urlscan.io logo urlscan.io
SecurityTrails logo

www.shitexpress.com Open in urlscan Pro
2a0e:acc0::c34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal24hs.com/
Effective URL: https://www.shitexpress.com/?ref=portal24hs.com
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 76 HTTP transactions. The main IP is 2a0e:acc0::c34, located in Czech Republic and belongs to WEDOS-GLOBAL, CZ. The main domain is www.shitexpress.com.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.
This is the only time www.shitexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.240.28.194 20473 (AS-CHOOPA)
25 2a0e:acc0::c34 208414 (WEDOS-GLOBAL)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.239.94.121 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 152.199.19.160 15133 (EDGECAST)
3 13.227.219.58 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:25e... 16509 (AMAZON-02)
1 3.64.32.170 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 23.96.124.156 8075 (MICROSOFT...)
15 2600:9000:212... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
2 151.101.192.176 54113 (FASTLY)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 44.228.215.240 16509 (AMAZON-02)
76 21
1    80.240.28.194 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA, US)
PTR: 80.240.28.194.vultrusercontent.com
portal24hs.com
25    2a0e:acc0::c34 (Czech Republic)

ASN208414 (WEDOS-GLOBAL, CZ)
www.shitexpress.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net
platform-api.sharethis.com
4    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    13.227.219.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-58.ams54.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:25e8:9600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.64.32.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-32-170.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
w.clarity.ms
15    2600:9000:2127:e00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
25 shitexpress.com
www.shitexpress.com
642 KB
18 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4380
buttons-config.sharethis.com — Cisco Umbrella Rank: 4860
l.sharethis.com — Cisco Umbrella Rank: 4541
platform-cdn.sharethis.com — Cisco Umbrella Rank: 9179
63 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1282
q.stripe.com — Cisco Umbrella Rank: 7730
m.stripe.com — Cisco Umbrella Rank: 1245
148 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
w.clarity.ms — Cisco Umbrella Rank: 7494
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
c.bing.com — Cisco Umbrella Rank: 228
14 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
180 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1361
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
144 KB
2 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2338
52 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 portal24hs.com
portal24hs.com
284 B
76 15
Domain Requested by
25 www.shitexpress.com www.shitexpress.com
15 platform-cdn.sharethis.com www.shitexpress.com
4 connect.facebook.net www.shitexpress.com
connect.facebook.net
3 q.stripe.com www.shitexpress.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 bat.bing.com www.shitexpress.com
bat.bing.com
3 js.stripe.com www.shitexpress.com
js.stripe.com
2 c.clarity.ms 1 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 w.clarity.ms www.clarity.ms
2 www.facebook.com www.shitexpress.com
connect.facebook.net
2 www.clarity.ms www.shitexpress.com
www.clarity.ms
2 www.googletagmanager.com www.shitexpress.com
www.googletagmanager.com
2 ajax.aspnetcdn.com www.shitexpress.com
1 m.stripe.com m.stripe.network
1 c.bing.com 1 redirects
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.gstatic.com fonts.googleapis.com
1 platform-api.sharethis.com www.shitexpress.com
1 stackpath.bootstrapcdn.com www.shitexpress.com
1 fonts.googleapis.com www.shitexpress.com
1 portal24hs.com 1 redirects
76 23

This site contains no links.

Subject Issuer Validity Valid
shitexpress.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.shitexpress.com/?ref=portal24hs.com
Frame ID: 311CE9905674EE89DC508566D950214D
Requests: 67 HTTP requests in this frame

Frame: https://www.facebook.com/v14.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d7cc0702a297c%26domain%3Dwww.shitexpress.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.shitexpress.com%252Ff2712ef6b73d254%26relation%3Dparent.parent&container_width=1170&href=http%3A%2F%2Fwww.shitexpress.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&size=small&width=
Frame ID: D84258CCCCB4C4B31DDE58DB090F4AA1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 425849D7DAB75E5A63D885306BDBFE05
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 657D97404AA284B81A010351389107EB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portal24hs.com/ HTTP 301
    https://www.shitexpress.com/?ref=portal24hs.com Page URL

Page Statistics

76
Requests

99 %
HTTPS

55 %
IPv6

15
Domains

23
Subdomains

21
IPs

4
Countries

1379 kB
Transfer

3150 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal24hs.com/ HTTP 301
    https://www.shitexpress.com/?ref=portal24hs.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&RedC=c.clarity.ms&MXFR=3D098E88456F67F313239D61416F6923 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&MUID=340324B3B1F267CF1E5A375AB02066F5

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shitexpress.com/
Redirect Chain
  • http://portal24hs.com/
  • https://www.shitexpress.com/?ref=portal24hs.com
76 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
6af194cfb2e1f1541e3364b3bf84182204fd0b74954a826edd772299a501823d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=31536000
content-encoding
gzip
content-length
17974
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 17:09:53 GMT
expires
Tue, 01 Jan 2000 00:00:00 GMT
last-modified
Sat, 16 Dec 2023 17:09:53 GMT
pragma
no-cache
server
nginx
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
x-real-ip
2a00:c98:2030:a004:1::11
x-request-id
ecbe8c22ef6090a72ea072ddf2b0e7de

Redirect headers

Connection
Keep-Alive
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 16 Dec 2023 17:09:53 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.shitexpress.com/?ref=portal24hs.com
Server
Apache/2.4.29 (Ubuntu)
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300&display=swap
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20762aa0fe40492f41569768f84afe1a8a50f2ed1b54861f966ba12fe8aab763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 17:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 17:03:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 17:09:53 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/2.3.2/css/ 		124 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/2.3.2/css/bootstrap.min.css
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6e935ce392c19ab7d437852f8f7b702bea02fec8d901b3c42fde1764b97300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
3142996
cdn-cachedat
01/08/2022 12:41:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
67c7e5d4e2c4525b326db85e0e508a9a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
836889640bed3666-FRA
cdn-requestpullsuccess
True
custom.css
www.shitexpress.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shitexpress.com/css/custom.css
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
fed785e4e04a1f25c606be70811c5aedf4a55881cea842b5aba8b89c69e9fc1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
x-real-ip
2a00:c98:2030:a004:1::11
x-cache-status
MISS
x-greeting-message
Proudly served by WEDOS Global
content-length
2056
x-request-id
6007de9d9687fe4db2a9722ce7b90f2c
last-modified
Sun, 20 Feb 2022 10:13:03 GMT
server
nginx
etag
"18a7-5d8705c83735e-gzip"
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=30, private
accept-ranges
bytes
expires
Sat, 16 Dec 2023 17:10:24 GMT
sharethis.js
platform-api.sharethis.com/js/ 		205 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-121.ams1.r.cloudfront.net
Software
/
Resource Hash
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:04:01 GMT
content-encoding
gzip
via
1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
353
etag
W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
_VUKNUrhoTh_IRUdzPg9GPzsTk23Yf5Xo7vJUDWEDWV5oUMmo7ckOQ==
shit.jpg
www.shitexpress.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/shit.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
7ca2254c533db966aa907e863794e78d826eaf7a742710823391dd82486b2358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:53 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"3aaf-5d82abc571edf"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
15023
x-request-id
3a73492726a644651f290cc6fbd0adac
expires
Sat, 16 Dec 2023 17:10:23 GMT
packaging.jpg
www.shitexpress.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/packaging.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
a59a46bfda18526122864d6f45fff69a9a75350d0154d0bfd74c05c1c8b8b540
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"cf6f-5d82abc53f25f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
53103
x-request-id
56f6091a6abfd86845ca3073b05d8815
expires
Sat, 16 Dec 2023 17:10:23 GMT
terrified.jpg
www.shitexpress.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/terrified.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
128cbf33eaa72fda02963d9aa5a9c19f852f1c539f46d6a01b0e7bf62ca9f6d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:04 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"3324-5d82abc5ebfff"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
13092
x-request-id
73470de677bcd9ae4f23c1a14566f399
expires
Sat, 16 Dec 2023 17:10:24 GMT
logo_big.png
www.shitexpress.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/logo_big.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
d21c42e72c362d6ff066d02855b6b6f870b108386d403c1977001fd15626de0d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"1f70-5d82abc529a9f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
8048
x-request-id
83d3322c7704ed6248304ed01f948970
expires
Sat, 16 Dec 2023 17:10:24 GMT
scroll.png
www.shitexpress.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/scroll.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
4366918e8849b64cbdf8105e4be2a5520e4bbdbb1778825ce17c5077ec88960c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"83b-5d82abc56059f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
2107
x-request-id
01ef874cf83ad102189e33caaf0280e5
expires
Sat, 16 Dec 2023 17:10:24 GMT
circle1.png
www.shitexpress.com/img/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/circle1.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
d00776a0f2589f48b6fdeb17a80113f232bd6720f071cd034c6f0d64ee4dba79
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:02 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"1b334-5d82abc48c6fe"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
111412
x-request-id
465431e21e6325e0852e6defe3ed795a
expires
Sat, 16 Dec 2023 17:10:24 GMT
circle2.png
www.shitexpress.com/img/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/circle2.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
c9bfae9f175e97a7ba960f03a9bcb8c846a3bf0d6121fa6c38b071c8f1e96fe6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:02 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"15851-5d82abc4a2e5e"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
88145
x-request-id
74362bccb1c1456bec587d8fbe7e7df6
expires
Sat, 16 Dec 2023 17:10:24 GMT
step1.jpg
www.shitexpress.com/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/step1.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
c954d8dc618bff8285f0b9a94e2903652491bdcb3d836e67d4fcdef9c109cf72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"19a8-5d82abc5a89df"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
6568
x-request-id
3a8e56bc18c73aff20e5632a47608a74
expires
Sat, 16 Dec 2023 17:10:24 GMT
step2.jpg
www.shitexpress.com/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/step2.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
6e689014933e0d9d5e936d53a065a89bde00ba7d8fdf4209c15c9eae597d2fd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"20fc-5d82abc5ba31f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
8444
x-request-id
b158b45b1626f81cd3499c89a7f835ae
expires
Sat, 16 Dec 2023 17:10:24 GMT
step3.jpg
www.shitexpress.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/step3.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
83f4fe6fc058ff9a34fdc3a942dd43bdd1077604225c800e8f6c70d7500e9340
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"1734-5d82abc5c9d1f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
5940
x-request-id
eafef6b0b68153c09d54ba1b5e621c40
expires
Sat, 16 Dec 2023 17:10:24 GMT
step4.jpg
www.shitexpress.com/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/step4.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
fddc72f1898c86a42a692f08226e7cb3b5a19789e7e2141ce3c9c9f9072a4a27
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:04 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"2189-5d82abc5da6bf"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
8585
x-request-id
75256042c7bf9a3f555981528b5c3452
expires
Sat, 16 Dec 2023 17:10:24 GMT
box.jpg
www.shitexpress.com/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/box.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
57cd60ca7158e63c21a8e22d310b35fb51ae0676c753e3615afad391b1f26ccc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:02 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"6ef7-5d82abc46271e"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
28407
x-request-id
021eb9b9a923f41fcc1ef5dfbc765e07
expires
Sat, 16 Dec 2023 17:10:24 GMT
horse.png
www.shitexpress.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/horse.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
1718443a37497f70a5221532f927e73214f8afc1d1f50c1e984a1247f29589b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:03 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"c74-5d82abc4f6e1f"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
3188
x-request-id
f6925c5ee1a6bcb968fd75081d847829
expires
Sat, 16 Dec 2023 17:10:24 GMT
elephant.png
www.shitexpress.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/elephant.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
36e4295b65178072ce2417b5c4821b2fec7adfec4be356bd769652bb4d0db2da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:02 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"dd8-5d82abc4b479e"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
3544
x-request-id
87cbe37f198c279980ac3ed0a42cd139
expires
Sat, 16 Dec 2023 17:10:24 GMT
blank.png
www.shitexpress.com/img/stickers/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/blank.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
2e0834d6502aeec26df60c249081d03db7b327fa3201a0ba0c4753b91b1f7f6c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"47b-5d82abcfc1945"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
1147
x-request-id
09ec124949508c160ea960fccc22dc49
expires
Sat, 16 Dec 2023 17:10:24 GMT
heart.png
www.shitexpress.com/img/stickers/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/heart.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
93c3bad595e098eb71e5f60256c5688ca98b448945b98924b905005f502a43ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"2e96-5d82abcfef7a5"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
11926
x-request-id
e86f27964b0061228506ff90dec248bb
expires
Sat, 16 Dec 2023 17:10:24 GMT
smiley.png
www.shitexpress.com/img/stickers/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/smiley.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
d5440375ac3f602591ce53684b34c592118fb2aed008676e3f46260f3159c1a7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"3df7-5d82abd025305"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
15863
x-request-id
89bed6cde6b63c8f041c5374d64bb42a
expires
Sat, 16 Dec 2023 17:10:24 GMT
icecream.png
www.shitexpress.com/img/stickers/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/icecream.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
2cbb7fa2b2ef48906ad1da31a8df1925f93a466c3c0e611ac2763ad674843cdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"30e8-5d82abd008de5"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
12520
x-request-id
d856168dcc935911096a6fa24166b1ae
expires
Sat, 16 Dec 2023 17:10:24 GMT
santa.png
www.shitexpress.com/img/stickers/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/santa.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
a3cff90d5b36fde1463ad9aa14bf9583c5687e95eb5b746930f5e3e25d40fcd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"439c-5d82abd0139c5"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
17308
x-request-id
9fa5741cf728dadac2127e48f17835c4
expires
Sat, 16 Dec 2023 17:10:24 GMT
horse.png
www.shitexpress.com/img/stickers/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/stickers/horse.png
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
3c04bf40610765b83288c1c3563b4d6f7c41a17f1d7fb717e55c924dc88bfeea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Wed, 16 Feb 2022 23:09:14 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"3533-5d82abcffe205"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
13619
x-request-id
f4462986b02077965e1359e6225769ab
expires
Sat, 16 Dec 2023 17:10:24 GMT
testimonials.jpg
www.shitexpress.com/img/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shitexpress.com/img/testimonials.jpg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
33808d90816227922e18005065f9355a0bc88018c6e7df2d86425c18d09b5286
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Tue, 27 Sep 2022 13:31:37 GMT
server
nginx
x-real-ip
2a00:c98:2030:a004:1::11
etag
"2b6ac-5e9a8a9e66ab4"
x-cache-status
MISS
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-greeting-message
Proudly served by WEDOS Global
cache-control
max-age=30, private
accept-ranges
bytes
content-length
177836
x-request-id
c42c334a693d939fa05dc2ffaaf0a451
expires
Sat, 16 Dec 2023 17:10:24 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c46991815a8b7d6d2a102d21b529cf557bd33f65b44dff4bc309b0e5ba04f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.shitexpress.com/
Origin
https://www.shitexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 17:09:54 GMT
content-md5
QCgHOgerCFFYywZ2kVSxYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
ELWaidXlsxJgWuw2cERffrVcH4AC8RXXK5E0PurF+d3KW22mbl5u1T9mcaeEbrlPXmkz5ZO/AT+YBfv3pZfIeg==
x-fb-content-md5
3797f2ff516e8be80b0d69dff2f308fe
cross-origin-opener-policy
same-origin-allow-popups
etag
"8165ef8a94dfbe7081f2102066ac24a7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 16 Dec 2023 17:19:14 GMT
jquery-1.11.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.0.min.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48FD) /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30980042
x-cache
HIT
content-length
42837
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:49 GMT
server
ECAcc (ama/48FD)
etag
"f0aded4cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/2.3.2/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/2.3.2/bootstrap.min.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E0) /
Resource Hash
a515a82292b34bdde3447113634d5d496039ffd4d6a0c7382586f3c24e582645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
639575
x-cache
HIT
content-length
9875
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:54 GMT
server
ECAcc (ama/48E0)
etag
"623051e4cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
v3
js.stripe.com/ 		578 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:55 GMT
content-encoding
br
via
1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
last-modified
Sat, 16 Dec 2023 02:37:22 GMT
server
Cloudfront
etag
W/"758c8e94d5e04bf5f7c0956975acd740"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
pOIH0w6FnwRrO5g1K3OBapUUKM2tbVvvBVRBtwTXMZmbx-JYZZfelg==
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49541351-1
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c5de7870aae61454b25abfc5b48152c46755474fd2cca5abf527708be8783b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51579
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 17:09:54 GMT
matomo.js
www.shitexpress.com/matomo/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shitexpress.com/matomo/matomo.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/?ref=portal24hs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
x-real-ip
2a00:c98:2030:a004:1::11
x-cache-status
MISS
x-greeting-message
Proudly served by WEDOS Global
content-length
21441
x-request-id
26bdb55e90167246caaa2c9ed0b59293
last-modified
Wed, 29 Nov 2023 11:43:50 GMT
server
nginx
etag
"10132-60b490c810905-gzip"
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=30, private
accept-ranges
bytes
expires
Sat, 16 Dec 2023 17:10:24 GMT
568etika1n
www.clarity.ms/tag/ 		668 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/568etika1n
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8a246c1c428684e5b87fd24a819e23c172a0124a9be9980a6eb7e71ee63516b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Sat, 16 Dec 2023 17:09:54 GMT
x-azure-ref
20231216T170954Z-m2y94386kp23h4rzzqgtnyuwc000000001x000000001mruc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
668
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 16 Dec 2023 17:09:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ErClQVBJLAsio9KkQR7ZX2LXgk4K8ZTtZkmzUUnthIx8uY8rsK7dPMWo6O6JX9kmjU81PXA1JY60S24tkUJ/kg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 16 Dec 2023 17:09:53 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B050DC2D1AB49FFAA98EB11410C6C86 Ref B: FRAEDGE2018 Ref C: 2023-12-16T17:09:54Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.shitexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:01:29 GMT
x-content-type-options
nosniff
age
212905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 06:01:29 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=19ba8a33edb71b13c8e976e48ff9a208
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
551995f420a076e7fda96dc0fc23178ab80ed6dbd05efc6ad76b63034de8099f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.shitexpress.com/
Origin
https://www.shitexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 17:09:54 GMT
content-md5
sNR1fYhr9M8ed76TOAJi8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88322
reporting-endpoints
x-fb-debug
x9qdQTzpAtgs1HrodXAOQpAtTm9iiAnCfadoS9EaSApW5nO7yPXuIXz41SMhI6W7rkmoquFpjsAGqA+b6qFCiw==
x-fb-content-md5
800bc1ab3307c12b2eea135f89cfbb49
cross-origin-opener-policy
same-origin-allow-popups
etag
"ee1441f1178d0e02711feb3f886dac89"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 16:40:57 GMT
659855492032415
connect.facebook.net/signals/config/ 		141 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/659855492032415?v=2.9.138&r=stable&domain=www.shitexpress.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c58f54583ab4ae3f4b34d763b5be6143b90ab67e96f2c45df2958783b12bb46f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 16 Dec 2023 17:09:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
CapwKhdFwHtItF0cAIW5io0hqIiqBwN33soKHGHJU6wBYh7ef+gMyxASGbxmM6jhHgKSi95zw2qxryQsHMAQTA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
211015123.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211015123.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 16 Dec 2023 17:09:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D9A0DC0F560F457BB8F7FAE06DB74B71 Ref B: FRAEDGE2018 Ref C: 2023-12-16T17:09:54Z
x-cache
CONFIG_NOCACHE
642851fbd3abd700165c1908.js
buttons-config.sharethis.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/642851fbd3abd700165c1908.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:9600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3b9d69e74c491c5ec259585173358e12e7a8e51b2b2932f609e8518034890f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
via
1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 25 Apr 2023 16:50:02 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P3
age
54
x-amz-server-side-encryption
AES256
etag
W/"fa1640b568a4fd58073fbddc7f0bfff9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
x-amz-cf-id
4QfYuvW6v897wvwzBWVm5d9h1wpVGNEZ0blMEFHVXjF4WCHG3ulc3w==
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.shitexpress.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Shitexpress%20%C2%B7%20Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket%20%C2%B7%20Anonym%20Schei%C3%9Fe%20schicken&cms=unknown&publisher=642851fbd3abd700165c1908&sop=true&version=st_sop.js&lang=en&description=Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket&ua=&ua_mobile=false&ua_full_version_list=&uuid=5cf9f92b-2ca2-41a9-8e2c-6b4a40f69ebe
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.32.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-32-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 17:09:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.shitexpress.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
matomo.php
www.shitexpress.com/matomo/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.shitexpress.com/matomo/matomo.php?action_name=Shitexpress%20%C2%B7%20Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket%20%C2%B7%20Anonym%20Schei%C3%9Fe%20schicken&idsite=1&rec=1&r=009909&h=18&m=9&s=54&url=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&_id=68ad552da3f913ad&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=1TlNCw&pf_net=66&pf_srv=162&pf_tfr=25&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/matomo/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0e:acc0::c34 , Czech Republic, ASN208414 (WEDOS-GLOBAL, CZ),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.shitexpress.com/?ref=portal24hs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
x-real-ip
2a00:c98:2030:a004:1::11
server
nginx
vary
User-Agent
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://www.shitexpress.com
cache-control
max-age=300
access-control-allow-credentials
true
x-request-id
437dc352ac2a56856d02e7cb64128005
expires
Sat, 16 Dec 2023 17:14:54 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=659855492032415&ev=PageView&dl=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&rl=&if=false&ts=1702746594242&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702746594241.189400241&cs_est=true&ler=empty&it=1702746594137&coo=false&rqm=GET
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 16 Dec 2023 17:09:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/568etika1n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231216T170954Z-m2y94386kp23h4rzzqgtnyuwc000000001x000000001mrvb
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ee6321bd-001e-0046-1dad-2e1a5c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
w.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.shitexpress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.shitexpress.com
Date
Sat, 16 Dec 2023 17:09:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
like.php
www.facebook.com/v14.0/plugins/ Frame D842 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v14.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d7cc0702a297c%26domain%3Dwww.shitexpress.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.shitexpress.com%252Ff2712ef6b73d254%26relation%3Dparent.parent&container_width=1170&href=http%3A%2F%2Fwww.shitexpress.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&size=small&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=19ba8a33edb71b13c8e976e48ff9a208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shitexpress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 16 Dec 2023 17:09:54 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
R8IP1BN7Hz9O8B/MFSYTY+xshW3OL5UX4qT+UBVSk3tfAh6mE5urMQmd+lw/J2UjNKvQQwfhCEALGdyyFn39hg==
x-xss-protection
0
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:05:31 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
277
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
2iTe472IS5R3J11NORy4N3EZaBfjO4TqHeiiETQ9zgVv6TejOBj8LA==
tiktok.svg
platform-cdn.sharethis.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/tiktok.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bc19d8091eaf905a15f5654f5a5bde29b6500b855fdb2437c7389416cdb2145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 19 Oct 2020 20:01:25 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
207
x-amz-server-side-encryption
AES256
etag
W/"bf15612110adcf9b4267a5e77d4ef9d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
_YttMMivaHPJ_wOM9vwzBobh1bn3yfkNaGcZfPkItL1vOqg0o1oYaw==
instagram.svg
platform-cdn.sharethis.com/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/instagram.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a43f6b3cfa82b93f0da5035cd545d1d1ddd22c42b94a92fdda36ae1b303d1ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 09:01:58 GMT
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1757277
etag
W/"da6090b1b675f09ecfa36f0098ebe1c0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
CMUjKPrLBoooW18NtZtRcik5oCy8fakrGx84c-PZSFMDHAw841MraA==
youtube.svg
platform-cdn.sharethis.com/img/ 		738 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/youtube.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f3a42ccfe495e929036b2d088188905398eb6804f6f8aa31a6293c1434dd7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:16:26 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1284809
etag
"cc49b319ef1cd644b88b6b4d6901d041"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
738
x-amz-cf-id
srGKSZohKe-g0WkYvTtIVigJzx1uOROV5a7SRtNPzhs78cQK3zqdNA==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:59:56 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
2448565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
R9IkcQkiyYaAxSgFgn1_Z_ejRJJed2AG0DxR8iyEx26CbP0-JnOahw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:18:43 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
1515072
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
832
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"afe7fc60ed757db39a88d2950fce69c9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
1S5Wn_EQWfCuuMlf3bKWHBZbg99TI4mBto68oGLPJRKZMw2xYvdxsg==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 07:27:11 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2540564
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
343
x-amz-cf-id
RH90qjdgQ7nHocB3bPDiTKxonL3Un8pl64dwXKLKbQjXxhBpyEQxKg==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 06:16:26 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
2529409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
456
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"fa43b4ede18498b114fc7185993f6da7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
q0MB999S-eDlWYgeb-6dXhZWlObEOw9YJDaAiUN4HS_kkEwcdEBWaw==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:28:13 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
1024902
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
372
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"a5aa43fa302867d3e888ac2f69b7b288"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
yOCjzw3Ge3Oh-Yg_a9yQhx1VJuh8u9_4tWDt60GHxpSnS93OCnxvFQ==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:59:50 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
1296605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
910
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"78d796ca648d8a5e665b48ed0217c56a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
3XVyzbCnHJ5ay407Y9AMMRMW9n4OaXXv46XLro3vIG8UmaQbpjWDZA==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 12:23:23 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
1572392
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
771
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"2b10a062e719c64b686e2e8fcdc216dc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
dtBroo9VXifYCKSrfV8pWPftGxkQJNrG6DNO6g8I6EPMz9y41TjwUA==
snapchat.svg
platform-cdn.sharethis.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/snapchat.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61b99c3104f10a93c975fcfd28824d257bb9393a0297e89c0121a386ba5097f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:08:13 GMT
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:04:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
121
x-amz-server-side-encryption
AES256
etag
W/"1bdc4c8163b8b81a76e00b57b47bdc0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
j_bmwSTBEyIa74YwzJ-6cUsypwfXJstQyzFrTYHy1zqU0xWhPGh9jg==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 11:08:36 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
2181678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
514
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"deecdaa377907db5cc1722fc831670a1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
DZM2bCDyG7Gwm7tyLEGq2HnLp8E15LY-KabjjYPvW4JAKHvA2o3m3g==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 08:37:37 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2363538
etag
"b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
565
x-amz-cf-id
9Uk2N6PJesGxRJ1vgW_op3L5R1siw_mkrmisd6sFI8ohFK-fnFIFtg==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 00:29:15 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
2306440
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"9928d025bd5792b718ee0a185f62e67c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
hwhWUL8AjX5Sk92OLJDIa6yEuacW26aeaDMrlGPemLK5T4-nvIflNw==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 4258 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shitexpress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2446
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 16:29:10 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Thu, 14 Dec 2023 21:10:54 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id
smznT2g19QrVYZKFPUNsc_urXoywlnPRxDR_hnvBZJYjXZyNjtsnjA==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		287 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-99X7G2YKY4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49541351-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e48c8473ae8b097cd05719f71c00a3a1751bd75b327ad6dce32af432a126927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:09:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95514
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 17:09:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49541351-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 15:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4900
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Dec 2023 17:48:14 GMT
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211015123&Ver=2&mid=908d5ad7-6c61-4474-b62d-b4a940fb501b&sid=eeb63ca09c3511ee896d510e04704589&vid=eeb79d709c3511ee9f511dddcf0d6bfe&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shitexpress%20%C2%B7%20Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket%20%C2%B7%20Anonym%20Schei%C3%9Fe%20schicken&kw=scheisse,%20schenk%20scheisse&p=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&r=&lt=1261&evt=pageLoad&sv=1&rn=389747
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 17:09:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CE25A087D6854CCD9031B3403BD5BED5 Ref B: FRAEDGE2018 Ref C: 2023-12-16T17:09:54Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 4258 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 16 Dec 2023 17:09:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702746595276358
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1702746595275660
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4258 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 16 Dec 2023 17:09:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702746595275981
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1702746595275477
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 4258 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 16:45:05 GMT
via
1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1490
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 08 Dec 2023 22:43:11 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
johErwS2sSk3SjSOT9rI0HxgrH8cZ6DOiKtAPhSSUanvpqqWUTR-Cg==
inner.html
m.stripe.network/ Frame 657D 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
119
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 17:09:54 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
123
x-content-type-options
nosniff
x-request-id
cea8c302-8685-4e6a-97ab-d55e76552ab1
x-served-by
cache-fra-eddf8230086-FRA
x-timer
S1702746595.943453,VS0,VE0
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1051171853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&ul=en-us&de=UTF-8&dt=Shitexpress%20%C2%B7%20Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket%20%C2%B7%20Anonym%20Schei%C3%9Fe%20schicken&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2135471540&gjid=1089444609&cid=693597601.1702746595&tid=UA-49541351-1&_gid=292739336.1702746595&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1606160570
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shitexpress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:09:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shitexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-99X7G2YKY4&gtm=45je3bt0v879605100&_p=1702746594673&gcd=11l1l1l1l1&dma=0&cid=693597601.1702746595&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702746594&sct=1&seg=0&dl=https%3A%2F%2Fwww.shitexpress.com%2F%3Fref%3Dportal24hs.com&dt=Shitexpress%20%C2%B7%20Senden%20Sie%20eine%20Schei%C3%9Fe%20in%20einem%20Paket%20%C2%B7%20Anonym%20Schei%C3%9Fe%20schicken&en=page_view&_fv=1&_ss=1&tfd=1435
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99X7G2YKY4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:09:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shitexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 657D 		0
492 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.shitexpress.com
URL: https://www.shitexpress.com/?ref=portal24hs.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 16 Dec 2023 17:09:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702746595275880
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1702746595275536
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 657D 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 16 Dec 2023 17:09:55 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
41
x-cache
HIT
content-length
15509
x-request-id
fd0804b2-e455-46dc-861a-f1f2855bfa88
x-served-by
cache-fra-eddf8230086-FRA
server
Fastly
x-timer
S1702746595.012069,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
51
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&RedC=c.clarity.ms&MXFR=3D098E88456F67F313239D61416F6923
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&MUID=340324B3B1F267CF1E5A375AB02066F5
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&MUID=340324B3B1F267CF1E5A375AB02066F5
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shitexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:09:54 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:09:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E952DA09DBE64ABEA5E79A84BEC5179E Ref B: FRAEDGE2018 Ref C: 2023-12-16T17:09:55Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6E1E2B70A7F44D3B92D82A7DFE210108&MUID=340324B3B1F267CF1E5A375AB02066F5
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
6
m.stripe.com/ Frame 657D 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-215-240.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c9c9972fa687a3a03e16b592c66a0e48df4b50df1a3ea3412d8291423b9ddd23
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 16 Dec 2023 17:09:55 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702746595673672
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1702746595673143
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
w.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.shitexpress.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.shitexpress.com
Date
Sat, 16 Dec 2023 17:09:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Domain/Path Name / Value
www.shitexpress.com/ Name: ref
Value: portal24hs.com
www.shitexpress.com/ Name: _pk_id.1.77cd
Value: 68ad552da3f913ad.1702746594.
www.shitexpress.com/ Name: _pk_ses.1.77cd
Value: 1
.shitexpress.com/ Name: _fbp
Value: fb.1.1702746594241.189400241
www.clarity.ms/ Name: CLID
Value: e9bbd59bed5b4b7b95893d42b746b209.20231216.20241215
.shitexpress.com/ Name: _clck
Value: 755x0o%7C2%7Cfhl%7C0%7C1445
.shitexpress.com/ Name: _uetsid
Value: eeb63ca09c3511ee896d510e04704589
.shitexpress.com/ Name: _uetvid
Value: eeb79d709c3511ee9f511dddcf0d6bfe
.bing.com/ Name: MUID
Value: 340324B3B1F267CF1E5A375AB02066F5
.shitexpress.com/ Name: _gid
Value: GA1.2.292739336.1702746595
.shitexpress.com/ Name: _gat_gtag_UA_49541351_1
Value: 1
.shitexpress.com/ Name: _clsk
Value: 1b8vrvy%7C1702746594872%7C1%7C1%7Cw.clarity.ms%2Fcollect
.shitexpress.com/ Name: _ga
Value: GA1.1.693597601.1702746595
.shitexpress.com/ Name: _ga_99X7G2YKY4
Value: GS1.1.1702746594.1.1.1702746594.0.0.0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 340324B3B1F267CF1E5A375AB02066F5
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 340324B3B1F267CF1E5A375AB02066F5
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
m.stripe.com/ Name: m
Value: fe9dc37b-402c-45aa-9f2c-e3fa387309367c0e4a
.www.shitexpress.com/ Name: __stripe_mid
Value: 23cc76ed-6480-47e2-811d-132a5aabadfa4ead1b
.www.shitexpress.com/ Name: __stripe_sid
Value: 4906cc54-8024-4fba-bf46-877fe3dde7448810d6

2 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/659855492032415?v=2.9.138&r=stable&domain=www.shitexpress.com(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
bat.bing.com
buttons-config.sharethis.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
l.sharethis.com
m.stripe.com
m.stripe.network
platform-api.sharethis.com
platform-cdn.sharethis.com
portal24hs.com
q.stripe.com
stackpath.bootstrapcdn.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.shitexpress.com
13.227.219.58
151.101.192.176
152.199.19.160
18.239.94.121
23.96.124.156
2600:9000:2127:e00:1d:85c3:6640:93a1
2600:9000:25e8:9600:c:abe:f440:93a1
2606:4700::6812:acf
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a0e:acc0::c34
3.64.32.170
44.228.215.240
54.187.119.242
68.219.88.97
80.240.28.194
128cbf33eaa72fda02963d9aa5a9c19f852f1c539f46d6a01b0e7bf62ca9f6d2
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
1718443a37497f70a5221532f927e73214f8afc1d1f50c1e984a1247f29589b5
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1bc19d8091eaf905a15f5654f5a5bde29b6500b855fdb2437c7389416cdb2145
20762aa0fe40492f41569768f84afe1a8a50f2ed1b54861f966ba12fe8aab763
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2cbb7fa2b2ef48906ad1da31a8df1925f93a466c3c0e611ac2763ad674843cdc
2d6e935ce392c19ab7d437852f8f7b702bea02fec8d901b3c42fde1764b97300
2e0834d6502aeec26df60c249081d03db7b327fa3201a0ba0c4753b91b1f7f6c
2e48c8473ae8b097cd05719f71c00a3a1751bd75b327ad6dce32af432a126927
33808d90816227922e18005065f9355a0bc88018c6e7df2d86425c18d09b5286
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36e4295b65178072ce2417b5c4821b2fec7adfec4be356bd769652bb4d0db2da
3c04bf40610765b83288c1c3563b4d6f7c41a17f1d7fb717e55c924dc88bfeea
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f3a42ccfe495e929036b2d088188905398eb6804f6f8aa31a6293c1434dd7ac
4366918e8849b64cbdf8105e4be2a5520e4bbdbb1778825ce17c5077ec88960c
4c5de7870aae61454b25abfc5b48152c46755474fd2cca5abf527708be8783b6
551995f420a076e7fda96dc0fc23178ab80ed6dbd05efc6ad76b63034de8099f
57cd60ca7158e63c21a8e22d310b35fb51ae0676c753e3615afad391b1f26ccc
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61b99c3104f10a93c975fcfd28824d257bb9393a0297e89c0121a386ba5097f0
6af194cfb2e1f1541e3364b3bf84182204fd0b74954a826edd772299a501823d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e689014933e0d9d5e936d53a065a89bde00ba7d8fdf4209c15c9eae597d2fd4
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7ca2254c533db966aa907e863794e78d826eaf7a742710823391dd82486b2358
83f4fe6fc058ff9a34fdc3a942dd43bdd1077604225c800e8f6c70d7500e9340
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8a246c1c428684e5b87fd24a819e23c172a0124a9be9980a6eb7e71ee63516b8
93c3bad595e098eb71e5f60256c5688ca98b448945b98924b905005f502a43ae
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9c46991815a8b7d6d2a102d21b529cf557bd33f65b44dff4bc309b0e5ba04f10
a3cff90d5b36fde1463ad9aa14bf9583c5687e95eb5b746930f5e3e25d40fcd4
a43f6b3cfa82b93f0da5035cd545d1d1ddd22c42b94a92fdda36ae1b303d1ac0
a515a82292b34bdde3447113634d5d496039ffd4d6a0c7382586f3c24e582645
a59a46bfda18526122864d6f45fff69a9a75350d0154d0bfd74c05c1c8b8b540
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c58f54583ab4ae3f4b34d763b5be6143b90ab67e96f2c45df2958783b12bb46f
c954d8dc618bff8285f0b9a94e2903652491bdcb3d836e67d4fcdef9c109cf72
c9bfae9f175e97a7ba960f03a9bcb8c846a3bf0d6121fa6c38b071c8f1e96fe6
c9c9972fa687a3a03e16b592c66a0e48df4b50df1a3ea3412d8291423b9ddd23
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d00776a0f2589f48b6fdeb17a80113f232bd6720f071cd034c6f0d64ee4dba79
d21c42e72c362d6ff066d02855b6b6f870b108386d403c1977001fd15626de0d
d3b9d69e74c491c5ec259585173358e12e7a8e51b2b2932f609e8518034890f2
d5440375ac3f602591ce53684b34c592118fb2aed008676e3f46260f3159c1a7
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
fddc72f1898c86a42a692f08226e7cb3b5a19789e7e2141ce3c9c9f9072a4a27
fed785e4e04a1f25c606be70811c5aedf4a55881cea842b5aba8b89c69e9fc1e