r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7063
Expires: Thu, 09 Feb 2023 00:01:13 GMT
Date: Wed, 08 Feb 2023 22:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18140
Expires: Thu, 09 Feb 2023 03:05:50 GMT
Date: Wed, 08 Feb 2023 22:03:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:36:44 GMT
content-type: application/json
age: 1606
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8772
Expires: Thu, 09 Feb 2023 00:29:42 GMT
Date: Wed, 08 Feb 2023 22:03:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JTziMdfiFRj4vZXshBFLOmJ0IMKHrB3hCN5wyB/RgEhgiFhvmrm8cvmkyZD0KobRBabYyCP5I+A=
x-amz-request-id: H22KQ75WNZNR4GBS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:36:06 GMT
age: 1645
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
11-youtubee.xyz/fchOgmS
302 Moved Temporarily 994 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 722ad502cd1775462f53899ed7ad7c67
26638b91f6adbdba28a235072f061d20b52a51ea
2a1df0c0082230b60952a1d864d283de601c29f39349097c722d18d2629934cd
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fchOgmS HTTP/1.1
Host: 11-youtubee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 08 Feb 2023 22:03:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:03:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 78f14daea20aae3b19649a7a38f33c42
c6baf05ebee01c0878bbaed628714917732b6df8
d3521d80e0f86eef7a12aa5d2b2ae1664fea63b69230cab27a579d50f9b46b90
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:03:31 GMT
Last-Modified: Wed, 08 Feb 2023 20:36:09 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IUVVUrh1FnlTt50asrA7mu-uFeIKz_rfYj_0eTmccUdYhwRVtLwFEQ==
Age: 5242
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 78f14daea20aae3b19649a7a38f33c42
c6baf05ebee01c0878bbaed628714917732b6df8
d3521d80e0f86eef7a12aa5d2b2ae1664fea63b69230cab27a579d50f9b46b90
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:03:31 GMT
Etag: "63e3ae02-1d7"
Last-Modified: Wed, 08 Feb 2023 20:21:15 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8qfwrPDxBd4BzHsKALnh69iZNL-YZ7LEwNeYt_XJsQGsaErrzuNS5Q==
Age: 6136
free-url-shortener.rb.gy/favicon-32x32.png
200 OK 1.6 kB URL HTTP/2 free-url-shortener.rb.gy/favicon-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bd801f8e3276dc3f46d846324b3b20c
e7b017eb108cb737dfb51011d64b0a8e798d2ede
be6971c51ef562eb76b49115585e8e51b54f1d47a4a298223467ffa9686c5910
GET /favicon-32x32.png HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://11-youtubee.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1562
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 9Nr68geMrFtH025ys.wLeJG1W6TUgYVE
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 12:24:13 GMT
cache-control: max-age=36000
etag: "6bd801f8e3276dc3f46d846324b3b20c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gWWAzfwZxIYVbjrkDAe-MdySvj3SErdCXuQ05n3Yr9Y5vznaE8ITKA==
age: 34759
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 2919
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4581
Expires: Wed, 08 Feb 2023 23:19:52 GMT
Date: Wed, 08 Feb 2023 22:03:31 GMT
Connection: keep-alive
free-url-shortener.rb.gy/images/free-url-shortener.jpg
200 OK 317 kB URL HTTP/2 free-url-shortener.rb.gy/images/free-url-shortener.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 747x419, components 3\012- data
Size 317 kB (316974 bytes)
Hash 4cec1fb14b2528ab37d00b6071ecda20
45e389cc081f9d42bc2463322ef1c4b3a58cdfb8
0c6963527056b2f65cd71433656d3ae6c5d92040300b6002747452a53c255da4
GET /images/free-url-shortener.jpg HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 316974
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 7K7r7bAvPd396xtTkRndcEfP3d69M7_H
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 17:30:19 GMT
cache-control: max-age=36000
etag: "4cec1fb14b2528ab37d00b6071ecda20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _tI2o3xwQq54kqx317IUAjdPrLx0qkW56GhkF7tvev3SE3zOQqvwPA==
age: 16393
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/images/bitly.svg
200 OK 621 B URL HTTP/2 free-url-shortener.rb.gy/images/bitly.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- exported SGML document, ASCII text
Hash 358ecaeafb416abb75b977a271527e96
8bb961fe33beb75a2c8f04123695cae8967360bf
c56bd010ed5e04501184f06346504f7dc3aebdcd00038afd180d80edb72163fe
GET /images/bitly.svg HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 621
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ySPV4W.gBPzjqzIKhZsC9Z1.SFgD7jH2
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 16:58:13 GMT
cache-control: max-age=36000
etag: "358ecaeafb416abb75b977a271527e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BUqkfMw9iet6X0Zn-WdNTg1CYLDY_b1B70FtuuwmpZYpvPcVZMMmNA==
age: 18319
X-Firefox-Spdy: h2
use.typekit.net/waw8itp.css
200 OK 723 B URL HTTP/2 use.typekit.net/waw8itp.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash e5bdf0bc0e7ab99278bcc3c3956d03e3
d20ab16cbfaaffe8eba62be488ec8906aa3cf839
acc13ac7c0e24b8ea2eaf1d7079d5b38b37c8f209be5eddc848d611a49eea191
GET /waw8itp.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 723
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/
200 OK 57 kB URL HTTP/2 free-url-shortener.rb.gy/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash fc201a14dd9827791b997d5068e4f842
cda0a161c169e1567c6be5a844f5b628c60cb6d7
b1ad9bd33546e5719d46c759ea2d3193447b7b9773a7036b4ee4c227ea5b14e5
GET / HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://11-youtubee.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 19 Jan 2023 12:26:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ntJ9wnAO75sfIDulSCOdM4vtFHwHZ84V
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 22:03:32 GMT
cache-control: no-cache
etag: W/"c5fa3a1734e1bf38dae33984e98be4f6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2dtqaZetceWnTbTSHCuWp3eG2e89h8VpzOmdIjR7Om9VA3xnus6QOg==
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=waw8itp&ht=tk&f=173.175.5474.5475&a=1019361&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=waw8itp&ht=tk&f=173.175.5474.5475&a=1019361&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=waw8itp&ht=tk&f=173.175.5474.5475&a=1019361&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=gpn2grf&ht=tk&f=173.174.175.176.5474.5475.25136.25137&a=1019361&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=gpn2grf&ht=tk&f=173.174.175.176.5474.5475.25136.25137&a=1019361&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=gpn2grf&ht=tk&f=173.174.175.176.5474.5475.25136.25137&a=1019361&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 33 kB URL HTTP/2 use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 32688, version 1.0\012- data
Hash c654f50b24ad0685a12a2c387542e700
b2cfcca0589023f4371e4a673ec305f8ecace38e
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
GET /af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 32688
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
200 OK 33 kB URL HTTP/2 use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 33188, version 1.0\012- data
Hash 1ad2280b2d70f711e9957a9e11817d96
52314480316b637490d3b743d7089b8c9e5032b8
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
GET /af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33188
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free-url-shortener.rb.gy/page-data/app-data.json
200 OK 50 B URL HTTP/2 free-url-shortener.rb.gy/page-data/app-data.json
IP
File type JSON data\012- , ASCII text
Hash 57027c5a79edf199aef9b65dd41be568
afd9eb47f2539ce3d464b39adbe6233d4ade0250
bac5fd3d8521e65d33967e71f9d6a1703885e043a31635e6a3dda1c529cf2c90
GET /page-data/app-data.json HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 50
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: V0zDI6WnkqpbtA8.1SPcG.ZY6o7CG7Ti
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 16:58:13 GMT
cache-control: max-age=36000
etag: "57027c5a79edf199aef9b65dd41be568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UyPuiPOwke9RosGk5uj1xzT3koKZnRlUQ0VJijE0PHpm1V-vgIhs3g==
age: 18320
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/page-data/index/page-data.json
200 OK 117 B URL HTTP/2 free-url-shortener.rb.gy/page-data/index/page-data.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2e1e6458af7df8d89a1f91a5cddb3167
527b219be81a92c47958bce23de699453f4f9cfc
04960f99bcb3caf0bb8146b268babae7c2c2b3508da9550dde88a9454b9b0b0d
GET /page-data/index/page-data.json HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 117
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: i0d0EQyic5QBFjEDzpvo44cZucZcAHk5
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 18:10:10 GMT
cache-control: max-age=36000
etag: "2e1e6458af7df8d89a1f91a5cddb3167"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 17rSmrMajtnCHdwEH_klMaq-aOA-IwRhmRqcGPUI3DZLFUjKh-p16A==
age: 14003
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xxb5MFQVysHy5Z99wCo6sw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DpKaVnpywKASaDwAxx2dhWl2sGc=
www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3
200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3
IP
File type ASCII text, with very long lines (9386)
Hash 82e1c9d1abc386769bb122b6ca611872
e1478e8a0519884b79f168020564b91561be51fd
d55c8af472c9b3b35e5fcfd1b20035f4ae5dbd9bf30f0cf4c9a399c1fdc799bb
GET /gtm.js?id=GTM-NZVWGS3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 22:03:32 GMT
expires: Wed, 08 Feb 2023 22:03:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free-url-shortener.rb.gy/94b73c82-66e3614aba3db2717c62.js
200 OK 243 kB URL HTTP/2 free-url-shortener.rb.gy/94b73c82-66e3614aba3db2717c62.js
IP
Size 243 kB (242779 bytes)
Hash 68b077f5304f9b5d75dfe5e349096f03
3be275db9f5f66ab7dd3ba0b2c670ab9c9e05365
8f849338a1154f979a5c8c13a25316ee2940e2e258f18d60150751b8585f186f
GET /94b73c82-66e3614aba3db2717c62.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: tSKArzeog8zWV0lUysWvmlgZ4oMGwx6n
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 18:13:52 GMT
cache-control: max-age=36000
etag: W/"9398e96cd228a8140130bc4749f3d207"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j0ue-0d0-08DqBVr_aqvqF_V5TNScDeV9RoNvGGazfpFxOdqw3al0A==
age: 13781
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js
200 OK 61 kB URL HTTP/2 free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js
IP
Hash 24bda6b2ebab3c289251a46c19ce9bf8
9c79934747a4dc8ce2dee5ee10eea9d4b0dd634b
e074b6461a836008f294448f67ab42c3d1192d36895c27abb3bb5cc97d66a6e6
GET /component---src-pages-index-js-c177ef0cf0623a698230.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: AhhEHv40Iej2qqNRFEwXNEZ6xCAcxVmz
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 21:06:51 GMT
cache-control: max-age=36000
etag: W/"cc736f9ea60755d952dd383194a814d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cas6qluk9Nv_Y7v5l6yf9ekmCTwV707jA0CJxlI9RIHBB7dRA1Bibw==
age: 3402
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31824
date: Wed, 08 Feb 2023 22:03:32 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4849
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Last-Modified: Wed, 08 Feb 2023 20:42:43 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2X+RcOFhcK4Ivm1kgFky+Q84iw2SKDJO0L5/UzMNoLOi3BF5LWxgOqqxuhaTxDmNoeddt5s6xZ0DLAOh0GBfWQ==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Wed, 08 Feb 2023 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/934172759/?random=1675893868719&cv=11&fst=1675893868719&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 905 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/934172759/?random=1675893868719&cv=11&fst=1675893868719&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1949), with no line terminators
Hash 7cf6e9a65d4e9ecf91227449c775eb1b
77e4cab4615708c62d2f2a41d9d60c7f963ecd6e
371bb57b2206330461daee6d0501c719856ac79474d833b7272ae06cdfd045b5
GET /pagead/viewthroughconversion/934172759/?random=1675893868719&cv=11&fst=1675893868719&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 22:03:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 905
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 22:18:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.hotjar.com/modules.14cb8958c3e3566a4606.js
200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.14cb8958c3e3566a4606.js
IP
File type Unicode text, UTF-8 text, with very long lines (48770)
Hash 5331176444d8700436c501005f6a0731
d0f73de83bc0720ec98240ab04878a317491d640
07c3a5946b698fa789f6f4f6924761ffbc6808e145cba46c657092f9b36fee8a
GET /modules.14cb8958c3e3566a4606.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68072
date: Wed, 08 Feb 2023 15:48:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5331176444d8700436c501005f6a0731"
last-modified: Wed, 08 Feb 2023 15:47:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DXbTfsjCqtl1pDDMIB0fOrUixKs6r_Gw2lKYBLxl3tIUhWKu__nQXQ==
age: 22526
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675893868820%26url%3Dhttp%253A%252F%252F11-youtubee.xyz%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLseaP9Q29mVwAAAYYzDi3qtotFi8DRh5qdIM5HhOtdVBiZAsEPptudMOeCPfCsrhMd83x5fUlL0g; Max-Age=2592000; Expires=Fri, 10 Mar 2023 22:03:32 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJKXbHscmUsAAAAAYYzDi3q-wzwq-eQduE39tUC4oPhljHw2rCKD4l3vEQWgZjSDoTFz-Z1k9KdB9jKPCgARQ; Max-Age=2592000; Expires=Fri, 10 Mar 2023 22:03:32 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&569a08c6-1a9c-4f4e-852a-4706a2139ab1"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 08-Feb-2024 22:03:32 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675893812:t=1675980212:v=2:sig=AQGK90b_294Yz1MOPyTqfo9hPdZVnqr1"; Expires=Thu, 09 Feb 2023 22:03:32 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAX0N29jRRVAc6/oL991/A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4A28E1A5607542FEA3603E377F68410C Ref B: OSL30EDGE0210 Ref C: 2023-02-08T22:03:32Z
date: Wed, 08 Feb 2023 22:03:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
200 OK 578 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
IP
File type ASCII text, with very long lines (909), with no line terminators
Hash 3449302c021937359dad522abb3dc930
93994292e14921bd8594f8a93b5099a36f67eb58
cad194e7bea413770c316029d150ee300a86d7e9353e1d411126d505a52b3a3c
GET /recaptcha/api.js?onload=onloadcallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 22:03:32 GMT
date: Wed, 08 Feb 2023 22:03:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/goals/6340670d8ac6eb10e2f14ff5
200 OK 26 B URL HTTP/2 app.launchdarkly.com/sdk/goals/6340670d8ac6eb10e2f14ff5
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4895d253dd2c6acdb944f2bd7579cc89
9befc050756e1ec3b4b99e2579c0b86132f642a3
261feae8b4d06341989808887b33303dfb972c7566e389dbd8e1c1ea9b096a13
GET /sdk/goals/6340670d8ac6eb10e2f14ff5 HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
cache-control: max-age=0
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 22:03:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675893813.792912,VS0,VE1
vary: Accept-Encoding
age: 0
content-length: 26
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/evalx/6340670d8ac6eb10e2f14ff5/users/eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiJkODk4N2ZhNi03NWVhLTQ4ZjQtODkxMS1iYjE2ZDgwYTcxYmUiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ
200 OK 236 B URL HTTP/2 app.launchdarkly.com/sdk/evalx/6340670d8ac6eb10e2f14ff5/users/eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiJkODk4N2ZhNi03NWVhLTQ4ZjQtODkxMS1iYjE2ZDgwYTcxYmUiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ
IP
File type JSON data\012- , ASCII text, with very long lines (435), with no line terminators
Hash df6e1fb34853e14177b82a1ef7ad93f9
1385707ad72ea9a71186e826e2becfc38b5e2937
0ec08e264bd2251071c6f4070d1f3ca0ddb440cc8881c0fbf75f4954361fb47b
GET /sdk/evalx/6340670d8ac6eb10e2f14ff5/users/eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiJkODk4N2ZhNi03NWVhLTQ4ZjQtODkxMS1iYjE2ZDgwYTcxYmUiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: max-age=0
etag: "97dbb"
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 22:03:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA, cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675893813.788709,VS0,VE9
vary: Authorization, Accept-Encoding
age: 0
content-length: 236
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 22:03:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vJPmiygKd1jCSIsmV06-lzuJmd0aiejyj946wWNz1Yiou08MNiHJ4g==
age: 464006
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:03:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/934172759/?random=1675893868719&cv=11&fst=1675893600000&bg=ffffff&guid=ON&async=1>m=45be3260&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=http%3A%2F%2F11-youtubee.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4272520551&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 22:03:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 133821
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1215286025150583&ev=PageView&dl=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&rl=http%3A%2F%2F11-youtubee.xyz%2F&if=true&ts=1675893869060&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675893868827&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1215286025150583&ev=PageView&dl=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&rl=http%3A%2F%2F11-youtubee.xyz%2F&if=true&ts=1675893869060&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675893868827&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1215286025150583&ev=PageView&dl=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&rl=http%3A%2F%2F11-youtubee.xyz%2F&if=true&ts=1675893869060&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675893868827&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Feb 2023 22:03:32 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675893868820%26url%3Dhttp%253A%252F%252F11-youtubee.xyz%252F%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675893868820%26url%3Dhttp%253A%252F%252F11-youtubee.xyz%252F%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675893868820%26url%3Dhttp%253A%252F%252F11-youtubee.xyz%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://free-url-shortener.rb.gy/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F&liSync=true
set-cookie: bcookie="v=2&cbfb0ca2-c1db-4739-8c5a-468f31ccebfa"; Domain=.linkedin.com; Expires=Thu, 08-Feb-2024 22:03:32 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230208220332614bd7ff-4bb3-4cf9-8839-0f861ee99437AQF4NJagrYvXIpOYOs-lI7H5tHEDr56M"; Domain=.www.linkedin.com; Expires=Thu, 08-Feb-2024 22:03:32 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzU4OTM4MTI7MjswMjGAmxcj9BNnw2HYZr4yzyHHYEcrpEg3R0OT+B6RXPCbxw==; Domain=.linkedin.com; Expires=Mon, 07 Aug 2023 22:03:32 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2427:u=1:x=1:i=1675893812:t=1675980212:v=2:sig=AQH8YoMy9XYlW6iDIp4VPNC3STAfEYx1"; Expires=Thu, 09 Feb 2023 22:03:32 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAX0N29mWBe+SaybULadlQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ADD5D70C86D9475C98C3A5D97E9217A2 Ref B: OSL30EDGE0210 Ref C: 2023-02-08T22:03:32Z
date: Wed, 08 Feb 2023 22:03:32 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ec0fe07f0671acabd9765ce6ddcd6364
1946ba74f63a94844b83abdc33b9a21a21a30783
c698804abcf62c16e327b13da9de14a570773d1fdd8dd1a531c6d7ad17f6f05f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126123
Date: Wed, 08 Feb 2023 22:03:33 GMT
Etag: "63e3511f-1d7"
Expires: Fri, 10 Feb 2023 09:05:36 GMT
Last-Modified: Wed, 08 Feb 2023 07:37:03 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uk8z3O7tiKx3Vto6wneylfHAsaYSIkcDcpE3YTT7VfjIr4qr_p8ovQ==
Age: 5313
px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=234684&time=1675893868820&url=http%3A%2F%2F11-youtubee.xyz%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://free-url-shortener.rb.gy/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: bcookie="v=2&e089ebaa-5645-4c4b-8bbc-76bb2970e168"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 08-Feb-2024 22:03:33 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675893813:t=1675980213:v=2:sig=AQEeJjp28j3WP46y51_QEEX5m_1CPCpB"; Expires=Thu, 09 Feb 2023 22:03:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAX0N29o1MCzhpQZWNtrjA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6E3D862663A342C78175DE41EA011AF0 Ref B: OSL30EDGE0210 Ref C: 2023-02-08T22:03:33Z
date: Wed, 08 Feb 2023 22:03:32 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 519330
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 189768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6992
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:03:33 GMT
Connection: keep-alive
free-url-shortener.rb.gy/static/ProximaNova-Light-367531d5c657281665cd0d8f31ae4b79.otf
200 OK 41 kB URL HTTP/2 free-url-shortener.rb.gy/static/ProximaNova-Light-367531d5c657281665cd0d8f31ae4b79.otf
IP
File type OpenType font data\012- data
Hash 41649575d7166b110f726faf9f984a72
a02de17f87c206630c25e54351884791baeb6420
98ceed9a6f1c2fe26a74589d02df74ae5ffc1ce370fe000620e32d1c7626dc24
GET /static/ProximaNova-Light-367531d5c657281665cd0d8f31ae4b79.otf HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/otf
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1zI8uzArEqkrSQ3h.dM2NbuEdIaVp8.E
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 20:31:14 GMT
cache-control: max-age=36000
etag: W/"ac51ad8a36d5bab6da11d454bcd06561"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1rI38kIgobaXvEJKBboCwT__dpXzuCk34kLs5yJ0OMXf554YH2rLng==
age: 5539
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6992
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:03:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6992
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:03:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:28 GMT
age: 1205
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lXTMw2s8GxQtwjucvNYZeHL-i8ECHbdGThUV5_vn2mKEhArswcO3VA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:09 GMT
age: 1224
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:25:01 GMT
age: 56312
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 26865
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 85456
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KUNhk8O0jpb6OyjCo5RGruuV5633xiM-PBeb6c0BaJI8uFQ7Aflj2g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:53:58 GMT
age: 575
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3e5e82341379c79a2b89c16f9feeb828
52a9f6de99f10d3ee63cd6ed3ce85130e370e31c
65398493b6b57e3be514a5dcd95ce8028e47e86c58786e1a6395a449bd0c837f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110927
Date: Wed, 08 Feb 2023 22:03:33 GMT
Etag: "63e31e79-1d7"
Expires: Fri, 10 Feb 2023 04:52:20 GMT
Last-Modified: Wed, 08 Feb 2023 04:00:57 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YkUOYomGd-AFWbK11S38dQFcrhBP86EWBAgVjJ6nSKfRT3yVlyAeYA==
Age: 3083
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3e5e82341379c79a2b89c16f9feeb828
52a9f6de99f10d3ee63cd6ed3ce85130e370e31c
65398493b6b57e3be514a5dcd95ce8028e47e86c58786e1a6395a449bd0c837f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111072
Date: Wed, 08 Feb 2023 22:03:33 GMT
Etag: "63e31e79-1d7"
Expires: Fri, 10 Feb 2023 04:54:45 GMT
Last-Modified: Wed, 08 Feb 2023 04:00:57 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B3dMo0lpgd5rXKzTULCug4qKAGmfP_6Rx96Bv1cVRza-fBLOdfu3fQ==
Age: 3228
events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5
204 No Content 0 B URL HTTP/2 events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/diagnostic/6340670d8ac6eb10e2f14ff5 HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 22:03:33 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5
202 Accepted 0 B URL HTTP/2 events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events/diagnostic/6340670d8ac6eb10e2f14ff5 HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 856
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 08 Feb 2023 22:03:33 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5
204 No Content 0 B URL HTTP/2 events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/bulk/6340670d8ac6eb10e2f14ff5 HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id
Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 22:03:35 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5
202 Accepted 0 B URL HTTP/2 events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events/bulk/6340670d8ac6eb10e2f14ff5 HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-Payload-ID: 907705f0-a7fc-11ed-b948-03af6a6f16f4
Content-Length: 225
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 08 Feb 2023 22:03:35 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/static/ProximaNova-Semibold-227817852e96b494055e9b16561bedf9.otf
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/static/ProximaNova-Semibold-227817852e96b494055e9b16561bedf9.otf
IP
GET /static/ProximaNova-Semibold-227817852e96b494055e9b16561bedf9.otf HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/otf
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Uvj6aGi94rHKLmKUczV1JXrI.nq1ah2.
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 19:10:29 GMT
cache-control: max-age=36000
etag: W/"f14eee643541cf03a10f26c944cc29f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q7kwivn1Bd605udAxDPswVjDQJ521MbVkepSV_NQMH2Vjs-_KJaWXA==
age: 10384
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/images/url-shortener.svg
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/images/url-shortener.svg
IP
GET /images/url-shortener.svg HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y6y2AxRZ6.DW3hK8gebciqPC7ag9dgC8
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 19:15:55 GMT
cache-control: max-age=36000
etag: W/"b8033a6984d5ecf556315ebb6e98317a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _cwfqvzBsS2000ZN_adfDKEK5f3W6Ly80lGHfaSLyXul_XqRv04Cnw==
age: 10057
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
IP
GET /webpack-runtime-4ab0db97cc5c19fa474e.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: YkkZJQfD.Hhb.GxsED_k3zW.OkiW3eP5
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 17:08:52 GMT
cache-control: max-age=36000
etag: W/"8ec75754db82dc5ee3772dfd4fe6b8f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Y7VxJSDvrTFP_sl-E9sWj3X_cmBFPe1nidndcUZr-htbg9BNuliYQ==
age: 17680
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
IP
GET /app-3b0c6435c81139b7544b.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: M0HncJdKAMd1yq9_dOubwuVP_VShiw3D
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 17:54:40 GMT
cache-control: max-age=36000
etag: W/"aeda3729db24aba45a5cabf8e7301f7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yI2rCB00oPbffW6VMjESAtxkv-65RgBLUQ8XEfrlhSM3C768b2TDRQ==
age: 14932
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/986-a0982d00692c18d78102.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/986-a0982d00692c18d78102.js
IP
GET /986-a0982d00692c18d78102.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: jJ1MpaDrLjwPYFu9rAp8YsOJXCryU8uY
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 16:12:05 GMT
cache-control: max-age=36000
etag: W/"2258fd513e7c0a4657ba5572dc072506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 33QCXcKyZwOSWNTkxk6hbUiRG7xiy8l5h7WBsLSL82ToIId0bOiH5w==
age: 21088
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/js/signup-redirect.min.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/js/signup-redirect.min.js
IP
GET /js/signup-redirect.min.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 10:10:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2M.rzkhXbvUvBbisgoFHMGv0nMlyoXRD
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 19:11:36 GMT
cache-control: max-age=36000
etag: W/"d56285a75dd3f5c5b46b7a13a2b73a55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pS7ncoLg2bkMMCE5U6HYVO5k9RNU2nFcuq9JcF8aap1n5bx97WSDEg==
age: 10316
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/bbcc82e1-bfee37ad4372bf81906b.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/bbcc82e1-bfee37ad4372bf81906b.js
IP
GET /bbcc82e1-bfee37ad4372bf81906b.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Cv0nra64xuWcLnX9zVviDcibQXV1D_z0
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 16:58:14 GMT
cache-control: max-age=36000
etag: W/"5a4e24f5b4e723ab0cf2c338f8f6b067"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qOopzs2dvzFrypUu_I6kf4N-L-BvhsmGGVdpbaYskwCuG7gvqKVMpA==
age: 18319
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-247840.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-247840.js?sv=6
IP
GET /c/hotjar-247840.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 08 Feb 2023 22:03:04 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/26793cc955d071b296ca70100c7c2da6
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dilKqaCsgud1YQ8MX1BE7Z3lVb43kXOrFi6wslC5qp-5Zd2KqKBeSw==
age: 28
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/234684/domain/free-url-shortener.rb.gy/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/234684/domain/free-url-shortener.rb.gy/token
IP
GET /partner/234684/domain/free-url-shortener.rb.gy/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free-url-shortener.rb.gy
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 08 Feb 2023 21:16:35 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L9hVJamxEFdlW9DENNhm8mob9ad5i4xqAhndgPxWguDO0-EKfbQQmA==
age: 2817
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/framework-f62314cd4f55607160b2.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/framework-f62314cd4f55607160b2.js
IP
GET /framework-f62314cd4f55607160b2.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: nLyXYu_87QPMcqusL52tIEzja9tRZ1EV
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 20:02:08 GMT
cache-control: max-age=36000
etag: W/"1c20df51dc8810f042655fde9cbeb718"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fKzbkCFpEkaQwap5_o29zLJjwOSSv8WTISTc0MEZJdWahm0Jjjkc3g==
age: 7284
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/static/ProximaNova-Regular-7bc9ce404c297c24f2104c18ec4a8526.otf
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/static/ProximaNova-Regular-7bc9ce404c297c24f2104c18ec4a8526.otf
IP
GET /static/ProximaNova-Regular-7bc9ce404c297c24f2104c18ec4a8526.otf HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/otf
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: T6cnX7NeNsSt00vMYUYYmP5QQ6OVbyT_
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 12:07:36 GMT
cache-control: max-age=36000
etag: W/"bf9f5d50c1b928ff21436517a1a95ad9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BcA7bWCpWiUZV42onigBkEnIVNAGW7UgfKGTKahUyZbB1O_HtgBjzw==
age: 35757
X-Firefox-Spdy: h2
free-url-shortener.rb.gy/4445f123d3d9a3bc1afacf74640234ff6334a115-67b06db718d2c490b6f4.js
200 OK 0 B URL HTTP/2 free-url-shortener.rb.gy/4445f123d3d9a3bc1afacf74640234ff6334a115-67b06db718d2c490b6f4.js
IP
GET /4445f123d3d9a3bc1afacf74640234ff6334a115-67b06db718d2c490b6f4.js HTTP/1.1
Host: free-url-shortener.rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free-url-shortener.rb.gy/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: XuqRDeXiIt0fmUtGAJa9fJX2zAHiQATl
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 21:33:51 GMT
cache-control: max-age=36000
etag: W/"479bdee8f683aec64ee9f9e0b1706d50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1-VIgJhKsWscw3hRhu9HrCYDC54lwRIInCpE38YBgCsCYK_1Xwfnpg==
age: 1782
X-Firefox-Spdy: h2
83.229.3.36
95.101.11.57
93.184.220.29
31.13.72.12
0.0.0.0