ngxt44.xyz Open in urlscan Pro
83.229.3.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ngxt44.xyz/nECqpbp
Submission: On February 02 via manual (February 2nd 2023, 3:39:26 pm UTC) from NP — Scanned from DE

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 88 HTTP transactions. The main IP is 83.229.3.36, located in New York, United States and belongs to KAMATERA, US. The main domain is ngxt44.xyz.
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.

This is the only time ngxt44.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	83.229.3.36 83.229.3.36	36007 (KAMATERA) (KAMATERA)
22	13.224.103.8 13.224.103.8	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.224.103.36 13.224.103.36	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	13.226.175.54 13.226.175.54	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:d200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
1	18.200.61.239 18.200.61.239	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	44.196.125.45 44.196.125.45	14618 (AMAZON-AES) (AMAZON-AES)
88	22

1 83.229.3.36 (New York, United States)

ASN36007 (KAMATERA, US)

ngxt44.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.224.103.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-8.zrh50.r.cloudfront.net

free-url-shortener.rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.103.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-36.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.175.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-54.mxp64.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:d200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.61.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-61-239.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.125.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-125-45.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	rb.gy free-url-shortener.rb.gy — Cisco Umbrella Rank: 913754	1 MB
16	gstatic.com www.gstatic.com fonts.gstatic.com	785 KB
7	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 734 clientstream.launchdarkly.com — Cisco Umbrella Rank: 559 events.launchdarkly.com — Cisco Umbrella Rank: 500	2 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	89 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 436 p.typekit.net — Cisco Umbrella Rank: 598	68 KB
6	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855 in.hotjar.com — Cisco Umbrella Rank: 1661	144 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	291 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	271 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	129 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	3 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	10 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5986	455 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	369 B
1	ngxt44.xyz ngxt44.xyz	1 KB
88	16

	Domain	Requested by
22	free-url-shortener.rb.gy	ngxt44.xyz free-url-shortener.rb.gy
11	www.gstatic.com	www.google.com www.gstatic.com free-url-shortener.rb.gy
7	www.google.com	free-url-shortener.rb.gy www.google.com www.gstatic.com
5	fonts.gstatic.com	www.google.com free-url-shortener.rb.gy
5	www.googletagmanager.com	free-url-shortener.rb.gy www.googletagmanager.com
5	use.typekit.net	free-url-shortener.rb.gy use.typekit.net
4	events.launchdarkly.com	free-url-shortener.rb.gy
4	connect.facebook.net	ngxt44.xyz connect.facebook.net free-url-shortener.rb.gy
4	www.google-analytics.com	www.googletagmanager.com free-url-shortener.rb.gy
2	www.facebook.com	free-url-shortener.rb.gy
2	px.ads.linkedin.com	2 redirects
2	script.hotjar.com	static.hotjar.com free-url-shortener.rb.gy
2	googleads.g.doubleclick.net	www.googletagmanager.com free-url-shortener.rb.gy
2	app.launchdarkly.com	free-url-shortener.rb.gy
2	static.hotjar.com	ngxt44.xyz free-url-shortener.rb.gy
2	snap.licdn.com	www.googletagmanager.com free-url-shortener.rb.gy
2	p.typekit.net	use.typekit.net
1	www.google.de	free-url-shortener.rb.gy
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	clientstream.launchdarkly.com	free-url-shortener.rb.gy
1	px4.ads.linkedin.com	free-url-shortener.rb.gy
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	ngxt44.xyz
88	25

This site contains no links.

Subject Issuer	Validity	Valid
ngxt44.xyz R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
rb.gy Amazon	`2022-09-18` - `2023-10-17`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
clientstream.launchdarkly.com Amazon	`2022-09-09` - `2023-10-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://ngxt44.xyz/nECqpbp
Frame ID: 171710900B8622ACF0F28A50D055F3C1
Requests: 1 HTTP requests in this frame

Frame: https://free-url-shortener.rb.gy/
Frame ID: A9234D44D73C7F75C6B71C9388A4AD23
Requests: 65 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
Frame ID: 73F500843B83CB479C3B0E3F16AB5575
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo&co=aHR0cHM6Ly9mcmVlLXVybC1zaG9ydGVuZXIucmIuZ3k6NDQz&hl=de&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=bottomleft&cb=7hwys44dp9zp
Frame ID: F089437C7840DD5CB06C373690F5D490
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo
Frame ID: D278F4EE76A75BE4F46E929E3BE25E5D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

88
Requests

99 %
HTTPS

57 %
IPv6

16
Domains

25
Subdomains

22
IPs

4
Countries

2873 kB
Transfer

5683 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675352362751%26url%3Dhttps%253A%252F%252Fngxt44.xyz%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true&e_ipv6=AQLEm-hg-cfGIgAAAYYSyFC0Np8ZsYCB3GkfjQx2O159zXle3jSVniDywVTfeMpRmXv7Ww4mSKTa

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 Primary Request nECqpbp Show response
ngxt44.xyz/ 994 B
1 KB 580ms
292ms Document
text/html 83.229.3.36
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://ngxt44.xyz/nECqpbp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.229.3.36 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a1df0c0082230b60952a1d864d283de601c29f39349097c722d18d2629934cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 15:39:21 GMT
server: nginx

GET
H2 200 / Show response
free-url-shortener.rb.gy/ Frame A923 308 KB
55 KB 516ms
466ms Document
text/html 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/
Requested by: Host: ngxt44.xyz
URL: https://ngxt44.xyz/nECqpbp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a3d39248dce9e4df884afb5d95c6b41ba9f5366f0a108d2006dec18dfe42c6b

Request headers

Referer: https://ngxt44.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 02 Feb 2023 15:39:23 GMT
etag: W/"c5fa3a1734e1bf38dae33984e98be4f6"
last-modified: Thu, 19 Jan 2023 12:26:11 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-id: 7BKtujCriEChDGtKpOg-zh72StfZ9KuND2QURvOcbtxgkgEHBDwHWQ==
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: ntJ9wnAO75sfIDulSCOdM4vtFHwHZ84V
x-cache: RefreshHit from cloudfront

GET
H2 200 gpn2grf.css
use.typekit.net/ Frame A923 6 KB
1 KB 51ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gpn2grf.css

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0b9ff64432100fe36b6cd56857dcd8563f290bc4c9f71d3550da3ee45449a4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 02 Feb 2023 15:39:22 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 896

GET
H2 200 waw8itp.css
use.typekit.net/ Frame A923 3 KB
955 B 49ms
9ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/waw8itp.css

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7688462c5e2c36caefc0e654e5dab2943185bef259b5911f640c0b4c61ea4f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 02 Feb 2023 15:39:22 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 723

GET
H2 200 signup-redirect.min.js Show response
free-url-shortener.rb.gy/js/ Frame A923 1 KB
1 KB 17ms
17ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/js/signup-redirect.min.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9040e021bd08a3f11e42a5e259faa8571b74eca89de68f0a089d928170f65a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 2M.rzkhXbvUvBbisgoFHMGv0nMlyoXRD
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 13:47:39 GMT
last-modified: Fri, 25 Nov 2022 10:10:50 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 6704
x-amz-server-side-encryption: AES256
etag: W/"d56285a75dd3f5c5b46b7a13a2b73a55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: tuQuOMvs08zAxnGcixAEjW6c4m_tBr9UxuSfNhbj-bdNlvFLVilFVQ==

GET
H2 200 free-url-shortener.jpg
free-url-shortener.rb.gy/images/ Frame A923 310 KB
310 KB 40ms
39ms Image
image/jpeg 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-url-shortener.rb.gy/images/free-url-shortener.jpg
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c6963527056b2f65cd71433656d3ae6c5d92040300b6002747452a53c255da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 7K7r7bAvPd396xtTkRndcEfP3d69M7_H
date: Thu, 02 Feb 2023 09:06:59 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 23544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 316974
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
etag: "4cec1fb14b2528ab37d00b6071ecda20"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=36000
accept-ranges: bytes
x-amz-cf-id: 4_M67ThLgIMWO37z6ntThtlQwWjiBDwz1KZ6Wkbg-jI9N-joBY-pVg==

GET
H2 200 bitly.svg
free-url-shortener.rb.gy/images/ Frame A923 621 B
1 KB 22ms
22ms Image
image/svg+xml 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-url-shortener.rb.gy/images/bitly.svg
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c56bd010ed5e04501184f06346504f7dc3aebdcd00038afd180d80edb72163fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: ySPV4W.gBPzjqzIKhZsC9Z1.SFgD7jH2
date: Thu, 02 Feb 2023 08:43:52 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 24931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 621
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
etag: "358ecaeafb416abb75b977a271527e96"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=36000
accept-ranges: bytes
x-amz-cf-id: RXezyT68OlJKvz3jkWjVkbVuxbpEAS59Nd5QtHkrxr-t4Nf_rDvKEQ==

GET
H2 200 url-shortener.svg
free-url-shortener.rb.gy/images/ Frame A923 13 KB
6 KB 23ms
22ms Image
image/svg+xml 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-url-shortener.rb.gy/images/url-shortener.svg
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58ddf4c1bb7914830c0b8d129fd710063d01a879a48770978b2ac8361e585a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Y6y2AxRZ6.DW3hK8gebciqPC7ag9dgC8
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 08:47:01 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 24742
x-amz-server-side-encryption: AES256
etag: W/"b8033a6984d5ecf556315ebb6e98317a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=36000
x-amz-cf-id: suDcHqqoA1Ru17f25aMsy7tDwLV7oALJnF2DXF-vNpw2i32CpZ0c8g==

GET
H2 200 app-3b0c6435c81139b7544b.js Show response
free-url-shortener.rb.gy/ Frame A923 217 KB
72 KB 22ms
21ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb7d175d0600aa788db0c9cd52a6b03486e1536fe8af4a87695d1b2a03984335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:49:26 GMT
x-amz-version-id: M0HncJdKAMd1yq9_dOubwuVP_VShiw3D
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"aeda3729db24aba45a5cabf8e7301f7a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
age: 20997
x-amz-cf-id: AoqNdT6OGEPkiVCHtUweOwM3dIGRK5RpjAsEdp3xdP1O9fqeeZJUMg==

GET
H2 200 framework-f62314cd4f55607160b2.js Show response
free-url-shortener.rb.gy/ Frame A923 126 KB
40 KB 24ms
23ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/framework-f62314cd4f55607160b2.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 087cd519da0e28c3e1153495d82088d31f8309f025ac18ffb119e4945c7142ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: nLyXYu_87QPMcqusL52tIEzja9tRZ1EV
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 14:43:32 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 3833
x-amz-server-side-encryption: AES256
etag: W/"1c20df51dc8810f042655fde9cbeb718"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: CTwwOOIbs-zDLtj2LNb985PHUMqpCYKEg4jbhCM-QI3mvWE0q9V_WA==

GET
H2 200 webpack-runtime-4ab0db97cc5c19fa474e.js Show response
free-url-shortener.rb.gy/ Frame A923 5 KB
3 KB 22ms
21ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ca998cdf496184873208cb48570bfbbe2c639e0ef7cf1d636803c7aa2e8d43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: YkkZJQfD.Hhb.GxsED_k3zW.OkiW3eP5
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 08:47:32 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 24711
x-amz-server-side-encryption: AES256
etag: W/"8ec75754db82dc5ee3772dfd4fe6b8f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: uRdU4wHvsBdasTwiMMrHqCuZKcUS5L4hyjRoSUilz241iVuxlIh4cg==

GET
H2 200 p.css
p.typekit.net/ Frame A923 5 B
181 B 125ms
19ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=waw8itp&ht=tk&f=173.175.5474.5475&a=1019361&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/waw8itp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ Frame A923 5 B
181 B 123ms
18ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gpn2grf&ht=tk&f=173.174.175.176.5474.5475.25136.25137&a=1019361&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gpn2grf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A923 217 KB
78 KB 63ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5bb93706cf917c0c72472122a363afdb51aeba9eac9bc37fa7c592c2b009292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79607
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 15:39:22 GMT

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ Frame A923 32 KB
32 KB 34ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gpn2grf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer: https://use.typekit.net/gpn2grf.css
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 ProximaNova-Semibold-227817852e96b494055e9b16561bedf9.otf
free-url-shortener.rb.gy/static/ Frame A923 62 KB
40 KB 21ms
21ms Font
font/otf 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/static/ProximaNova-Semibold-227817852e96b494055e9b16561bedf9.otf
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Request headers

Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Uvj6aGi94rHKLmKUczV1JXrI.nq1ah2.
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 14:58:54 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 2798
x-amz-server-side-encryption: AES256
etag: W/"f14eee643541cf03a10f26c944cc29f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
cache-control: max-age=36000
x-amz-cf-id: JmmS8ibidl3rB6aF0PlDS0PriirVFptWARX8TC5du1nsUTFa2V9Rsw==

GET
H2 200 ProximaNova-Light-367531d5c657281665cd0d8f31ae4b79.otf
free-url-shortener.rb.gy/static/ Frame A923 61 KB
41 KB 21ms
20ms Font
font/otf 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/static/ProximaNova-Light-367531d5c657281665cd0d8f31ae4b79.otf
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Request headers

Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1zI8uzArEqkrSQ3h.dM2NbuEdIaVp8.E
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:07:15 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 23528
x-amz-server-side-encryption: AES256
etag: W/"ac51ad8a36d5bab6da11d454bcd06561"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
cache-control: max-age=36000
x-amz-cf-id: qFh06yah41AJv72O06oUDIS6zezs4AomkemEvtdWI6UObPrvKk2Lmg==

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ Frame A923 32 KB
33 KB 30ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gpn2grf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6

Request headers

Referer: https://use.typekit.net/gpn2grf.css
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33188

GET
H2 200 ProximaNova-Regular-7bc9ce404c297c24f2104c18ec4a8526.otf
free-url-shortener.rb.gy/static/ Frame A923 61 KB
40 KB 20ms
20ms Font
font/otf 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/static/ProximaNova-Regular-7bc9ce404c297c24f2104c18ec4a8526.otf
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: T6cnX7NeNsSt00vMYUYYmP5QQ6OVbyT_
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 14:44:10 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 6696
x-amz-server-side-encryption: AES256
etag: W/"bf9f5d50c1b928ff21436517a1a95ad9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
cache-control: max-age=36000
x-amz-cf-id: kgMEf8YXigHEFJxH-JybY9SSCBv4AISOhcFbOwY0T8GoWwjSp9Trzw==

GET
H2 200 app-data.json Show response
free-url-shortener.rb.gy/page-data/ Frame A923 50 B
489 B 19ms
19ms XHR
application/json 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/page-data/app-data.json
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bac5fd3d8521e65d33967e71f9d6a1703885e043a31635e6a3dda1c529cf2c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: V0zDI6WnkqpbtA8.1SPcG.ZY6o7CG7Ti
date: Thu, 02 Feb 2023 08:47:00 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 24743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 50
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
etag: "57027c5a79edf199aef9b65dd41be568"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=36000
accept-ranges: bytes
x-amz-cf-id: 4EK6yOXH4JVlXooFXn9tBsxmVIbozwYI8HdjykrVj5uzeP5gRBHZPw==

GET
H2 200 page-data.json Show response
free-url-shortener.rb.gy/page-data/index/ Frame A923 117 B
556 B 20ms
19ms XHR
application/json 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/page-data/index/page-data.json
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04960f99bcb3caf0bb8146b268babae7c2c2b3508da9550dde88a9454b9b0b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: i0d0EQyic5QBFjEDzpvo44cZucZcAHk5
date: Thu, 02 Feb 2023 07:47:23 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 28320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 117
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
etag: "2e1e6458af7df8d89a1f91a5cddb3167"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=36000
accept-ranges: bytes
x-amz-cf-id: pMCbnXx11JTdJVJS_BVeOMyITOMBRxnbGIBOVC_dRpNr4yomaKJ6aw==

GET
H2 200 94b73c82-66e3614aba3db2717c62.js Show response
free-url-shortener.rb.gy/ Frame A923 705 KB
188 KB 20ms
19ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/94b73c82-66e3614aba3db2717c62.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29e95dc398c38aa4d993fb1f61a153f7597305171e01dbfc2f9ac006fa8e393b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:20:36 GMT
x-amz-version-id: tSKArzeog8zWV0lUysWvmlgZ4oMGwx6n
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"9398e96cd228a8140130bc4749f3d207"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
age: 22727
x-amz-cf-id: 6OzG5mJdQ8AkAXpCgKbiSzQYLlwM4s0cuAvsyz_0qUF62tEqFQUtUg==

GET
H2 200 bbcc82e1-bfee37ad4372bf81906b.js Show response
free-url-shortener.rb.gy/ Frame A923 637 KB
163 KB 20ms
19ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/bbcc82e1-bfee37ad4372bf81906b.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10a60abc2e84705e162cb8904d16a26d06992704d9b238b5b0e63be7c75f45a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:20:36 GMT
x-amz-version-id: Cv0nra64xuWcLnX9zVviDcibQXV1D_z0
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"5a4e24f5b4e723ab0cf2c338f8f6b067"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
age: 22727
x-amz-cf-id: DQIpUru0NJ8mIFn83axHnqfKbKh4dK0IjS1Qpc-TnDhA2I5gim8aCw==

GET
H2 200 4445f123d3d9a3bc1afacf74640234ff6334a115-67b06db718d2c490b6f4.js Show response
free-url-shortener.rb.gy/ Frame A923 107 KB
30 KB 19ms
19ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/4445f123d3d9a3bc1afacf74640234ff6334a115-67b06db718d2c490b6f4.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdb004791456aa363b5bafaafab6777caccc18646c0de6ab989087986409f1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: XuqRDeXiIt0fmUtGAJa9fJX2zAHiQATl
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 11:47:42 GMT
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 13901
x-amz-server-side-encryption: AES256
etag: W/"479bdee8f683aec64ee9f9e0b1706d50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: MZp7IQvgkCWNzOYy31PoJ0dpv2D1t5NAhI45QsARcVQCMn5kUVWXVw==

GET
H2 200 component---src-pages-index-js-c177ef0cf0623a698230.js Show response
free-url-shortener.rb.gy/ Frame A923 52 KB
15 KB 19ms
19ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cbcb80fab2bfb61dfbb4b788a954e5ba87a9cad9c0c4c9cd17c7fd58dfdc601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: AhhEHv40Iej2qqNRFEwXNEZ6xCAcxVmz
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:34:04 GMT
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 21919
x-amz-server-side-encryption: AES256
etag: W/"cc736f9ea60755d952dd383194a814d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: D8p4ffNTvloaYc7qMTVjhDmQCo0OHZgA7d7G_FsgK47yoT8HIAcnYg==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ Frame A923 115 KB
45 KB 134ms
53ms Script
application/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W5PQBDJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72cf0c3ae5d6378ba96c121cb334f7333739486ad1ed811e54f4b932b1c4656b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 15:39:22 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame A923 13 KB
5 KB 69ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=12624
accept-ranges: bytes
content-length: 4777

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A923 106 KB
28 KB 61ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ngxt44.xyz
URL: https://ngxt44.xyz/nECqpbp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 15:39:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0P1IFFvKUa+Opta07A0Tq81WBj8HfwG8OQLHHpQ28xZGeKuNWhyxVFVqzI1q8u+tj/kByU+BcCxvUoNoEZV5zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A923 128 KB
50 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934172759

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a13fb838cb12e848efbccb684ae4e10060ad9b0eab41773f8864d760f22d4d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50694
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 15:39:22 GMT

GET
H2 200 hotjar-247840.js Show response
static.hotjar.com/c/ Frame A923 8 KB
4 KB 87ms
30ms Script
application/javascript 13.224.103.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-247840.js?sv=6

Requested by

Host: ngxt44.xyz
URL: https://ngxt44.xyz/nECqpbp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-36.zrh50.r.cloudfront.net

Software

Resource Hash

1748ff1e53797ffd995211e9cbbffa0557e72d65d6fefd0157d87794461d4782

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 26
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/ce926e63ac9cec86d40a702fdb7f3f4b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: Wu4kSBnu5am4HMMXDnl7gU_8g-Ne2ASET7BSZqTZnW7HlDzqIYvicg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame A923 909 B
902 B 59ms
22ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5716c97943b3b04db615edbe68047068da26035676343e7b45233cceef6b8a57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:39:22 GMT

GET
H2 200 986-a0982d00692c18d78102.js Show response
free-url-shortener.rb.gy/ Frame A923 8 KB
3 KB 20ms
19ms Script
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/986-a0982d00692c18d78102.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/webpack-runtime-4ab0db97cc5c19fa474e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 720a82c00a709366f3c47ae35bcbba2fae9fca9f744055f7241f0139d4651219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: jJ1MpaDrLjwPYFu9rAp8YsOJXCryU8uY
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 07:47:16 GMT
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 28327
x-amz-server-side-encryption: AES256
etag: W/"2258fd513e7c0a4657ba5572dc072506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: Yic3ulI9AbG72vmL47lMEjMYgdYVVdRoIbNJ8B9eQASR1J2z8r7Hfw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A923 110 KB
43 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68215349-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0ad39be314e7f99e92f2018449476b32bcf948c69e5d1bd7f9c901e7e06e366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43886
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 15:39:22 GMT

GET
H2 200 6340670d8ac6eb10e2f14ff5 Show response
app.launchdarkly.com/sdk/goals/ Frame A923 2 B
580 B 51ms
13ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6340670d8ac6eb10e2f14ff5

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Feb 2023 15:39:22 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn-etou8220025-HHN
x-timer: S1675352363.767563,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiIyZDcyMTYyMy1kYzkyLTRlYjktOThiNS04OTAyYzFjMzM1ODYiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ Show response
app.launchdarkly.com/sdk/evalx/6340670d8ac6eb10e2f14ff5/users/ Frame A923 374 B
587 B 61ms
24ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6340670d8ac6eb10e2f14ff5/users/eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiIyZDcyMTYyMy1kYzkyLTRlYjktOThiNS04OTAyYzFjMzM1ODYiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 998986335d7d71f388708214df71387ab3d26de353804e97692b381418e7a91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 197
x-served-by: cache-hhn-etou8220028-HHN, cache-hhn-etou8220025-HHN
x-timer: S1675352363.768097,VS0,VE12
etag: "97dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934172759/ Frame A923 2 KB
1 KB 135ms
56ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934172759/?random=1675352362728&cv=11&fst=1675352362728&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=https%3A%2F%2Fngxt44.xyz%2F&tiba=URL%20Shortener%20Free&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-934172759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839406231de90b650db7919799dd735d06507fc430290ca1c919d4e5956b9717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 15:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 895
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1215286025150583 Show response
connect.facebook.net/signals/config/ Frame A923 377 KB
108 KB 319ms
318ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1215286025150583?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a2151025d4dfda0a946e4e45f3785296210aa77d5df4545e1802f7c22e799f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 15:39:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PGldxkGQeZVEe9y9lFYVDdQ9a2IzeAyjgzgruLzvG7UAhz31R3VcN/688OS4f9v7gz42C1lYPorSweL7/f9kRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.4b160a4831adaf5337e6.js Show response
script.hotjar.com/ Frame A923 262 KB
67 KB 98ms
21ms Script
application/javascript 13.226.175.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4b160a4831adaf5337e6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-247840.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.175.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-175-54.mxp64.r.cloudfront.net

Software

Resource Hash

fb91850a461b7442ca8310a0758898710eca3b52a1c61a27b00db609725c3696

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 772cbace6bb6df7f76dea14ed0716314.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 257596
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68316
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
etag: "3315b6999637291711ab85ba678211fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ahuFZLak8OW1KPKvWRH8vGW-25A7XXBlOC4FNR7FZWkph-yAhCSBJQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/234684/domain/free-url-shortener.rb.gy/ Frame A923 36 B
369 B 35ms
7ms XHR
application/json 2600:9000:206f:d200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/234684/domain/free-url-shortener.rb.gy/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://free-url-shortener.rb.gy/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:17:27 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 12115
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=25049
x-amz-cf-id: PshSWGDALIIgVIOj6kDfruHyXOm06iIzg6I2Fae3JLZGOOCXU7k-QQ==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame A923
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234684%26time%3D1675352362751%26url%3Dhttps%253A%252F%252Fngxt44.xyz%252F%26liSyn...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true&e_ipv6=AQLEm-hg-cfGIgAAAYYSyFC0Np8ZsYCB3GkfjQx2O159zXle3jSVniDywVTfeMpRmXv7...

0
268 B

193ms
155ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true&e_ipv6=AQLEm-hg-cfGIgAAAYYSyFC0Np8ZsYCB3GkfjQx2O159zXle3jSVniDywVTfeMpRmXv7Ww4mSKTa
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AAEF6CB38D44420CADD29FC8A88F7CAF Ref B: DUS30EDGE0813 Ref C: 2023-02-02T15:39:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzuV5+K6fDuPKJqPBCmA==

Redirect headers

date: Thu, 02 Feb 2023 15:39:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3FC24E9C0DC04D69B05241D45CBFF04C Ref B: FRAEDGE1219 Ref C: 2023-02-02T15:39:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234684&time=1675352362751&url=https%3A%2F%2Fngxt44.xyz%2F&liSync=true&e_ipv6=AQLEm-hg-cfGIgAAAYYSyFC0Np8ZsYCB3GkfjQx2O159zXle3jSVniDywVTfeMpRmXv7Ww4mSKTa
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzuV57I9rFxPMfv0w8Gw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A923 49 KB
20 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68215349-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 15:12:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1632
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 17:12:10 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame A923 405 KB
162 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://free-url-shortener.rb.gy/
Origin: https://free-url-shortener.rb.gy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:37:12 GMT

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiIyZDcyMTYyMy1kYzkyLTRlYjktOThiNS04OTAyYzFjMzM1ODYiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ
clientstream.launchdarkly.com/eval/6340670d8ac6eb10e2f14ff5/ Frame A923 395 B
0 206ms
48ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/6340670d8ac6eb10e2f14ff5/eyJrZXkiOiJhbm9ueW1vdXMtdXNlci1pZC1yYmd5IiwibmFtZSI6ImFub24iLCJjdXN0b20iOnsiaWQiOiIyZDcyMTYyMy1kYzkyLTRlYjktOThiNS04OTAyYzFjMzM1ODYiLCJzZWN0aW9uIjoicmIuZ3kiLCJpc0xvZ2dlZCI6ZmFsc2V9fQ

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://free-url-shortener.rb.gy/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:22 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 box-2722367854ce9702c28ea74c51e2a23f.html Show response
vars.hotjar.com/ Frame 73F5 2 KB
1 KB 41ms
8ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-247840.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-26.fra53.r.cloudfront.net

Software

Resource Hash

2a053c986d53b05149da4b99719fd4c913e4c8a885824b7ded13f070fb13ff6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://free-url-shortener.rb.gy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 257596
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:06:06 GMT
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id: UdpZjuoKajZYg840dB8zombs7H45GHMwEijXPlLcobJgYF8eDPwbfw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F089 43 KB
23 KB 34ms
33ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo&co=aHR0cHM6Ly9mcmVlLXVybC1zaG9ydGVuZXIucmIuZ3k6NDQz&hl=de&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=bottomleft&cb=7hwys44dp9zp

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbc8ca280fbfb8aa9e2da8b2dd0607138a23c47e8aca229b994d43ee5cf37b71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_9PeSkDkAfinMuB9SDMqfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://free-url-shortener.rb.gy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23163
content-security-policy: script-src 'report-sample' 'nonce-_9PeSkDkAfinMuB9SDMqfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 15:39:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/247840/ Frame A923 148 B
323 B 122ms
38ms XHR
application/json 18.200.61.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/247840/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4b160a4831adaf5337e6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.61.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-61-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34

Request headers

Referer: https://free-url-shortener.rb.gy/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/934172759/ Frame A923 42 B
314 B 26ms
25ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934172759/?random=1675352362728&cv=11&fst=1675350000000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=https%3A%2F%2Fngxt44.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3298208172&rmt_tld=0&ipr=y

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 15:39:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/934172759/ Frame A923 42 B
455 B 78ms
29ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934172759/?random=1675352362728&cv=11&fst=1675350000000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&ref=https%3A%2F%2Fngxt44.xyz%2F&tiba=URL%20Shortener%20Free&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3298208172&rmt_tld=1&ipr=y

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 15:39:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F089 55 KB
24 KB 44ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo&co=aHR0cHM6Ly9mcmVlLXVybC1zaG9ydGVuZXIucmIuZ3k6NDQz&hl=de&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=bottomleft&cb=7hwys44dp9zp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:04:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F089 405 KB
161 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:37:12 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F089 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:40:39 GMT
x-content-type-options: nosniff
age: 223124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:40:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F089 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 159476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F089 15 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 76239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F089 102 B
134 B 24ms
23ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo&co=aHR0cHM6Ly9mcmVlLXVybC1zaG9ydGVuZXIucmIuZ3k6NDQz&hl=de&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=bottomleft&cb=7hwys44dp9zp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:39:23 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame A923 0
185 B 60ms
16ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1215286025150583&ev=PageView&dl=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&rl=https%3A%2F%2Fngxt44.xyz%2F&if=true&ts=1675352363162&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&it=1675352362747&coo=false&rqm=GET

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 15:39:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D278 7 KB
1 KB 25ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e72eabdb1784646f9d0eeca889812c13607ade66dbc23dbb82e9b7980a499f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5qktyspU2WShsKfpOxARew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://free-url-shortener.rb.gy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-5qktyspU2WShsKfpOxARew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 15:39:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles.c87d73c46951f322e88f.css
free-url-shortener.rb.gy/ Frame A923 0
51 KB 29ms
26ms Other
text/css 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/styles.c87d73c46951f322e88f.css
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Jw2fwy61fAhw7bNXcOOyUuvMuAprENcL
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:43:27 GMT
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 21357
x-amz-server-side-encryption: AES256
etag: W/"dc5ef255da5b71237d92ec8c148ceb00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=36000
x-amz-cf-id: wm1YJadmsRxPjK0F7Llp23fIpqQf9PK1kPG4okaaSWxz9ruPyBvTNA==

GET
H2 200 waw8itp.css
use.typekit.net/ Frame A923 0
955 B 11ms
6ms Other
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/waw8itp.css

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 02 Feb 2023 15:39:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 723

GET
H3 200 analytics.js
www.google-analytics.com/ Frame A923 0
20 KB 36ms
33ms Other
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 15:12:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 17:12:10 GMT

GET
H3 200 recaptcha__de.js
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame A923 0
161 KB 16ms
13ms Other
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:37:12 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ Frame A923 0
43 KB 34ms
31ms Other
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68215349-1&l=dataLayer&cx=c

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43927
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 15:39:23 GMT

GET
H3 200 1215286025150583
connect.facebook.net/signals/config/ Frame A923 0
108 KB 33ms
30ms Other
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1215286025150583?v=2.9.95&r=stable

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 15:39:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110249
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PGldxkGQeZVEe9y9lFYVDdQ9a2IzeAyjgzgruLzvG7UAhz31R3VcN/688OS4f9v7gz42C1lYPorSweL7/f9kRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ Frame A923 0
27 KB 19ms
16ms Other
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 15:39:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0P1IFFvKUa+Opta07A0Tq81WBj8HfwG8OQLHHpQ28xZGeKuNWhyxVFVqzI1q8u+tj/kByU+BcCxvUoNoEZV5zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ Frame A923 0
5 KB 11ms
7ms Other
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=12623
accept-ranges: bytes
content-length: 4777

GET
H3 200 optimize.js
www.google-analytics.com/gtm/ Frame A923 0
45 KB 58ms
55ms Other
application/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W5PQBDJ

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 15:39:23 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame A923 0
78 KB 41ms
38ms Other
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZVWGS3

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79740
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 15:39:23 GMT

GET
H2 200 signup-redirect.min.js
free-url-shortener.rb.gy/js/ Frame A923 0
1 KB 28ms
24ms Other
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/js/signup-redirect.min.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 2M.rzkhXbvUvBbisgoFHMGv0nMlyoXRD
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 13:47:39 GMT
last-modified: Fri, 25 Nov 2022 10:10:50 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 6705
x-amz-server-side-encryption: AES256
etag: W/"d56285a75dd3f5c5b46b7a13a2b73a55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: Pzd1bTKov6Ap8qVkwgr8umkdnJhXit5k57Dw6dlyXNBVtaWeXItqJg==

GET
H2 200 hotjar-247840.js
static.hotjar.com/c/ Frame A923 0
4 KB 19ms
16ms Other
application/javascript 13.224.103.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-247840.js?sv=6

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-36.zrh50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 27
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/ce926e63ac9cec86d40a702fdb7f3f4b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: dZRpx0DwfODObDLOpSgy7X2bVrSIGgRgwkdMwZAMWlm5y6yuPf-g0w==

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/934172759/ Frame A923 0
1 KB 66ms
63ms Other
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.4b160a4831adaf5337e6.js
script.hotjar.com/ Frame A923 0
67 KB 27ms
24ms Other
application/javascript 13.226.175.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4b160a4831adaf5337e6.js

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.175.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-175-54.mxp64.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 772cbace6bb6df7f76dea14ed0716314.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 257597
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68316
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
etag: "3315b6999637291711ab85ba678211fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zXhKon5FJsrbivhjgZFoOfLtIXJMNdEaRhehvzHnkXZIziI_E8QTCw==

GET
H2 200 component---src-pages-index-js-c177ef0cf0623a698230.js
free-url-shortener.rb.gy/ Frame A923 0
15 KB 27ms
25ms Other
application/javascript 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/component---src-pages-index-js-c177ef0cf0623a698230.js
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: AhhEHv40Iej2qqNRFEwXNEZ6xCAcxVmz
content-encoding: gzip
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:34:04 GMT
last-modified: Thu, 19 Jan 2023 12:26:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 21920
x-amz-server-side-encryption: AES256
etag: W/"cc736f9ea60755d952dd383194a814d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=36000
x-amz-cf-id: 8IP0ojXIh5G8Boplr0VomnAsXLrXujI0rxpjg_GGGDsGyZ2ueEmOAg==

GET
H2 200 page-data.json
free-url-shortener.rb.gy/page-data/index/ Frame A923 0
555 B 28ms
26ms Other
application/json 13.224.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-url-shortener.rb.gy/page-data/index/page-data.json
Requested by: Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: i0d0EQyic5QBFjEDzpvo44cZucZcAHk5
date: Thu, 02 Feb 2023 07:47:23 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 28321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 117
last-modified: Thu, 19 Jan 2023 12:26:09 GMT
server: AmazonS3
etag: "2e1e6458af7df8d89a1f91a5cddb3167"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=36000
accept-ranges: bytes
x-amz-cf-id: tPDaxD2dmn4gj6GvLFfXUMUxvmQNwYgAnxNsoq1E_sVxkKIMXQ0iiA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame D278 55 KB
24 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:04:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame D278 405 KB
161 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 15:37:12 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame D278 39 KB
24 KB 65ms
65ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a02a304e410d50e2584c4746cfcf5bf737503907e0735acd17d9d9b9ab449992

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24253
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:39:23 GMT

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame D278 11 KB
11 KB 17ms
17ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:10:05 GMT
x-content-type-options: nosniff
age: 350958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 05 Feb 2023 14:10:05 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame D278 600 B
624 B 19ms
18ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 08:44:59 GMT
x-content-type-options: nosniff
age: 111264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 08 Feb 2023 08:44:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame D278 530 B
554 B 19ms
18ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:42:15 GMT
x-content-type-options: nosniff
age: 230228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 06 Feb 2023 23:42:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame D278 665 B
689 B 20ms
18ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 15:32:43 GMT
x-content-type-options: nosniff
age: 432400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 04 Feb 2023 15:32:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D278 15 KB
15 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 159476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D278 15 KB
15 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 373288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:57:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D278 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 76239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame D278 39 KB
39 KB 78ms
78ms Image
image/jpeg 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8Xy09Er5gJ0IdipdUf5SUup-C4tBwt9gJjvIKX-GblIysPXxi9yx_mCaDJ61LF3BUlnBh622ytY0XGD6Jqj-n4JI1mXjKnjfsDyd8Rdb9J8g7a4bsGLljbWoFSgj3o1ooHZQhCBxdw3YQJjF7-eu50NyykWOKD4Ma-pCd6tKmQdJBlVUI0ycI8GzI5vDR3W6s2VVgGeQXt7bhS8F0u67meeuyGplw&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b6bf7a46412081fbe04724a78f1bbc3d469464b7f3e83c0a95ef23d4f6df5a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LfdFbgUAAAAAPela23tB6kuh06cslnUked_PTWo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40299
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:39:23 GMT

POST
H2 202 6340670d8ac6eb10e2f14ff5 Show response
events.launchdarkly.com/events/diagnostic/ Frame A923 0
344 B 106ms
105ms XHR
application/json 44.196.125.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.196.125.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-125-45.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-url-shortener.rb.gy/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 15:39:23 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 6340670d8ac6eb10e2f14ff5
events.launchdarkly.com/events/diagnostic/ Frame 0
0 317ms
103ms Preflight 44.196.125.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6340670d8ac6eb10e2f14ff5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.196.125.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-125-45.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://free-url-shortener.rb.gy
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 02 Feb 2023 15:39:23 GMT
strict-transport-security: max-age=31536000

GET
H2 200 /
www.facebook.com/tr/ Frame A923 0
31 B 16ms
14ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1215286025150583&ev=Microdata&dl=https%3A%2F%2Ffree-url-shortener.rb.gy%2F&rl=https%3A%2F%2Fngxt44.xyz%2F&if=true&ts=1675352363666&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22URL%20Shortener%20Free%22%2C%22meta%3Adescription%22%3A%22URL%20shortener%20free%20for%20transforming%20long%2C%20ugly%20links%20into%20nice%2C%20memorable%20and%20trackable%20short%20URLs.%20Use%20it%20to%20shorten%20links%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22URL%20Shortener%20Free%22%2C%22og%3Adescription%22%3A%22URL%20shortener%20free%20for%20transforming%20long%2C%20ugly%20links%20into%20nice%2C%20memorable%20and%20trackable%20short%20URLs.%20Use%20it%20to%20shorten%20links%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ffree-url-shortener.rb.gy%2Furl-shortener.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffree-url-shortener.rb.gy%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&it=1675352362747&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-url-shortener.rb.gy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 15:39:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 6340670d8ac6eb10e2f14ff5 Show response
events.launchdarkly.com/events/bulk/ Frame A923 0
344 B 104ms
103ms XHR
application/json 44.196.125.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5

Requested by

Host: free-url-shortener.rb.gy
URL: https://free-url-shortener.rb.gy/app-3b0c6435c81139b7544b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.196.125.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-125-45.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-url-shortener.rb.gy/
X-LaunchDarkly-Payload-ID: c5ad2890-a30f-11ed-ba64-099f1050e348
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Feb 2023 15:39:25 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 6340670d8ac6eb10e2f14ff5
events.launchdarkly.com/events/bulk/ Frame 0
0 109ms
109ms Preflight 44.196.125.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6340670d8ac6eb10e2f14ff5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.196.125.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-125-45.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id
Access-Control-Request-Method: POST
Origin: https://free-url-shortener.rb.gy
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 02 Feb 2023 15:39:25 GMT
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:41:44	Name: _GRECAPTCHA Value: 09APHd1anLSBPC_Jk-V0Ayrx6klSbpoQJ7OKdeKqZtqXKoJNe_0-NxhFa1nKPE03egbHTSLaOg1WrFpLB8-Qw3hck
.rb.gy/	1970-01-20 18:08:08	Name: _hjSessionUser_247840 Value: eyJpZCI6ImQ5ODg2YTBhLTRjYmEtNTFiZi1hNGI3LTM1MzhhYWM0NmRjNCIsImNyZWF0ZWQiOjE2NzUzNTIzNjI4OTQsImV4aXN0aW5nIjpmYWxzZX0=
.rb.gy/	1970-01-20 09:22:34	Name: _hjFirstSeen Value: 1
free-url-shortener.rb.gy/	1970-01-20 09:22:32	Name: _hjIncludedInSessionSample Value: 0
.rb.gy/	1970-01-20 09:22:34	Name: _hjSession_247840 Value: eyJpZCI6ImU4NTI4ODhlLTljMjgtNGI4Ni04YmQ1LTY0NDAyMGUxYzJmNSIsImNyZWF0ZWQiOjE2NzUzNTIzNjI5MjMsImluU2FtcGxlIjpmYWxzZX0=
free-url-shortener.rb.gy/	1970-01-20 09:22:32	Name: _hjIncludedInPageviewSample Value: 1
.rb.gy/	1970-01-20 09:22:34	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 10:05:44	Name: UserMatchHistory Value: AQKf75DzfpsrcwAAAYYSyE9m7UIKMVpaCjpVdhk95cXB_XQTvEmuhkXCjlw0Q8I_ogloQde7_KNVBg
.linkedin.com/	1970-01-20 10:05:44	Name: AnalyticsSyncHistory Value: AQI3HFS6qopUpQAAAYYSyE9mMzjAhDPjHDg9zUZIjRkGFnO2vJ87aDpIBdNPouOdFhXWWmupJ4tAsaZgpIx1fQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:08:08	Name: bcookie Value: "v=2&12ea429e-7387-4b3d-84c2-d235e9913e39"
.linkedin.com/	1970-01-20 09:23:58	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2874:u=1:x=1:i=1675352362:t=1675438762:v=2:sig=AQGfq7tJm1mR-MVpyJSdS288E95eBKUk"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:08:08	Name: bscookie Value: "v=1&20230202153922298fd42f-75c9-4960-8bab-d14505826ddbAQHBGnsmZ_fOT2HvfgyYQzquCmYDIUVV"
.linkedin.com/	1970-01-20 13:41:44	Name: li_gc Value: MTswOzE2NzUzNTIzNjI7MjswMjHJGS4B6wvHVbQzqKjkey2yVUKRZBpKjo6TzwYIOAmH7w==
.doubleclick.net/	1970-01-20 18:44:08	Name: IDE Value: AHWqTUk9JLuAX_-59X6GdsIAih54cQVh90TWQnkRhkRnOFWFcZ8BhX2K_5SRteav

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.linkedin.oribi.io
clientstream.launchdarkly.com
connect.facebook.net
events.launchdarkly.com
fonts.gstatic.com
free-url-shortener.rb.gy
googleads.g.doubleclick.net
in.hotjar.com
ngxt44.xyz
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
13.224.103.36
13.224.103.8
13.226.175.54
143.204.215.26
151.101.194.217
18.200.61.239
2600:9000:206f:d200:2:53b2:240:93a1
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200e
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44.196.125.45
76.223.31.44
83.229.3.36
04960f99bcb3caf0bb8146b268babae7c2c2b3508da9550dde88a9454b9b0b0d
07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34
087cd519da0e28c3e1153495d82088d31f8309f025ac18ffb119e4945c7142ff
0b6bf7a46412081fbe04724a78f1bbc3d469464b7f3e83c0a95ef23d4f6df5a3
0b9ff64432100fe36b6cd56857dcd8563f290bc4c9f71d3550da3ee45449a4db
0c6963527056b2f65cd71433656d3ae6c5d92040300b6002747452a53c255da4
0e72eabdb1784646f9d0eeca889812c13607ade66dbc23dbb82e9b7980a499f6
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
10a60abc2e84705e162cb8904d16a26d06992704d9b238b5b0e63be7c75f45a8
1748ff1e53797ffd995211e9cbbffa0557e72d65d6fefd0157d87794461d4782
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cbcb80fab2bfb61dfbb4b788a954e5ba87a9cad9c0c4c9cd17c7fd58dfdc601
29e95dc398c38aa4d993fb1f61a153f7597305171e01dbfc2f9ac006fa8e393b
2a053c986d53b05149da4b99719fd4c913e4c8a885824b7ded13f070fb13ff6b
2a1df0c0082230b60952a1d864d283de601c29f39349097c722d18d2629934cd
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5716c97943b3b04db615edbe68047068da26035676343e7b45233cceef6b8a57
58ddf4c1bb7914830c0b8d129fd710063d01a879a48770978b2ac8361e585a5c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
720a82c00a709366f3c47ae35bcbba2fae9fca9f744055f7241f0139d4651219
72cf0c3ae5d6378ba96c121cb334f7333739486ad1ed811e54f4b932b1c4656b
7688462c5e2c36caefc0e654e5dab2943185bef259b5911f640c0b4c61ea4f07
7a2151025d4dfda0a946e4e45f3785296210aa77d5df4545e1802f7c22e799f6
7a3d39248dce9e4df884afb5d95c6b41ba9f5366f0a108d2006dec18dfe42c6b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
839406231de90b650db7919799dd735d06507fc430290ca1c919d4e5956b9717
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
998986335d7d71f388708214df71387ab3d26de353804e97692b381418e7a91b
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9ca998cdf496184873208cb48570bfbbe2c639e0ef7cf1d636803c7aa2e8d43a
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
a02a304e410d50e2584c4746cfcf5bf737503907e0735acd17d9d9b9ab449992
a13fb838cb12e848efbccb684ae4e10060ad9b0eab41773f8864d760f22d4d0c
a9040e021bd08a3f11e42a5e259faa8571b74eca89de68f0a089d928170f65a1
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
bac5fd3d8521e65d33967e71f9d6a1703885e043a31635e6a3dda1c529cf2c90
bbc8ca280fbfb8aa9e2da8b2dd0607138a23c47e8aca229b994d43ee5cf37b71
c0ad39be314e7f99e92f2018449476b32bcf948c69e5d1bd7f9c901e7e06e366
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c56bd010ed5e04501184f06346504f7dc3aebdcd00038afd180d80edb72163fe
c5bb93706cf917c0c72472122a363afdb51aeba9eac9bc37fa7c592c2b009292
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7d175d0600aa788db0c9cd52a6b03486e1536fe8af4a87695d1b2a03984335
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fb91850a461b7442ca8310a0758898710eca3b52a1c61a27b00db609725c3696
fdb004791456aa363b5bafaafab6777caccc18646c0de6ab989087986409f1c1

ngxt44.xyz Open in urlscan Pro 83.229.3.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

57 %IPv6

16 Domains

25 Subdomains

22 IPs

4 Countries

2873 kBTransfer

5683 kBSize

16 Cookies

0 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ngxt44.xyz Open in urlscan Pro
83.229.3.36 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

57 %
IPv6

16
Domains

25
Subdomains

22
IPs

4
Countries

2873 kB
Transfer

5683 kB
Size

16
Cookies

88 HTTP transactions
0 data transactions