vin-tech.info/fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html
161.35.255.96308 Permanent Redirect 0 B URL HTTP/1.1 vin-tech.info/fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html
IP 161.35.255.96:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html HTTP/1.1
Host: vin-tech.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://vin-tech.info/fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html
Date: Thu, 09 Feb 2023 11:04:12 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10177
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 11:04:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3691
Expires: Thu, 09 Feb 2023 12:05:43 GMT
Date: Thu, 09 Feb 2023 11:04:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 10:34:15 GMT
content-type: application/json
age: 1797
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5310
Expires: Thu, 09 Feb 2023 12:32:42 GMT
Date: Thu, 09 Feb 2023 11:04:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6P6IRMwFACgm6r2TVgqEK6BiUcDrmT+fKgrTmhYGT/o1iQtFuRNcR4hoqhJ+T7lm0GCNVc9bfY=
x-amz-request-id: CGD0J38DM8PZ5J5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 10:46:22 GMT
age: 1070
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:04:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vin-tech.info/fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html
161.35.255.96302 Found 341 B URL HTTP/2 vin-tech.info/fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html
IP 161.35.255.96:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 857856da3836dfc0f2eb21bc8d1d19cb
88d57b5cc0e4e91c986a9061ab1de8b471f8493b
f2f652837105d7e2bb3047b3ff34962118df2d41cf480e40146ee9f162677a09
GET /fr/de/de/fr/fr/de/fr/de/nl/nl/fr/fr/de/fr/index.html HTTP/1.1
Host: vin-tech.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 796c1f793fb21855-EWR
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 11:04:13 GMT
location: https://t.ly/?error=DomainNotAllowed
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QZjGZ7pLq2%2F4%2BhoENLlIPSRHNNrMPcx2HNrREg2EZsVlS4dIIYoFGhJfNu4pQLRAu44vjbzsVYBQwTyNVI8uVgR3%2B2GVbjsiCq9zoZVWx3I5tstMYVhwgQ%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
content-length: 341
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 10:14:53 GMT
age: 2960
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 305e1917022c7051064d78b833eec4fa
ea842aef8a58de1feccee9b19c6cc33bc3626d9a
26c378b0b41843239271619ee14489552af6e9a3d50e8478099546972ba87495
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Last-Modified: Thu, 09 Feb 2023 09:22:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5112
Expires: Thu, 09 Feb 2023 12:29:25 GMT
Date: Thu, 09 Feb 2023 11:04:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 305e1917022c7051064d78b833eec4fa
ea842aef8a58de1feccee9b19c6cc33bc3626d9a
26c378b0b41843239271619ee14489552af6e9a3d50e8478099546972ba87495
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Last-Modified: Thu, 09 Feb 2023 09:22:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
t.ly/img/browser/firefox_64x64.png
104.26.13.201200 OK 3.0 kB URL HTTP/2 t.ly/img/browser/firefox_64x64.png
IP 104.26.13.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f017d8559134ffec2900caeaa5962c0b
24672fe2a34e00f26b9f448642fd6d89c7ff5680
4f4a27a54345888d41909cf83309a3bc6ec4d324ba7e29ae6d4754aa3dd8e31a
GET /img/browser/firefox_64x64.png HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: image/webp
content-length: 2998
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3274
content-disposition: inline; filename="firefox_64x64.webp"
vary: Accept
etag: "63e3bb5d-cca"
last-modified: Wed, 08 Feb 2023 15:10:21 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1334
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMwlanPlxjCcWfMoa91sFSJGykMPwoTMCr6AgfpSYLp0GnMvm4yu8XQCp2i0WNn7yvtOBrfVHzyh%2BdMM42Ja70ek38Fmz1XQBuP%2BW9UBVtVvSlHzrw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d8d5c0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3K6pZ2+dkNwLtF0+4zyFsA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kSlyei/UCpzO7WHJUwkhje3MTAg=
t.ly/img/browser/opera_64x64.png
104.26.13.201200 OK 2.0 kB URL HTTP/2 t.ly/img/browser/opera_64x64.png
IP 104.26.13.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c9389f85020de4cad8f45794b95ee0c3
f76316d6a7101a51c3f3457af6728f136ead09d6
5f71d6c6083aaa4869c68ec66708e5ed44807e623ab0c941bb1ed031bfe4a0ac
GET /img/browser/opera_64x64.png HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: image/webp
content-length: 1994
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2376
content-disposition: inline; filename="opera_64x64.webp"
vary: Accept
etag: "63e3bb5d-948"
last-modified: Wed, 08 Feb 2023 15:10:21 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGIqtAuzFGNfTHZ2KIAXytnxE%2Bh4Om7jqnBNDGekE4V74Z%2Bj6N796kd78hfbkTewo6VtIaQIh0Ma8tADDXVWRYkVO6%2FYl4uF8b5O2ribLH%2B3fNFaSyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d8d5e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.ly/img/browser/chrome_64x64.png
104.26.13.201200 OK 2.2 kB URL HTTP/2 t.ly/img/browser/chrome_64x64.png
IP 104.26.13.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7087b8eba5f53a3a9536cf00ccd6f805
c459c971470b39d80b11a5f1b8900fa3d6deede9
60de181a4b72ce251389d7f66b2243f52f1779c96b79f5288c2cdd34fcf8b48c
GET /img/browser/chrome_64x64.png HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: image/webp
content-length: 2212
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2551
content-disposition: inline; filename="chrome_64x64.webp"
vary: Accept
etag: "63e3bb5d-9f7"
last-modified: Wed, 08 Feb 2023 15:10:21 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdNHKeN4msP4%2Bs8AN7e%2B9ZOjAOU8%2FdvS73LP5WM%2BZ7zDwQAvzr9pvVLKdiUnS9o%2BYiKTCxDB6Ohj4Ah72dldMAzExIzBSo8YcWZ0nvC8z4v61U2HuH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d8d5a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.ly/img/tly-logo-sm.png
104.26.13.201200 OK 4.3 kB IP 104.26.13.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 66532122686fcaaa55d628b10943da6c
52a9d5e1871f5f9ba353d8c79fcd1d0fbbf0957a
1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04
GET /img/tly-logo-sm.png HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: image/webp
content-length: 4294
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=10096
content-disposition: inline; filename="tly-logo-sm.webp"
vary: Accept
etag: "63e3bb5d-2770"
last-modified: Wed, 08 Feb 2023 15:10:21 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-1
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFnfx5OBV%2Fadc4uCW%2BTMDuhX9SG%2BSyKi%2FBt4WhEzkjUtdYKsT07dFVEipO1FrtDcXBKmSjrq%2FwXNT%2FtxK5PMp%2FmEJCyCiC5B8HPlqsVoIsleJ9ipX0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d7d550b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.ly/img/browser/edge_64x64.png
104.26.13.201200 OK 4.1 kB URL HTTP/2 t.ly/img/browser/edge_64x64.png
IP 104.26.13.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 65d5e0253856a24d7e34893955e15742
2da3b6e94409ae39a957d31b1174bceb039ebfad
02465205a59729adf404a9d6311f5921f1f3c9a0d9a52836f7d3386612a6257a
GET /img/browser/edge_64x64.png HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: image/webp
content-length: 4130
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6372
content-disposition: inline; filename="edge_64x64.webp"
vary: Accept
etag: "63e3bb58-18e4"
last-modified: Wed, 08 Feb 2023 15:10:16 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-2
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJW7HvT%2FPtBITGn2Wo3VQw64ZMXmkLhdjge5cPjbOobFSsWh5BBDEYT1viZAE0ibKRbtYGWLy%2BKs%2BNsD5rH5UsEKR64TOwQoA474xDjXUOIZvaT1FuI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d8d5f0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b8ad5b23aac490c2e9ccbac5a9dbcc6b
ef73076be963061b44563356cb33201e401f65e8
92d2469a14b9fe0eb637029f9f2782228441a65c44feb1a37b73ccc606e2b55d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2615
Cache-Control: max-age=122666
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Etag: "63e40520-117"
Expires: Fri, 10 Feb 2023 21:08:39 GMT
Last-Modified: Wed, 08 Feb 2023 20:25:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 473745
expires: Tue, 30 Jan 2024 11:04:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQyXzR3U9bJ3LcAYxIBI2I3MT%2B3iryCYpEWBnPkfJwKpmgv79m9g1JP4xC5LVjYI2BqkG6CK42majZzPi4DYSTlemGQtlj5%2BHCfmJcgGVo173MMc7vTDhGmNItUU6OPBMD61MMRt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796c1f7eea7f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.ly/css/app.css?id=8aaf42fee5ffad235104
104.26.13.201200 OK 46 kB URL HTTP/2 t.ly/css/app.css?id=8aaf42fee5ffad235104
IP 104.26.13.201:0
File type ASCII text, with very long lines (65464)
Hash 29ccf208425412a4faacbb781b653264
bcf36ce7f7b50248010ccf88f9870de30ad75381
60e40fdc4be86a52f5bca7e5c03771d4058a46a7adfb605bbda99ed8c810d772
GET /css/app.css?id=8aaf42fee5ffad235104 HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63e3bb58-3bf40"
last-modified: Wed, 08 Feb 2023 15:10:16 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-2
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FFsQa2I13VjnjUu0yZbMIL6DlUGc3jwsLtfN%2FPMehGwvP%2FVU0g7A10DpRFIGKmnS1sz5QyFylfhUqFk%2B2HEOt8wMW2d%2FyfzhDRsehj3%2Bh1Mp5jxWCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7d7d520b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-89207177-8
216.58.207.200200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-89207177-8
IP 216.58.207.200:0
File type ASCII text, with very long lines (1759)
Hash e8ba1de0a1110075a3f8f8dfb6de22d5
b3319e47035a4644c014fa3bdc8159d8099a32b9
d4d01c4825c2bc7c0efbd6a9524df25416fd729d4996b9dffebcc96f87447458
GET /gtag/js?id=UA-89207177-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:04:13 GMT
expires: Thu, 09 Feb 2023 11:04:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10875945736
216.58.207.200200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10875945736
IP 216.58.207.200:0
File type ASCII text, with very long lines (4048)
Hash f7626d3ba441f29b092250a930941594
2a6e86b1c799c904c9e83f6fc4a568d2b55eed5f
c0e465c8fa78a5515c88056bc3370e3392c3a507f86a8cae8c813d35f86cd23e
GET /gtag/js?id=AW-10875945736 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:04:13 GMT
expires: Thu, 09 Feb 2023 11:04:13 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
IP 142.250.74.162:0
File type ASCII text, with very long lines (3649)
Hash 7b974c1493245de811d844fc555f23ea
b73345fe2362357fe2ec5ea20db92358b607624d
32972155765b468ce4212f81f06313500ab71fa81b253676a727b8631f6c8bba
GET /pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://t.ly
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:04:13 GMT
expires: Thu, 09 Feb 2023 11:04:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12611297162740803691
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Cookie: _GRECAPTCHA=09AOAFDwyNoQJgeSIKbubOQmhU3XXv-Da-YgzI5tQOH6PuZqzzUxAX65qfdReAt9X7A0yt8xZ1f8vkABaQu2RTY60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 09 Feb 2023 11:04:14 GMT
date: Thu, 09 Feb 2023 11:04:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8ebcb7faaed1aed275622035341db03d
28c2300afe42d8ada80fa67904c62d21331e7382
a5a930f066f2834547c8042b447e18b88452fdc7c9dd69c7166f4afacbcc0075
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:04:14 GMT
Last-Modified: Thu, 09 Feb 2023 09:54:59 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SenTQud_xT68zr4qu_Xo-ek1_3YB3OoUTu7HmvebEmt0SqJKSdqJ5Q==
Age: 4155
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.wdfl.co/rw.js
54.230.111.119200 OK 5.1 kB IP 54.230.111.119:0
Hash 0df1bebea561d61d0fc5e811315ce777
00bdd746916fe2e09225847dd52d82dbb97befc6
30cf7ea9e18c80ce23dc1276f84dfa0e4285d1de229da14c96b6367617419c92
GET /rw.js HTTP/1.1
Host: r.wdfl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 08 Feb 2023 12:48:24 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Feb 2023 10:49:00 GMT
cache-control: max-age=3600
etag: W/"a313b446cba8269f49231874f8293b74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G3UB2wOcz469R15auyho0gc9Vz7DND2RK6RWXexmbupSzSIUDaQ-lg==
age: 914
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,600&display=swap
142.250.74.74200 OK 34 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600&display=swap
IP 142.250.74.74:0
Hash e9f4d30ad17d1ab52d765dfeea0844e7
5cfc29a9de5103e198fd344c3d0dc0590e3a9054
9ba0b18e59bfe917a49335c32fafce53096b2429514c6c7a761fb0a48265fe88
GET /css?family=Open+Sans:300,400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:04:14 GMT
date: Thu, 09 Feb 2023 11:04:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230207/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:23:01 GMT
expires: Wed, 22 Feb 2023 18:23:01 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 60073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1675940713281&cv=11&fst=1675940713281&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&auid=1617117760.1675931657&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 920 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1675940713281&cv=11&fst=1675940713281&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&auid=1617117760.1675931657&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2001), with no line terminators
Hash b2729771e8583d1425d43e4d4013a0b2
69262f2ca541e2835cf3c9bbd5863cd50c1c595a
e143e8095515010492536159f881458c422755359348e074e6a4c37de6e68757
GET /pagead/viewthroughconversion/10875945736/?random=1675940713281&cv=11&fst=1675940713281&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&auid=1617117760.1675931657&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:04:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 920
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 11:19:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://t.ly
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 16:53:21 GMT
expires: Wed, 07 Feb 2024 16:53:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 151853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 09:45:20 GMT
expires: Thu, 09 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 4734
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Thu, 09 Feb 2023 12:09:33 GMT
Date: Thu, 09 Feb 2023 11:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Thu, 09 Feb 2023 12:09:33 GMT
Date: Thu, 09 Feb 2023 11:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Thu, 09 Feb 2023 12:09:33 GMT
Date: Thu, 09 Feb 2023 11:04:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 7e2b1875-ecf9-4ee9-8d5a-a911fdd28d16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AColKGwOIAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42153-097b982244d3ad7b6f49a392;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uvdg9MhYDsR9aC-s_chZDKp7_5RzhQfTwXZ0epZVW7TUVdrdADUEfQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 03:49:25 GMT
age: 26089
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 48570
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8BUL5SSz4_Jh8-i92w6IGXQEnW6RH2580LbDBIul4S45Mtji53ieTw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:06:10 GMT
age: 46684
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 80566
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa8bb3f20238f62a7a6ebb5d0985192a
f6b3839bfb0cf51d63e9eff2de402495906cd19b
db5ad61fdd000a13b6c8952d1614a6ab18e5f7104270d6471df96f773dacf4e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 92d41e06-632b-43f9-828e-268bc024875c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGuESYIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f7-599e0f7d327a69921d447f7e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ouX4yFdSvKvEUowCAqs8iTO2SOZuEFa2dGuMDeb_pygK0DbvS8XlHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:10:46 GMT
age: 46408
etag: "f6b3839bfb0cf51d63e9eff2de402495906cd19b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 73706
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10875945736/?random=1675940713281&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1566872665&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10875945736/?random=1675940713281&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1566872665&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10875945736/?random=1675940713281&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&tiba=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1566872665&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:04:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Hash bcf3a3fb620dfbee774f84e2c8e71530
40a79d240acdd7e5a95e165515ac7c0958a37971
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://t.ly
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 15:42:42 GMT
expires: Wed, 07 Feb 2024 15:42:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
age: 156093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=t.ly&callback=_gfp_s_&client=ca-pub-5561763581314444&cookie=ID%3Db13a04c93b966a29-222bc594a2db00d7%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q&gpic=UID%3D00000bb2b970e47b%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
216.58.207.226200 OK 32 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=t.ly&callback=_gfp_s_&client=ca-pub-5561763581314444&cookie=ID%3Db13a04c93b966a29-222bc594a2db00d7%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q&gpic=UID%3D00000bb2b970e47b%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash e003723bb43e8e216426c5cd897b3a9f
85f6260d04937794cddbf58b46caa5dd7a7dd489
ebb110f380b85f1eadd52e180b12c2ad3c10bba0edddda63a3a79d4ca3673b78
GET /gampad/cookie.js?domain=t.ly&callback=_gfp_s_&client=ca-pub-5561763581314444&cookie=ID%3Db13a04c93b966a29-222bc594a2db00d7%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q&gpic=UID%3D00000bb2b970e47b%3AT%3D1675931599%3ART%3D1675931599%3AS%3DALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 11:04:15 GMT
server: cafe
cache-control: private
content-length: 32
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=t.ly
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=t.ly
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=t.ly HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 11:04:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=t.ly
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=t.ly
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=t.ly HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 11:04:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89207177-8&cid=693954906.1675931658&jid=903450323&gjid=1770829631&_gid=1938909062.1675931658&_u=QACAAUAAAAAAACAAI~&z=407680664
64.233.164.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89207177-8&cid=693954906.1675931658&jid=903450323&gjid=1770829631&_gid=1938909062.1675931658&_u=QACAAUAAAAAAACAAI~&z=407680664
IP 64.233.164.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89207177-8&cid=693954906.1675931658&jid=903450323&gjid=1770829631&_gid=1938909062.1675931658&_u=QACAAUAAAAAAACAAI~&z=407680664 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://t.ly
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://t.ly
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:04:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a9c5a278f07b138c1503ea3f0ec3797e
d36fe8427bd7ba735b06e69469ef715d1600da4e
978b6a189d73e308e1d79ac9241b2e1d07c43bc9ec65e2f4112ed74f143e342b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:04:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 09 Feb 2023 11:04:15 GMT
expires: Thu, 09 Feb 2023 11:04:15 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7>m=45je3280&_p=415419238&cid=693954906.1675931658&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675940714&sct=3&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&en=page_view&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7>m=45je3280&_p=415419238&cid=693954906.1675931658&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675940714&sct=3&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&en=page_view&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-W1D48QS4F7>m=45je3280&_p=415419238&cid=693954906.1675931658&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675940714&sct=3&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%20-%20URL%20Shortener%2C%20Custom%20Domain%20%26%20Short%20Link%20Management&en=page_view&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://t.ly
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://t.ly
date: Thu, 09 Feb 2023 11:04:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato&display=swap
142.250.74.74200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato&display=swap
IP 142.250.74.74:0
File type C++ source, ASCII text, with very long lines (1688)
Hash 7fd876b71f328842e6d556db7a8d4ffe
2fc2bcfa8c44405b16d07b2e9880de72af92b01b
7129e2701c21d059895b7b630ab3fb16e2fde037f176c5765ddc441a32455b4e
GET /css?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:04:14 GMT
date: Thu, 09 Feb 2023 11:04:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.13.201200 OK 0 B URL HTTP/2 t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.13.201:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 18:52:43 GMT
etag: W/"63e14c7b-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xw%2FEGydV6KlXOiopY5z%2B79mb6rNFuVcjL7IsDvhevaBIlI9U8ZEONMi%2FBdjENZ8wg69aA3gU%2Ff52ZXoE2%2BoLR1KliBswOFYwKoI9mEfEGJ2Ot3PCBw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 796c1f7d7d500b61-OSL
x-frame-options: DENY
expires: Sat, 11 Feb 2023 11:04:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.26.13.201200 OK 0 B URL HTTP/2 t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.26.13.201:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/?error=DomainNotAllowed
Cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 18:52:43 GMT
etag: W/"63e14c7b-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIdAZo7pfYpK5GDnNgAar6jYrhmALEQ3VtpOwIalDMxDk42Ih9Ddd7YK1qnuzcuarRdmpvaFIvWWzEhS6PIdPKsEC8p70kMDZQO%2FB3iZb315QOlJeKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 796c1f7d8d560b61-OSL
x-frame-options: DENY
expires: Sat, 11 Feb 2023 11:04:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lobster&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lobster&display=swap
IP 142.250.74.74:0
GET /css?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:04:14 GMT
date: Thu, 09 Feb 2023 11:04:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap
IP 142.250.74.74:0
GET /css2?family=Nunito+Sans:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:04:14 GMT
date: Thu, 09 Feb 2023 11:04:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.ly/?error=DomainNotAllowed
104.26.13.201200 OK 0 B URL HTTP/2 t.ly/?error=DomainNotAllowed
IP 104.26.13.201:0
GET /?error=DomainNotAllowed HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJLY0kzd1FsbG5ZR2Z2Wk1GbW5IMGc9PSIsInZhbHVlIjoiU09NMkFmY0lMRDNrYXdxcGVMVEJBQnQ4cDlQM0ZvejBFQjhaSm5vTUx6dHhja05neUlWQUFuNlpaQWttaEpZZVl4b01UakZ0TmVLOWtzNDNTdFcvNWFka2VuaVJYbWtSZ0wwajZRQ0d1Z1JwaVM4YlZ1bUVjaFZUR2xyNktkZFgiLCJtYWMiOiJjNTc5YWNhZmQyNjM2MTFjYWMwMmQxYWQ1MzdhYmQ3N2I0MTVkNmI1YWM5ZDFhYmU3NzE1OGRmMjU0ZmY5Njg2IiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6InNOSGpnOGw4R1N5M010YlRuQXV1SGc9PSIsInZhbHVlIjoiWE1KQ2FZQTZJM1NzN3RCc0d5OFJ6RXg1ZWxtQS9BY25YWkRKY3lMWnZsM0tNYnp1WGVGckpwcGd3RVNMZndFU245R09meTlCL2Q2bUhRaWpLQzhZQ3o5Qm5pa2xrc0lmTmJmNVVweHR1TmZuSGpha1BDdk5vOWpXRWRJY3MvRE4iLCJtYWMiOiI5ZTc0YjhmZGZkYjc2N2Q0ZjMzOTEwMWU3ZDQwZDVjZmNjMWIwNzE4YzkxMmE0NTZiZjE5MzNlYjZhYmQ3NzM4IiwidGFnIjoiIn0%3D; _gcl_au=1.1.1617117760.1675931657; _ga_W1D48QS4F7=GS1.1.1675936880.2.0.1675936887.0.0.0; _ga=GA1.2.693954906.1675931658; _gid=GA1.2.1938909062.1675931658; __gads=ID=b13a04c93b966a29-222bc594a2db00d7:T=1675931599:RT=1675931599:S=ALNI_MYFjVjmsP_fof_1yWTt6HH7akTe3Q; __gpi=UID=00000bb2b970e47b:T=1675931599:RT=1675931599:S=ALNI_MZzq6keaKWd0FYy3855ZTmU6GhfEA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:04:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-2
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IkR6Tm5DS0hzR3lvSXRDYzlsUXZLaFE9PSIsInZhbHVlIjoiNXdSV2U3NlZxdDNXUWlGMmFVMURaZVVkMHYybE9lK1hVMnpRWnZvMy9tTFlCWDE0eHNMN2ZxNGJDZHRjWmZGS05aNGVSVEV3RzV2V0MzOWdUaUlBWmEwLzhSY1pudld4Ym9ZQnpURDcydlBtRUU4OEVZSml2RzYrdnkrUkRSaHkiLCJtYWMiOiJiOTIwNDdhYTI3NzNlN2U3MjRkZGUwNzMxMWEwNjM3ZDg5MWEyNTY0YTg0ODBhNmUwMDI1YzBmNTljZmUzMGIxIiwidGFnIjoiIn0%3D; expires=Thu, 23-Feb-2023 11:04:13 GMT; Max-Age=1209600; path=/; secure; samesite=lax
tly_session=eyJpdiI6InlrUjhJQzNvK3RaVUVkOHRVelhjTlE9PSIsInZhbHVlIjoiK0cxTHFEalVzN0c0aW03VC9Rdmd1elJjSGc0OHQ5UkVyalQ3b0VTV3RpdU9iK2ppZkZhYmpMeXRFUGQvSFkwSmxyQW5LN1BjYnRJSmFSZERvVjdJUmhQdmZsdzk2bGR5eXpRREJLMTZRcm90Mm43Z3R5ZldPS1VOV0tDQXYxNTYiLCJtYWMiOiJkM2U4YWIzZDBmM2FmMzZhYmE4YTk2ZWMzN2I4NjZlN2RjOTRkYjgzNmMwNTEyODMyOGM1ZjBhNWY0ZThhMTgwIiwidGFnIjoiIn0%3D; expires=Thu, 23-Feb-2023 11:04:13 GMT; Max-Age=1209600; path=/; secure; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TihzLr0dFiYPzQOtLi9jhW3sG2Z3zBQUfz93K125%2FAf989Z%2BMlGdGBBls%2B42NLV5IxIqYw%2BEzBubEQVj41FFrlCH5MHUC1tQpzVC%2BPLr%2F62tv0S7UD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 796c1f7adaa00b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2