz/ 5 KB
3 KB 41ms
41ms Script
text/javascript 104.21.1.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshnk.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQWRzaHJpbmsuaXQlMjAlN0MlMjBBZmZpbGlhdGUlMjBOZXR3b3JrJTIyJTJDJTIyeCUyMiUzQTAuMDk1ODUxMTE2NTIxMDMxNCUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGYWRzaG5rLmNvbSUyRlpLNnV2UCUyM2dvb2dsZV92aWduZXR0ZSUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBNDgwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by: Host: adshnk.com
URL: https://adshnk.com/ZK6uvP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.1.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53719674a9dc2cedb5b5c5a356f29cbf957bdbbdfc9380838dc5a7a20ec72b61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

x-robots-tag: none
access-control-max-age: 600
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcqQw%2FY5CiscBhHD0G0Ot%2BklTxAUlpmbCCXgM0hUj0c9kdlJLvKjIA2Pe6x%2FGZhbg08SjjEFxd76wwrUQu695qYt4lkB7wA8AZBHd1nsyWqJd3gWqhJQGaSuBzch"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23426&min_rtt=18632&rtt_var=6170&sent=35&recv=22&lost=0&retrans=1&sent_bytes=26675&recv_bytes=5894&delivery_rate=39463&cwnd=18000&unsent_bytes=0&cid=68a4b1c93c887649&ts=1013&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f956fbabb6253ef-YYZ
access-control-allow-origin: https://adshnk.com
server: cloudflare

GET
H3 200 AGSKWxVIFPDK3PNTU2h5eD8Ua4fTZuWPGiB1d-0RtgyPrDLKSLt5XUrHzjo97x7-FohTI25aBpf6WjPOzkbIbWJvvzO18AKze1BDKcqOMPPjBMNh9TaOUGiwF5Fv2jzdfkjEISu-TuayVQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
4 KB 74ms
73ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVIFPDK3PNTU2h5eD8Ua4fTZuWPGiB1d-0RtgyPrDLKSLt5XUrHzjo97x7-FohTI25aBpf6WjPOzkbIbWJvvzO18AKze1BDKcqOMPPjBMNh9TaOUGiwF5Fv2jzdfkjEISu-TuayVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NDI5NjU2LDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hZHNobmsuY29tL1pLNnV2UCIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

710a222908475fd0a427e5a77b0c2f142366e26d0927320b2b4d448172af1a0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CAzGAUeR70dCpDLmYL4YLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XDMmHNoN5vAg4lXZjMraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGRrpGRjGFxgAANLdSnY"
content-security-policy: script-src 'report-sample' 'nonce-CAzGAUeR70dCpDLmYL4YLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 120ms
32ms Script
text/javascript 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://adshnk.com
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
age: 45790
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 11:04:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 11:04:27 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK async-detect Show response
wurfl.io/ 108 B
957 B 124ms
123ms Fetch
application/json 3.13.165.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/async-detect
Requested by: Host: wurfl.io
URL: https://wurfl.io/wurfl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.165.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-165-196.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 0f5c8f5573112030f62b2a335bbbbd4dd22e75c9c41b6071339d4cecec68e3a5

Request headers

Referer: https://adshnk.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

Access-Control-Max-Age: 28800
Access-Control-Expose-Headers: Content-Range
Cache-Control: no-cache
Content-Encoding: br
Cross-Origin-Opener-Policy: cross-origin
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Cross-Origin-Embedder-Policy: cross-origin
Access-Control-Allow-Origin: https://adshnk.com
Content-Length: 92
Date: Sat, 28 Dec 2024 23:47:37 GMT
Content-Type: application/json
Vary: accept-encoding, origin, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version

OPTIONS
H/1.1 200
OK async-detect
wurfl.io/ 0
0 183ms
48ms Preflight 3.13.165.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/async-detect
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.165.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-165-196.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://adshnk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST
Access-Control-Allow-Origin: https://adshnk.com
Access-Control-Expose-Headers: Content-Range
Access-Control-Max-Age: 28800
Connection: keep-alive
Content-Encoding: br
Content-Length: 1
Date: Sat, 28 Dec 2024 23:47:37 GMT
Vary: accept-encoding origin

POST
H2 404 init Show response
www.shrink-service.it/v3/api/prototype/ 17 B
841 B 1423ms
1020ms XHR
application/json 77.111.240.180
ONECOM One.com A/S

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shrink-service.it/v3/api/prototype/init
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/latest/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.111.240.180 Copenhagen, Denmark, ASN51468 (ONECOM One.com A/S, DK),
Reverse DNS: webcluster53.webpod11-cph3.one.com
Software: Apache / PHP/8.0.30
Resource Hash: 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Request headers

Referer: https://adshnk.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

age: 0
disablevcache: true
expires: 0
x-varnish: 4461331963
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
x-onecom-cluster-name
via: 1.1 webcache2 (Varnish/trunk)
x-ratelimit-remaining: 59
access-control-allow-origin: *
content-length: 17
x-ratelimit-limit: 60
x-powered-by: PHP/8.0.30
server: Apache

GET
H3 404 favicon.ico
adshnk.com/ 796 B
1 KB 130ms
129ms Other
text/html 104.21.1.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshnk.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.1.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/ZK6uvP

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szsUR4EUGqZ4Z24rXP9gmNQQLoGBKvLTxFhCaFjO8G2vRZI0jChF6v%2B%2FJ4rZ%2FL1wnZoXKZbhGYIX%2BiSw9BjWY0I93ji9jg0Ke7HWPGfL%2Fj4YDhcA7PheQvU3TYap"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23410&min_rtt=18632&rtt_var=3496&sent=40&recv=25&lost=0&retrans=1&sent_bytes=29962&recv_bytes=6323&delivery_rate=84134&cwnd=18000&unsent_bytes=0&cid=68a4b1c93c887649&ts=1863&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html
vary: Accept-Encoding
priority: u=1,i
platform: hostinger
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8f956fbf882853ef-YYZ
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 promodisplay Show response
fundingchoicesmessages.google.com/f/AGSKWxVHZDCfX8lnHcq2ks1q7nRwFIiH7BSjl7BRHXVZgS2oax1H6ZeHRxldsYJ5DB_4TFWQhYGYTK5nPH2gmmIk2XtIPlBbK2SNYd6pST2_2rNHMWIeLTjxBG1iNLMbumKAgOCf44PnYbHajjeubBdL80q_D6PQ6... 54 B
109 B 62ms
61ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVHZDCfX8lnHcq2ks1q7nRwFIiH7BSjl7BRHXVZgS2oax1H6ZeHRxldsYJ5DB_4TFWQhYGYTK5nPH2gmmIk2XtIPlBbK2SNYd6pST2_2rNHMWIeLTjxBG1iNLMbumKAgOCf44PnYbHajjeubBdL80q_D6PQ6ZWp41lxsuroVqrco7WGqbnwSLE4NtKP/__ad_over_.com/promodisplay?/cashad.?q=ads_/!advert_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

8836fc1af9b0d9bb1ddf9e4b8a6fb291fc1219d93006cb99a736648315b12ab2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--w4sBTUutawpdhzDDphleQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw05BiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XDMnHNoN5vAjMbd_UxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYAuP5J9A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--w4sBTUutawpdhzDDphleQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 132ms
56ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 61152
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 06:48:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 28 Dec 2024 06:48:25 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxVptf1ilzwhecMD-Ht5CMBvCAVxVC243yTFrHBkJ6SjWdLWWpVZOMJklKA-N0MVRp5xM9rFObuuGftxm8eGlqZur6JAUPpeTqPajqBj9JVBc3p-NLK_9YK9pIjXRRRL4MGJ7ezoPw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 154ms
112ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVptf1ilzwhecMD-Ht5CMBvCAVxVC243yTFrHBkJ6SjWdLWWpVZOMJklKA-N0MVRp5xM9rFObuuGftxm8eGlqZur6JAUPpeTqPajqBj9JVBc3p-NLK_9YK9pIjXRRRL4MGJ7ezoPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gdb0grBuL_DMSAKech_vuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://adshnk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj5pxDu9kEbqx4sJBJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAD4iCre"
content-security-policy: script-src 'report-sample' 'nonce-gdb0grBuL_DMSAKech_vuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://adshnk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVptf1ilzwhecMD-Ht5CMBvCAVxVC243yTFrHBkJ6SjWdLWWpVZOMJklKA-N0MVRp5xM9rFObuuGftxm8eGlqZur6JAUPpeTqPajqBj9JVBc3p-NLK_9YK9pIjXRRRL4MGJ7ezoPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yr56VQy_cKGOiavOQvcYMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://adshnk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj5pxDu9kEJrScXcek5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAN61Kn0"
content-security-policy: script-src 'report-sample' 'nonce-Yr56VQy_cKGOiavOQvcYMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://adshnk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVptf1ilzwhecMD-Ht5CMBvCAVxVC243yTFrHBkJ6SjWdLWWpVZOMJklKA-N0MVRp5xM9rFObuuGftxm8eGlqZur6JAUPpeTqPajqBj9JVBc3p-NLK_9YK9pIjXRRRL4MGJ7ezoPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M7Qb46gV0UHV6pq34PtE2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://adshnk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj5pxDu9kEPvy8fJlJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAmNCt3"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M7Qb46gV0UHV6pq34PtE2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://adshnk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVptf1ilzwhecMD-Ht5CMBvCAVxVC243yTFrHBkJ6SjWdLWWpVZOMJklKA-N0MVRp5xM9rFObuuGftxm8eGlqZur6JAUPpeTqPajqBj9JVBc3p-NLK_9YK9pIjXRRRL4MGJ7ezoPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rEkdI8fcwEXhGLAKEVEWJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://adshnk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj5pxDu9kEDkxecoVJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAADt6iq0"
content-security-policy: script-src 'report-sample' 'nonce-rEkdI8fcwEXhGLAKEVEWJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://adshnk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVP5fmLeYGGQ4G20g1mx7qTw03kO88Uy4sc2b5snzzjdO2sKNJtC2IqIz7-nMHrlcVd6t3xzFIewYDyiXq-6ZyHeq6qIG0svTeQ6KYWUYrPJBh2YjwrpH-BX3lLgvLoSy-K_zGlgg== Show response
fundingchoicesmessages.google.com/f/ 6 KB
2 KB 75ms
74ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVP5fmLeYGGQ4G20g1mx7qTw03kO88Uy4sc2b5snzzjdO2sKNJtC2IqIz7-nMHrlcVd6t3xzFIewYDyiXq-6ZyHeq6qIG0svTeQ6KYWUYrPJBh2YjwrpH-BX3lLgvLoSy-K_zGlgg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NDI5NjU3LDY3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYWRzaG5rLmNvbS9aSzZ1dlAiLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

311a5ec415a66133cd14c823fc99d5208ec916e897bbf6cc50a5a95b4e7dbd37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fSPBdisy7ApjGUEUWCMInw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcMycc2g3m8CPZQduMilpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAkHBFuA"
content-security-policy: script-src 'report-sample' 'nonce-fSPBdisy7ApjGUEUWCMInw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxU55tvu76U5HEyGLCGI-JgFCp8a9CX73ITKIkedy2rxUT7AejSScIhaX9tQoZ7et5XgAVYpbm67TAbVOjci7Jo14MkY5etzg-seNzjOxH6FPg52DjHVPjqLCrItMHQ4WVqL_FB72w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 70ms
70ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU55tvu76U5HEyGLCGI-JgFCp8a9CX73ITKIkedy2rxUT7AejSScIhaX9tQoZ7et5XgAVYpbm67TAbVOjci7Jo14MkY5etzg-seNzjOxH6FPg52DjHVPjqLCrItMHQ4WVqL_FB72w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NDI5NjU3LDc1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYWRzaG5rLmNvbS9aSzZ1dlAiLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

60382b41b654e5c1353eeea1d1ce5fd67296a25aaf726f0eca9ef98fea80ba5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FiZv8W2e3Wdyhe8BdRZjow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcMycc2g3m8CJGff-MClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAkGZFuw"
content-security-policy: script-src 'report-sample' 'nonce-FiZv8W2e3Wdyhe8BdRZjow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVHV1Qbi5qrkaliVgiHCtysX7-dainWQIm653vnpHEdeTmvqel-O5ybPzAcNNi-Xm-xWrKp3Er2U8yy_SznNFyF0UxIgRcZpLvJsVb5suzhlsCh36IGaNtbYdBddHfCjLPS6aKDyA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
66ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVHV1Qbi5qrkaliVgiHCtysX7-dainWQIm653vnpHEdeTmvqel-O5ybPzAcNNi-Xm-xWrKp3Er2U8yy_SznNFyF0UxIgRcZpLvJsVb5suzhlsCh36IGaNtbYdBddHfCjLPS6aKDyA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NDI5NjU3LDgzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hZHNobmsuY29tL1pLNnV2UCIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

01b240949697ca7cac37170cc29574380425c6a941d843955a0e7d798556b1ff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oZynyzkv6usqCrxVtqnzOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://adshnk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcMycc2g3m0DH3PULmJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDABqcETx"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oZynyzkv6usqCrxVtqnzOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXkz9AFUpRxb5RjLarF4gGiYM68V2eoOeNLo20roTprfQ9-dB8AMfzGV-HFVc-uRkkLWN-uPJFm9yupRZN6rCJR_WFMsWjYLZzFmx-WEBwZ_sgs04fwBvcfkkFA3AY4iU60XBQ3BQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
57ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkz9AFUpRxb5RjLarF4gGiYM68V2eoOeNLo20roTprfQ9-dB8AMfzGV-HFVc-uRkkLWN-uPJFm9yupRZN6rCJR_WFMsWjYLZzFmx-WEBwZ_sgs04fwBvcfkkFA3AY4iU60XBQ3BQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fWsZOj8ljt9BvIKnelXR5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://adshnk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 23:47:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj5pxDu9kEdmw5uo9ZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAD0rCrQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fWsZOj8ljt9BvIKnelXR5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://adshnk.com
content-length: 0
x-xss-protection: 0
server: ESF

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adshnk.com/	1970-01-21 10:49:25	Name: FCNEC Value: %5B%5B%22AKsRol-13LcuQD7nyLP2lzOiRwMGAMDAB5LQuYpnoZjBj-h4MB_Gt1BjIY__KvZ9slu4LCaGj15iywUhVMfkOdMGbtuCTdoNNQ2bDOQue4yNBMry4p0ul94yf2v7LpKPpGz7Kf3lRpSRuCte41heMbxc8DGAcg_WjQ%3D%3D%22%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://adshnk.com/ZK6uvP#google_vignette(Line 9) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.
network	error	URL: https://adshnk.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.shrink-service.it/v3/api/prototype/init Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adshnk.com
apis.google.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.trackjs.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.ibb.co
pagead2.googlesyndication.com
wurfl.io
www.google-analytics.com
www.google.com
www.gstatic.com
www.shrink-service.it
104.17.24.14
104.21.1.15
138.199.40.58
142.250.176.195
142.250.80.110
142.250.80.46
142.250.81.238
142.251.32.97
142.251.32.98
142.251.32.99
142.251.35.170
142.251.40.100
151.101.65.229
169.197.85.95
3.13.165.196
77.111.240.180
002e7ffc6b9a83a80b94c7cc818cb97d82799fdbe68d7b425be23023bcd02dd3
01b240949697ca7cac37170cc29574380425c6a941d843955a0e7d798556b1ff
034205888a7c988cf08fbb943aaa5d242e0163ccd4100b5fb3f297712a1edb97
036e194eec317a38c958d7b53335ebc713838f97515b0dfcf4e3efc4f5a60d3c
039f8ceb6179d891eb74aaea051f0525393c105917c0c9ee9f6efa276608f5fb
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0f5c8f5573112030f62b2a335bbbbd4dd22e75c9c41b6071339d4cecec68e3a5
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
20f3f000832dfdb6de265e460f9335c038853d6aeef8cdd08a5d5dc5b697abee
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
311a5ec415a66133cd14c823fc99d5208ec916e897bbf6cc50a5a95b4e7dbd37
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
332bfc738e43ea1a631f28d0e23c9dfe18bcaf49bde450d0d6f2b88d7828ced1
38fd54169844460e6b6c2850077d4faa0b221205e25741d9cd39834a69f2f831
47aa5aff3a5b873f488c92005ca3ffd0a939ddc4707ec8dd8a4e0e8dff653ab4
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
53719674a9dc2cedb5b5c5a356f29cbf957bdbbdfc9380838dc5a7a20ec72b61
55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84
60382b41b654e5c1353eeea1d1ce5fd67296a25aaf726f0eca9ef98fea80ba5f
6437fdeb13d214f0693871559e00317545624f213a733a5f6e6a34f7eac967b5
710a222908475fd0a427e5a77b0c2f142366e26d0927320b2b4d448172af1a0d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8836fc1af9b0d9bb1ddf9e4b8a6fb291fc1219d93006cb99a736648315b12ab2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
b357cdf474f1d623608ccaf8f1c8d590d460df28749b81d24e7094a6e6a15ea7
b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052
baa3b8f5f64859be05c5be61f7b59b002735eb06447d87905d1b4584e07a70b5
c005994721a3b8eda3e95f77f917354e6a8924bd79ab1420b264694cef8c1129
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
dc00ee0897f1bf6e7a24c28a479e3e5b476e3079fcf56e114544b8490b40f625
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085
f666e439f561a3764f5df33b5bcb15d929ddac60ee87bc2ec8b8edb167932354

adshnk.com Open in urlscan Pro 104.21.1.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

16 IPs

3 Countries

1024 kBTransfer

3562 kBSize

1 Cookies

1 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adshnk.com Open in urlscan Pro
104.21.1.15 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

1024 kB
Transfer

3562 kB
Size

1
Cookies

48 HTTP transactions
0 data transactions