t.ly Open in urlscan Pro
2606:4700:10::6814:785 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://read-see-mo.re/
Effective URL:
https://t.ly/?error=DomainNotAllowed
Submission: On November 05 via api (November 5th 2024, 7:22:41 am UTC) from LU — Scanned from US

Summary HTTP 77 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 14 domains to perform 77 HTTP transactions. The main IP is 2606:4700:10::6814:785, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 43201.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.220.91.95 168.220.91.95	40509 (FLY) (FLY)
1 23	2606:4700:10:... 2606:4700:10::6814:785	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:284... 2600:9000:2840:800:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:400d:c04::9a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4004:c09::63	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::9c	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2607:f8b0:400... 2607:f8b0:400d:c0f::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::9a	15169 (GOOGLE) (GOOGLE)
4	4.153.129.168 4.153.129.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:400d:c01::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::6a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:400d:c02::66	15169 (GOOGLE) (GOOGLE)
77	20

1 168.220.91.95 (United States) 1 redirects

ASN40509 (FLY, US)

read-see-mo.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6814:785 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2840:800:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c04::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0f::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.153.129.168 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:400d:c02::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 43201	1 MB
17	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	74 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 c.clarity.ms — Cisco Umbrella Rank: 1236 b.clarity.ms — Cisco Umbrella Rank: 15923	31 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	304 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	348 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
1	gstatic.com www.gstatic.com	215 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	774 B
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 23281	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	read-see-mo.re 1 redirects read-see-mo.re	951 B
77	14

	Domain	Requested by
23	t.ly	1 redirects t.ly static.cloudflareinsights.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com
6	www.google.com	www.googletagmanager.com t.ly ep2.adtrafficquality.google www.gstatic.com
5	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
5	www.googletagmanager.com	t.ly www.googletagmanager.com
4	b.clarity.ms	www.clarity.ms
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	c.clarity.ms	1 redirects
2	www.clarity.ms	t.ly www.clarity.ms
1	www.gstatic.com	www.google.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	c.bing.com	1 redirects
1	td.doubleclick.net	www.googletagmanager.com
1	r.wdfl.co	t.ly
1	cdnjs.cloudflare.com	t.ly
1	static.cloudflareinsights.com	t.ly
1	read-see-mo.re	1 redirects
77	19

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
t.ly WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://t.ly/?error=DomainNotAllowed
Frame ID: E879FC99A61BEA0BFF92338BBFB3FDA5
Requests: 66 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1730791354604&cv=11&fst=1730791354604&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=1487511585.1730791355&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E6ED8D511D0BF5D9D3601AD30903BE69
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Ft.ly
Frame ID: 80C11377010A63624189B131D0923FF2
Requests: 1 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: AC08AFAA6F2F257F753AF8D0ECEFF05D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 6FC61FF3EBCA76B47AFADBF60468EF21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730791353&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730791354693&bpp=16&bdt=475&idt=607&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4076349626866&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088481%2C95344187%2C95345789%2C95345963&oid=2&pvsid=3556760877720080&tmod=1898822488&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=636
Frame ID: 3858777C30687B69D92458EDC86D8962
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 75CED56623C2534EAFF2BF595B526757
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67E7F3705E2CA3289652A5B7545F06DC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=fbfzh13yxhe6
Frame ID: 9FECFF291EAA3D871CE2867CE622DD1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 3E00CE4CA7482111A8CA1F74DFD5AA48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 14E3875238EED87398ED69C5ECC0CA36
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: CD67524623B919764FB203F69802600A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

http://read-see-mo.re/ HTTP 307
https://read-see-mo.re/ HTTP 301
https://t.ly/?error=DomainNotAllowed Page URL

Detected technologies

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

77
Requests

96 %
HTTPS

86 %
IPv6

14
Domains

19
Subdomains

20
IPs

1
Countries

2219 kB
Transfer

6086 kB
Size

52
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://read-see-mo.re/ HTTP 307
https://read-see-mo.re/ HTTP 301
https://t.ly/?error=DomainNotAllowed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 36

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&RedC=c.clarity.ms&MXFR=29EA983E64C6601016658D1060C66EB6 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&MUID=1616CAE450D86F630B08DFCA51B76EA0

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
t.ly/
Redirect Chain

http://read-see-mo.re/
https://read-see-mo.re/
https://t.ly/?error=DomainNotAllowed

75 KB
19 KB

660ms
493ms

Document
text/html

2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

065614fd09985146ad28e77c62b36f7dc1a32ca09621e5037f413068fbbad399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8ddb17e6cdd1c439-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 07:22:33 GMT
last-modified: Tue, 05 Nov 2024 07:22:33 GMT
priority: u=0,i
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: private
cf-cache-status: BYPASS
cf-ray: 8ddb17e4cd5dc457-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 07:22:33 GMT
location: https://t.ly/?error=DomainNotAllowed
server-timing: cfCacheStatus;desc="BYPASS"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 5c61e289-8f53-407d-81ed-4c9bbf8a9dcd
x-do-orig-status: 301
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 31ms
31ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672112ce-302c"
x-content-type-options: nosniff
cf-ray: 8ddb17ebf8e9c439-EWR
expires: Thu, 07 Nov 2024 07:22:34 GMT
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 16:52:30 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 app.css
t.ly/css/ 298 KB
56 KB 55ms
55ms Stylesheet
text/css 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-4a7b8"
age: 2219495
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:48:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/css
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ebf8eac439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 46ms
45ms Image
image/png 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 1687930
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ec593bc439-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
870 B 33ms
33ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672112ce-4d7"
x-content-type-options: nosniff
cf-ray: 8ddb17ebf8ebc439-EWR
expires: Thu, 07 Nov 2024 07:22:34 GMT
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 16:52:30 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 168ms
51ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8ddb17ed2814421d-EWR
access-control-allow-origin: *
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 131ms
50ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 457031
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5693TN2k1XX2zLLkepMRdOITc0x%2FpAX02xUoUdESH%2F%2FMWkkFHfgKcHbIQULtxTpG4RvjfmYGAcpG71mBgMPEOFLYPJNkX28O1YlRzhyxjHdmBethBF9slLTdreRrbFHAkmEOVeeJkw3ALqT%2BFpfZycC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 07:22:34 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ddb17ece8b842ee-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 206ms
42ms Script
text/javascript 2600:9000:2840:800:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2840:800:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0562e5674602291ce06869880ed86b2b9d26ae26f17d25f9587c7ae26f62b6b2

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"05550215707fb77f6d07bcc793526e28"
age: 611
via: 1.1 e43394d21905c9e6ce0980d7e55974f4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: lWykDQV2v4-oRjCWUDIIvNzmm1FZ8FpAP3Kwb3myvUWNowXezNXJaw==
date: Tue, 05 Nov 2024 07:12:24 GMT
content-type: text/javascript
last-modified: Tue, 05 Nov 2024 07:12:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
x-amz-server-side-encryption: AES256

GET
H3 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 58ms
55ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-9807"
age: 269951
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 04:05:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ecd97dc439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 vendor.js Show response
t.ly/js/ 2 MB
709 KB 66ms
63ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-23b8e0"
age: 5461
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 04:18:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ecd97ec439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 51ms
47ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=cf267b72a17c485a4862

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e5ad264da8d0e8ef57522e7c57f04cce1595c40f1aaa1e3957f241ad7ed0428

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-e54"
age: 6727
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 03:50:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ecd980c439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 app.js Show response
t.ly/js/ 114 KB
29 KB 63ms
59ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=7cfa5f8a9baddc4164bd

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-1c608"
age: 1522408
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 16:29:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17ecd982c439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 176 KB
53 KB 238ms
71ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18708d141cdbd2c6b4891597624de947d01b73c84e9b9473425abcc1d6188220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 13787609821541986548
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54614
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 211ms
90ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60d88f0f7c8509413def7de1a31b17c6afee1e794e6617eabef0c34574fd5728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77570
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
93 KB 168ms
47ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d9735a256e9c2cbddaa80f1b7a5bcaba6302a769e9820e26ca3f1d46e79034b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94576
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 dq2387w4bl Show response
www.clarity.ms/tag/ 689 B
1 KB 306ms
47ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dq2387w4bl
Requested by: Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e84a8e0e50c3d1bd3063fa450cc5f85bf551e84bfa10d0d606767443989dd7a6

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/x-javascript
x-azure-ref: 20241105T072234Z-1644757dc67tnkb4hC1TEB5h580000000he0000000008r28

GET
H3 403 favicon-32x32.png
t.ly/ 9 KB
7 KB 64ms
62ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0a6f59af0c4150ae85d022499c684f222a25addcb1605a55394b043a66019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ydIv+iXPAr38EkxE158e1muRMdw2Z9VF6AgaLCf7sNjvXxli71T8zQ9wE6QD0AbZ7UUHAjLDkLZl7fNXkD3hUjWzAowe9PYtnyLxnvFjVll1tJMrt65TAkGwbbJB2+k4A1IdypeQLaaZE9UDeU3+Qg==$OmcAWHYCf0pt6coF1YBIjg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8ddb17ed89d2c439-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 320ms
58ms Ping
text/plain 2607:f8b0:4004:c09::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Ft.ly%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1057370013.1730791355&auid=1487511585.1730791355&npa=0&gtm=45be4au0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730791354613&tfd=2023&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 5 KB
2 KB 317ms
68ms Script
text/javascript 2607:f8b0:400d:c0f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1730791354604&cv=11&fst=1730791354604&bg=ffffff&guid=ON&async=1&gtm=45be4au0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=1487511585.1730791355&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e538a6b0a01ab71d6d923728d868ebb0db3218d2f6115fb2db3f1247a380758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2340
date: Tue, 05 Nov 2024 07:22:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10875945736
td.doubleclick.net/td/rul/ Frame E6ED 0
0 254ms
109ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10875945736?random=1730791354604&cv=11&fst=1730791354604&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=1487511585.1730791355&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:22:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 59ms
56ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25648abe5b26a8794cc19dc6108c0819680711f1547300525ba77382accb8e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 76354
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 80C1 0
0 178ms
55ms Document
text/html 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Ft.ly

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

accept-ranges: bytes
age: 280877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 01:21:17 GMT
expires: Sun, 02 Nov 2025 01:21:17 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
104 KB 59ms
58ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e6f64d8352dccbab8d88b6422ffc1feae82c27aa0ad01c1758faf534b7ca3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106498
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 162ms
37ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 2932
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 08:33:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 06:33:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 91 KB
32 KB 175ms
173ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15df9e8b8a8fd11dd1740670119ffec8fcc17119ae59193c11952f6c7063a05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 9895695065594928174
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 32238
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 434 KB
145 KB 184ms
184ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b05666618c5864534ed4cf929bfb031ea0732b5906abe19a4a75cd997dd2a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 1359402064133095330
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147966
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 52ms
51ms Fetch
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4au0v878425165za200&_p=1730791354468&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1501260936.1730791355&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1730791354&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2210
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.53/ 65 KB
28 KB 48ms
48ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.53/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dq2387w4bl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

x-azure-ref: 20241105T072234Z-1644757dc67tnkb4hC1TEB5h580000000he0000000008r2d
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCFCF01CE35FFD"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 3a1c1e33-701e-003e-59d9-2eb9a4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 05 Nov 2024 07:22:34 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 16:45:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 41ms
40ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=40416794&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&ul=en-us&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=370950535&gjid=869465423&cid=1501260936.1730791355&tid=UA-89207177-8&_gid=1564364079.1730791355&_r=1&gtm=457e4au0za200zb888461834&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&jsscut=1&z=1314403671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 950.js Show response
t.ly/js/ 788 B
914 B 43ms
42ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=baccf2af7b7e46b595a3

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=cf267b72a17c485a4862

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3802f67ab9272e65cf29cb31b55943dbcec6216de0e8e51e562c05feb6242c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-314"
age: 1499156
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 22:52:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f18c86c439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 44ms
43ms Image
image/png 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 1687931
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f19c8fc439-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
33 KB 105ms
104ms Font
font/woff2 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
x-content-type-options: nosniff
cf-ray: 8ddb17f1fcc4c439-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 33896
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: font/woff2
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 66ms
65ms Font
font/woff2 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status: HIT
etag: "12cea601-26350"
age: 2219495
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f1fcc6c439-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 156496
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
116 KB 89ms
89ms Font
font/woff2 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status: HIT
etag: "12cea601-1ca7c"
age: 260414
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VFYVg3f.qxpi8.Nz.WJUP4Ll9Hkjriu1xcVgTG_syHE-1730791355-1.0.1.1-yIxqw01H5Vk3S8QaEkCVLOPcqqpDLi3k0jquj12dY.pmneeoRp2SVs5fgcsyLO2OiXcUF0P3K8aMW50RZ2kgiXN6vSWEUrEazojU4GGr49.UFPK9sQfGCn4Azf.dwNcH5iL1lEQeT4fvQxcS7U1eAQ"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 04:24:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=VFYVg3f.qxpi8.Nz.WJUP4Ll9Hkjriu1xcVgTG_syHE-1730791355-1.0.1.1-yIxqw01H5Vk3S8QaEkCVLOPcqqpDLi3k0jquj12dY.pmneeoRp2SVs5fgcsyLO2OiXcUF0P3K8aMW50RZ2kgiXN6vSWEUrEazojU4GGr49.UFPK9sQfGCn4Azf.dwNcH5iL1lEQeT4fvQxcS7U1eAQ; report-to cf-csp-endpoint
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f1fcc8c439-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 117372
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 403 favicon.ico
t.ly/ 9 KB
7 KB 92ms
91ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051c4c027e19afd34337bba066ba2059a8e0307516e31db173681243b9e90e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: qwzduJjnyZ6mhTMsaXUgQWrYPOZhv2gwL7KkYj1NxCcrME3WzTJaa9JxNEZZAI6MEfQEh9xwJNduXtrkVKL+cj9RUZT1UaD+nVA1Nc6EO4DuKbqbb8/ItoD/0aP26O7cTnZEfaOPGJotfpGA77sDrw==$ieY0GHRspk+Bi1qHIMVbUQ==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8ddb17f20cd2c439-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame AC08
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

42ms
41ms

Script
application/javascript

2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Protocol

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f2090dc01c9583ac75c5f27900182747b1a3be73856c20356cfd7c9ac505f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8ddb17f34d93c439-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
x-content-type-options: nosniff
cf-ray: 8ddb17f2ad32c439-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&RedC=c.clarity.ms&MXFR=29EA983E64C6601016658D1060C66EB6
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&MUID=1616CAE450D86F630B08DFCA51B76EA0

42 B
466 B

34ms
33ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&MUID=1616CAE450D86F630B08DFCA51B76EA0
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8D22C5F319F4394B3E06C02D1594B92&MUID=1616CAE450D86F630B08DFCA51B76EA0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5235BF16D2EC4699A66C778C2F38BF99 Ref B: PHL30EDGE0206 Ref C: 2024-11-05T07:22:35Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Tue, 05 Nov 2024 07:22:35 GMT
x-powered-by: ASP.NET

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 57ms
57ms Image
image/gif 2607:f8b0:4004:c09::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1730791354604&cv=11&fst=1730790000000&bg=ffffff&guid=ON&async=1&gtm=45be4au0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=1487511585.1730791355&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dx8DulGVko_La97vjPQ-WkjeFCgxKWA&random=1321744082&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 05 Nov 2024 07:22:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 6FC6 0
0 154ms
37ms Document
text/html 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

age: 57966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 15:16:29 GMT
etag: 7893594074132303741
expires: Mon, 18 Nov 2024 15:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3858 0
0 766ms
652ms Document
text/html 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730791353&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730791354693&bpp=16&bdt=475&idt=607&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4076349626866&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088481%2C95344187%2C95345789%2C95345963&oid=2&pvsid=3556760877720080&tmod=1898822488&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=636

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87159
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:22:36 GMT
expires: Tue, 05 Nov 2024 07:22:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 138ms
50ms XHR
application/json 2607:f8b0:400d:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea0625c9401d98fb2dba8459be477fd4763d56841359206cb83bcc1af40d5cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12958
date: Tue, 05 Nov 2024 07:22:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 396.js Show response
t.ly/js/ 5 KB
2 KB 47ms
46ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/396.js?id=95d4b515304f4e4303f5

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=cf267b72a17c485a4862

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee5e950e05d2ad402b13cd1579f7d2588c150c48290e1d1f7544bfadffce728

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-12e4"
age: 1499154
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 22:52:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f2fd5dc439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 166.js Show response
t.ly/js/ 3 KB
2 KB 46ms
46ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=cf267b72a17c485a4862

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-d91"
age: 9485
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 02:58:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8ddb17f2fd5ec439-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

POST
H3 204 rum Show response
t.ly/cdn-cgi/ 0
133 B 41ms
38ms XHR
text/plain 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
content-type: application/json
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8ddb17f31d79c439-EWR
access-control-allow-origin: https://t.ly
date: Tue, 05 Nov 2024 07:22:35 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Fetch
text/html 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

GET
H3 403 favicon-16x16.png
t.ly/ 9 KB
7 KB 41ms
40ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-16x16.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fded4b5989d45a910e578f7265063d67c86d12489692072a761be64a13b78aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/?error=DomainNotAllowed

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: BQpAV/QbU1Z5LS3lvZFhYoPboB4IJXqPPoGvZBE/3uyddy1COPIwOS0Qsx3bkri94k5R7XNoj+lbna8IPZnJnoEYB4HsXeceBH+i/ifqq2ad+MY+gfPnYy0sXdVLSJiTL6VzdEPoXsPwdGGQKmsuqQ==$GLUBwEkNgJ/lwDqu16+Uxg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8ddb17f34d92c439-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
268 B 222ms
99ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://t.ly
Date: Tue, 05 Nov 2024 07:22:35 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
993 B 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a62813caeeda571a57fe35e4276edee70591b15130207970c495bb43a3ff86c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 05 Nov 2024 07:22:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 8ddb17e6cdd1c439 Show response
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AC08 0
741 B 51ms
44ms XHR
text/plain 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/8ddb17e6cdd1c439

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8ddb17f42e28c439-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 419ms
57ms Script
text/javascript 2607:f8b0:400d:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 388ms
57ms Script
text/javascript 2607:f8b0:400d:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 395212
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 17:35:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 17:35:43 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 75CE 0
0 200ms
55ms Document
text/html 2607:f8b0:400d:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

accept-ranges: bytes
age: 792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:09:24 GMT
expires: Tue, 05 Nov 2024 07:59:24 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 67E7 0
0 195ms
54ms Document
text/html 2607:f8b0:4004:c09::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WWN3fmTAXOmdH9fMl6vilA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WWN3fmTAXOmdH9fMl6vilA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:22:36 GMT
expires: Tue, 05 Nov 2024 07:22:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
268 B 58ms
51ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://t.ly
Date: Tue, 05 Nov 2024 07:22:36 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 9FEC 0
0 61ms
60ms Document
text/html 2607:f8b0:4004:c09::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=fbfzh13yxhe6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l88OkAiPXOs_yZIyBNaRbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-l88OkAiPXOs_yZIyBNaRbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:22:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 178 KB
60 KB 68ms
67ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5c3adbc4c857fcd9dc167d3b1c6b5f956b35f361d45445aba03a9ba119ce83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 11988679415573177678
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:22:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 07:22:36 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 61041
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 273ms
122ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

199732a53163015e51ed750c0715aaf3754011671e0a98d349a3a73b3ab05542

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qMH_7AFw6iyG6eKsLHJVMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg49vQv38kmcOJcwyEmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA2MDPQOD-AIDAHcxP8I"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-qMH_7AFw6iyG6eKsLHJVMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C31088481%2C95344187%2C95345789%2C95345963&hl=en&pvc=3556760877720080

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 05 Nov 2024 07:22:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 59ms
57ms Fetch
text/html 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

GET
H2 200 AGSKWxWkIouXybm2j4AWoq8T7_VhJK6tTOxSOaL6yzFaguINA6pCqoRh5BNMVgA0MGagWBPo2dWP_RXFve6mNnbxQf40fLiYqF0XTZbvl7IvxiRHYj2LnCJWZYboJt10WnhApNBaY0rMvg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
65ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkIouXybm2j4AWoq8T7_VhJK6tTOxSOaL6yzFaguINA6pCqoRh5BNMVgA0MGagWBPo2dWP_RXFve6mNnbxQf40fLiYqF0XTZbvl7IvxiRHYj2LnCJWZYboJt10WnhApNBaY0rMvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzkxMzU2LDgwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1NF0sbnVsbCwxM10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f1ec9dc38ac9d533fa5e502efacf7cdbc9c9565b013836745565d54000ed2c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XlSCDFySZOWCInIDoBr8DA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg49vQv38kmcGNO6xRmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDA2MDPQOD-AIDAGmtP3c"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XlSCDFySZOWCInIDoBr8DA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 3E00 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

age: 57966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 15:16:29 GMT
etag: 7893594074132303741
expires: Mon, 18 Nov 2024 15:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 14E3 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

age: 57966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 15:16:29 GMT
etag: 7893594074132303741
expires: Mon, 18 Nov 2024 15:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVrowTAma0XEANt7aU1pqxXX48y-JKRfXBvqXcZizcvh1jHpcoQTVZ2UHYq7V7VL8mdhq1eZC8dx_tnD7y6efyAItDMZSKgI3e-xeBRgZ1cTS0XLSjJiqwawuNsxHE_WoqPde8EOg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 119ms
118ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrowTAma0XEANt7aU1pqxXX48y-JKRfXBvqXcZizcvh1jHpcoQTVZ2UHYq7V7VL8mdhq1eZC8dx_tnD7y6efyAItDMZSKgI3e-xeBRgZ1cTS0XLSjJiqwawuNsxHE_WoqPde8EOg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzkxMzU2LDk0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLG51bGwsMTNdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60ee76d5ff0269d5a22a8f16f148e0a2f2b894c89ae79e7e2dedbec05144145f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-D5Y0EGrr-rG3Sy_bMVCOJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:36 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg49vQv38kmsOHwx8vMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAIaLQCA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-D5Y0EGrr-rG3Sy_bMVCOJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame CD67 0
0 58ms
57ms Document
text/html 2607:f8b0:4004:c09::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fcLMjD-U0pQB_qVkl0ribg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fcLMjD-U0pQB_qVkl0ribg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 07:22:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 62ms
62ms Fetch
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4au0v878425165za200&_p=1730791354468&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1501260936.1730791355&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1730791354&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=scroll&epn.percent_scrolled=90&_et=7&tfd=4961
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/plain
server: Golfe2

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 getAdsForClient Show response
fundingchoicesmessages.google.com/f/AGSKWxXISg9kdqg-KXiC8GEdwgWlfSTfBJDjVoEusM3l9PmWh82H9QYjdCmU78A4ThbrBWsdURHRnE-lA_bOPn94CWQjfBM7B7xbeQycSnmyOLU4_zGxf1A27kmk7nUHAzOLR7v88snGNOZRdkn4oqR5EUmc1uFOx... 54 B
109 B 56ms
55ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXISg9kdqg-KXiC8GEdwgWlfSTfBJDjVoEusM3l9PmWh82H9QYjdCmU78A4ThbrBWsdURHRnE-lA_bOPn94CWQjfBM7B7xbeQycSnmyOLU4_zGxf1A27kmk7nUHAzOLR7v88snGNOZRdkn4oqR5EUmc1uFOxmx-1emxltZFlHhtygB9ILk9t5cuYjhk/__336x280s./adframes./buddyw_ad./getAdsForClient?/180x150-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76be77ad68457825421655fea7b74a5dce8fb1956297593539bee730b44ed4c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9zPXHenjBUbok6p7j5Bx0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OPb2L9_JJrBj5-N3TEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgCpjEU0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9zPXHenjBUbok6p7j5Bx0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 42ms
41ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 1072231445585862297
age: 2480
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 07:41:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 06:41:17 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15116
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 171ms
85ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mhsXpfHG4k5VpMKQ6cvMoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY2798J5vAg8cvljMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAFI9KTo"
content-security-policy: script-src 'report-sample' 'nonce-mhsXpfHG4k5VpMKQ6cvMoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 123ms
84ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dbS1tlhqmhzo198OCpVkUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY2798J5vAjV9_lzMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAFuoKVw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dbS1tlhqmhzo198OCpVkUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 112ms
82ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iL8ICI_U3T2aPEOD5ky9mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUDsrnWR1R-IGb5eYeUAYiEejr39y3eyCTRM27mcWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYG-oZmMcXGAAADFQoUA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iL8ICI_U3T2aPEOD5ky9mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 110ms
81ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pYt6RD5752TObbWMtSUf7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY2798J5vAhtOLljMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDACY3KKU"
content-security-policy: script-src 'report-sample' 'nonce-pYt6RD5752TObbWMtSUf7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWF-jA-eOjXMsVX09ukTar-O6Cdx6WrjrLSD0V-kPW6Qkoo6_RXcxSlbTSY1K-uSvnS87cGp3N7rK2DiwRkCnZIAIDG8CksrNq6fxmGIfXDdI4GgNKnCeLuufhBMkTjtWHlb10r0w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWF-jA-eOjXMsVX09ukTar-O6Cdx6WrjrLSD0V-kPW6Qkoo6_RXcxSlbTSY1K-uSvnS87cGp3N7rK2DiwRkCnZIAIDG8CksrNq6fxmGIfXDdI4GgNKnCeLuufhBMkTjtWHlb10r0w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzkxMzU3LDgwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1NF0sbnVsbCwxM10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de1f4112a9aab018326e7eb662dfe439c4f19f952e09cdc139ac940a3b02aa86

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IFuZx-baYSHD8VkcJCcAhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OPb2L9_JJjCh4_MEZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwNjAz0Dg_gCAwCQtUSV"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IFuZx-baYSHD8VkcJCcAhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW8bVQUhmtvZ8NLnTZC54zVI-vp2w8tFogtma8u5bK5F-ck-6RUfFEYcd0unXUa08xu1R5GHFKSP7PLDwYHxi8Z_0UwCJWy3FIz46eFkTGx1JGTqfaJUnYUEmN0AusIwOcfyX_vNw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
48ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW8bVQUhmtvZ8NLnTZC54zVI-vp2w8tFogtma8u5bK5F-ck-6RUfFEYcd0unXUa08xu1R5GHFKSP7PLDwYHxi8Z_0UwCJWy3FIz46eFkTGx1JGTqfaJUnYUEmN0AusIwOcfyX_vNw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rjTWKIDlj93YFPCDrQk4HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUDsrnWR1R-IGb5eYeUAYiEejr39y3eyCXxY3r6WWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYG-oZmMcXGAAAJXwopQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rjTWKIDlj93YFPCDrQk4HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 111ms
109ms XHR
text/html 2607:f8b0:400d:c02::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn-VhH_H8VJeIyDwNHUzs9jnrId71eUNUPPH-R_PzC8RTwnqCk_Gj78Io3ZIPbE6fTFRksQNyZAad5ioVk0kymTTaqakAPNo3fsWEtn2EwQSitemumNF5PWhGzeDJqOd2r94R9_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LXndmidRk263vOIK7NXWsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 07:22:37 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY2798J5vAipXde5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgbGhnoF5fIEBABj0KHg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LXndmidRk263vOIK7NXWsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
268 B 39ms
37ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://t.ly
Date: Tue, 05 Nov 2024 07:22:38 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
268 B 99ms
98ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.26 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://t.ly
Date: Tue, 05 Nov 2024 07:22:41 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241030&jk=3556760877720080&bg=!JySlJGvNAAbaVSD0-lU7ADQBe5WfOA7_abtoeyV2rz6xiZhT2v9K0Qd6fTikrSoorHT7WrddQs--YMoIVNiXidVdJxCeAgAAAHNSAAAABGgBB34ANsURI4_-lRzMmhJznaRJ65KnrtWfZxCIxxAoZSZfRX78oVGbRwMqb5L0lBdKxPwDid2PVzj50woAKimbtI5v1mgqkzIrbe5TOZAJBjfRbaTdybQeuEzuxDJ-kr_agoh5BCvdHJkCmU-9n55IMxFJYn7emlWQ67i-_GGRFRv1435mx9AIlE8j8TirTrIM2aWO6oVXCSlgPX-ITVIzRMuWPMyouEblk7TV2G9NcooUnuR-iCatMXcJN7-xr7SBlB0C8ozAwlGb0Nl7M-POzPo5r3mxT29qna4wCXFrVn3bgrTQicD7lGquIHdQJVvwwORXUv-E2Nd5OhNQhdcbD0x2FmPy9T4xByILBff4HDf7dVRrOsUCRRl0F7DZ934qdue8f9XiE2l5S4p2xeAtIZsehXmrCg8i1iaP5XU9TxH_MAU-I2yKnEr20ZLvDbYr54R_KFh3c1KKYSSkGyJq0kOXW5sWM829kVw5pI56QpSwEYbKOsei7RiJCYqVDQXH-tH3x4f7xuihufUgTxecOEj89OBoVFTJp6B2bamw2FnNbNB6LnGbJ6Rp_35uDrmPprXcI7HRK-hrIGV3bBKtZOaTaYlx7JLsxG71e1Gz96mZyJW25m4Ri7fNXSmTBHQ-qgZAM6H8TK0ZCVyIgKQRGLMBI5C_VRxptl5QF9RVymJ5tYGX77RNgBSsOAvFG3LNeXQD5ixE-9Kho8gO-uginoirk_tJDAa4TyevKAG763LAxR2_INF_P2qmp5DQK1swshZ7kj07WbaO2eNPlEO6DfNXo3BfEYMy4bQ0uIAkPt5m0X0qsuw5EZngBq-v7DxYQpcOX5LTzOMK5vcLZ8LbXBGXfeny4tgFSBA6fsyyr9SR4t4dgE5GQXMQWY_LAe8trom7XrThcgNO4HVpPB6L4FFsaBKqDQaNYOyVvzDouQbOTmUfvUsTVNcMk7UsCV2tVUe4ZS4ZbT4hv1aDLdO8ou098pAZFQI5yRMfprE8BUAQaCI3JiYDiNoyH0k0DzQpC8Ob

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 05:05:43	Name: _GRECAPTCHA Value: 09ANOXeZxcWG0kg3OMG3KkzIRLNowJZu6h7P60kr9ChtxOzwJ3onkMov_ulnbTG_v-mgCBAPA9iZ4qOy6ma473pnI
.t.ly/	1970-01-21 01:06:40	Name: XSRF-TOKEN Value: eyJpdiI6IlMyOWlxVzRqMFhRdHlDYVlUYXdGalE9PSIsInZhbHVlIjoiTmhXb2dUdkl3Q2dwbHpMUGpKY3JlWm9Helo4OXlqdnRqZ3dHODl0RFpndUlSMkgraHhnL2tFUzIxRzI1VktFcTNQekd5eU84ZU14M0NrS2dodm5ZYjNVZmpkRzRpVmJ5bmFnL3ZSSmJlM1RUdjB3aXVBRyt2VXd1bjBCSXRHYTYiLCJtYWMiOiJlYWY0YTBmOGY0YzM2ODc4YmZkODMxZGQyMjEzNWMzZjQ1Nzc5NTFlYTM3YWU2ZTkxNDc1NTNlZDlmZmRiNWM1IiwidGFnIjoiIn0%3D
.t.ly/	1970-01-21 01:06:40	Name: tly_session Value: eyJpdiI6IkhWVFc0SUphQktBTHVEeW8vYW9IU1E9PSIsInZhbHVlIjoiNmw5bm44d05mUHJvcVFpN2NEejBlYXlYSVk0TXhRMDBzNmIxdit5UjI3NkxmanRhNzBzY1YwS1dGSWdNdlZWcHFsTmdtSmNEUWprQi8vK2plb0pKODBqcUpsUG1sb0diZ3BhMjg2Z3VpSnhnNHlpUWhKNUx1RDhLeHRVOVB3WC8iLCJtYWMiOiIzNDI2NmQ2MzJhYzVlZmNiNjg1YzhlYmNmZGVlNGIyMDE2MDA5ZjdjZWQxN2UzYWY5OTQxMmQ5NzZjYmVhYzkyIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-21 02:56:07	Name: _gcl_au Value: 1.1.1487511585.1730791355
www.clarity.ms/	1970-01-21 09:32:07	Name: CLID Value: 5cc923ab74dd4e009241c01909598e23.20241105.20251105
.t.ly/	1970-01-21 10:22:31	Name: _ga Value: GA1.2.1501260936.1730791355
.t.ly/	1970-01-21 00:47:57	Name: _gid Value: GA1.2.1564364079.1730791355
.t.ly/	1970-01-21 00:46:31	Name: _gat_gtag_UA_89207177_8 Value: 1
.t.ly/	1970-01-21 09:32:07	Name: _clck Value: 11p9pwv%7C2%7Cfqm%7C0%7C1770
t.ly/	1970-01-21 00:56:36	Name: userTimezone Value: Pacific/Honolulu
.t.ly/	1970-01-21 09:32:07	Name: cf_clearance Value: VXSAegEnVjGZyTGq_YRRgpxdU_W47B1b2eBLO9IrBl4-1730791355-1.2.1.1-hrrUKsMgx8SXJdS8GSqweptvy.6aGZEawNF9_fJyI6UqmPQhW.BArUmdlyCDV.dQPh9sFKncKUJnYW8RxCDsPPNF1_Wg9sjkzOyHMPJIq8yYNEJaIqCOn.EkinAyUka80t1awqVl9fSeoC_jLUPAr77Unx5qSbEFmB4VSfelqLJvAxWQ2x51WcjgzwSKWoZaSqGfTBuXXzstDPt8JSC43BYfR91TseYG0MJLKD17g3V.UBDwwV.Si1tMcPdIyNcJvyJiG7Tr_O0g1tyMgWqVh.L3nw5TUnm8Y5ELaATaMnYwJyx1R5frDTmd1GmCI_.v16VpwpxVIVO3rgEqx2qyEhd0zyvTdsUveLg2qOsh9aX_HQ1RQcDiG7tu46K54bqdm9gOQk_af_8.gBEpcLnkiA
.t.ly/	1970-01-21 00:47:57	Name: _clsk Value: 12z0l7g%7C1730791355614%7C1%7C1%7Cb.clarity.ms%2Fcollect
.bing.com/	1970-01-21 10:08:07	Name: MUID Value: 1616CAE450D86F630B08DFCA51B76EA0
.c.bing.com/	1970-01-21 00:56:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:08:07	Name: SRM_B Value: 1616CAE450D86F630B08DFCA51B76EA0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:08:07	Name: MUID Value: 1616CAE450D86F630B08DFCA51B76EA0
.c.clarity.ms/	1970-01-21 00:56:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:46:31	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-21 10:22:31	Name: IDE Value: AHWqTUmGjMuNy4V9Gq4o6fSzhtsb3-1fF8DFslwxWPEpyOINdPKqEhJMTcHsg2ynxcg
.admaster.cc/	1970-01-21 09:32:07	Name: __mguid_ Value: 9e90f00b9f7bac0b2rpqh600m344hiiz
.ipredictive.com/	1970-01-21 09:32:07	Name: cu Value: 5ebf940d-0db4-440e-a57c-29c5f93b353a\|1730791357493
beacon.lynx.cognitivlabs.com/	1970-01-21 09:32:07	Name: UID Value: 38d1a7d4-5ce5-4351-8a64-ec0d36df64c4
beacon.lynx.cognitivlabs.com/	1970-01-21 09:32:07	Name: ss Value: tx2KXOivYch6QNzOMnxVeDOGwuAtNG4YxyVHrOzPbRbU0XkecpfnHlPPpQBHlfzJvgfeJE75u8ox3G0tS4Q9Vg%3D%3D
.t.ly/	1970-01-21 10:08:07	Name: __gads Value: ID=d62dbc711b7ee72f:T=1730791355:RT=1730791355:S=ALNI_MZFhGHuxGj6xiipIAp-cnON0l5mJA
.t.ly/	1970-01-21 10:08:07	Name: __gpi Value: UID=00000f5a7ffc41db:T=1730791355:RT=1730791355:S=ALNI_MbI3NkGJgeHCWRZdsbxLq15_Di02g
.t.ly/	1970-01-21 05:05:43	Name: __eoi Value: ID=683840037c790959:T=1730791355:RT=1730791355:S=AA-AfjaQAfwRfkBWKRBpL8nuHfdx
.mfadsrvr.com/	1970-01-21 09:32:07	Name: tuuid Value: b056ed5a-07e3-4c82-8bfe-7340eb562ebb
.mfadsrvr.com/	1970-01-21 09:32:07	Name: c Value: 1730791357
.mfadsrvr.com/	1970-01-21 09:32:07	Name: tuuid_lu Value: 1730791357
.onetag-sys.com/	1970-01-21 10:16:18	Name: OTP Value: QIif_VY8WRnvUqnCLvxNOj55oDM1j6dZ-AClqg_96pM
.t.ly/	1970-01-21 10:22:31	Name: _ga_W1D48QS4F7 Value: GS1.1.1730791354.1.0.1730791357.0.0.0
.mfadsrvr.com/	1970-01-21 09:32:07	Name: ssh Value: !google=1730791357
.adx.opera.com/	1970-01-21 09:32:07	Name: UID Value: OPU41e1619c4f8a4342ac520567445ef994
gtracenep.admaster.cc/	1970-01-21 09:32:07	Name: cst_44 Value: ts=1730791357
gtracenep.admaster.cc/	1970-01-21 09:32:07	Name: cst_70 Value: ts=1730791357
gtracenep.admaster.cc/	1970-01-21 09:32:07	Name: cst_78 Value: ts=1730791357
.creativecdn.com/	1970-01-21 09:32:07	Name: ts Value: 1730791357
.creativecdn.com/	1970-01-21 09:32:07	Name: g Value: cicregB9xaP8JfwjhpiJ_1730791357622
.adsrvr.org/	1970-01-21 09:32:07	Name: TDID Value: 68d0d1c6-b990-4299-9d16-6642a17b1c41
.teads.tv/	1970-01-21 09:30:40	Name: tt_viewer Value: ee984c36-b622-4784-9003-a0d0908440ce
.mathtag.com/	1970-01-21 10:12:26	Name: uuid Value: 11546729-c7be-4f00-bca5-1db9b19b8d92
.mathtag.com/	1970-01-21 01:29:43	Name: mt_mop Value: 4:1730791358
.adsrvr.org/	1970-01-21 09:32:07	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIorOPipXdvj0QBRgFIAEoAjILCKyqv7ar3b49EAU4AQ..
.linkedin.com/	1970-01-21 09:32:07	Name: bcookie Value: "v=2&99f1f030-bd04-4738-892b-9b3a7b33dbe5"
.linkedin.com/	1970-01-21 00:47:57	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2912:u=1:x=1:i=1730791357:t=1730877757:v=2:sig=AQGf3cj2khDmQO2DDwUvaupD8aYWzyd8"
.casalemedia.com/	1970-01-21 09:32:07	Name: CMID Value: ZynHvUt3uXIAAHL3AN9xiAAA
.casalemedia.com/	1970-01-21 02:56:07	Name: CMPS Value: 159
.casalemedia.com/	1970-01-21 02:56:07	Name: CMPRO Value: 159
.travelaudience.com/	1970-01-21 10:15:19	Name: _tracker Value: %7B%22UUID%22%3A%2216A74098-D8AA-4529-0B70-0560A5C69075%22%7D
.t.ly/	1970-01-21 09:32:07	Name: FCNEC Value: %5B%5B%22AKsRol_dNet2MMLwvoBcb5WAc4qfPToDdezImmwBdtBROSofC0_o8a8nhh7CGBk1E3LJtOCuJlhGjHSpHBjPVR_BzHclYY6pxRHsdTwL0SNqKKOo6GvFKGFgy4dDp8VkFCPxfxNnckNADVevQMXI9EVqRJu_qZuj6A%3D%3D%22%5D%5D
.adnxs.com/	1970-01-21 10:22:31	Name: receive-cookie-deprecation Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.ly/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.clarity.ms
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.wdfl.co
read-see-mo.re
static.cloudflareinsights.com
t.ly
td.doubleclick.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
ep1.adtrafficquality.google
168.220.91.95
20.110.205.119
2001:4860:4802:36::178
2600:9000:2840:800:1b:348c:b140:93a1
2606:4700:10::6814:785
2606:4700::6810:4f49
2606:4700::6811:180e
2607:f8b0:4004:c09::63
2607:f8b0:4004:c09::6a
2607:f8b0:400d:c01::84
2607:f8b0:400d:c01::9c
2607:f8b0:400d:c02::5e
2607:f8b0:400d:c02::66
2607:f8b0:400d:c02::9a
2607:f8b0:400d:c04::61
2607:f8b0:400d:c04::9a
2607:f8b0:400d:c0f::9a
2607:f8b0:400d:c0f::9b
2620:1ec:bdf::40
2620:1ec:c11::237
4.153.129.168
04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397
051c4c027e19afd34337bba066ba2059a8e0307516e31db173681243b9e90e2c
0562e5674602291ce06869880ed86b2b9d26ae26f17d25f9587c7ae26f62b6b2
065614fd09985146ad28e77c62b36f7dc1a32ca09621e5037f413068fbbad399
1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1
15df9e8b8a8fd11dd1740670119ffec8fcc17119ae59193c11952f6c7063a05c
18708d141cdbd2c6b4891597624de947d01b73c84e9b9473425abcc1d6188220
199732a53163015e51ed750c0715aaf3754011671e0a98d349a3a73b3ab05542
25648abe5b26a8794cc19dc6108c0819680711f1547300525ba77382accb8e5f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3b05666618c5864534ed4cf929bfb031ea0732b5906abe19a4a75cd997dd2a70
3d5c3adbc4c857fcd9dc167d3b1c6b5f956b35f361d45445aba03a9ba119ce83
3d9735a256e9c2cbddaa80f1b7a5bcaba6302a769e9820e26ca3f1d46e79034b
56f2090dc01c9583ac75c5f27900182747b1a3be73856c20356cfd7c9ac505f7
60d88f0f7c8509413def7de1a31b17c6afee1e794e6617eabef0c34574fd5728
60ee76d5ff0269d5a22a8f16f148e0a2f2b894c89ae79e7e2dedbec05144145f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863
6e5ad264da8d0e8ef57522e7c57f04cce1595c40f1aaa1e3957f241ad7ed0428
76be77ad68457825421655fea7b74a5dce8fb1956297593539bee730b44ed4c0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e6f64d8352dccbab8d88b6422ffc1feae82c27aa0ad01c1758faf534b7ca3e3
7f1ec9dc38ac9d533fa5e502efacf7cdbc9c9565b013836745565d54000ed2c0
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e538a6b0a01ab71d6d923728d868ebb0db3218d2f6115fb2db3f1247a380758
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a62813caeeda571a57fe35e4276edee70591b15130207970c495bb43a3ff86c3
a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6
bee5e950e05d2ad402b13cd1579f7d2588c150c48290e1d1f7544bfadffce728
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
db0a6f59af0c4150ae85d022499c684f222a25addcb1605a55394b043a66019f
de1f4112a9aab018326e7eb662dfe439c4f19f952e09cdc139ac940a3b02aa86
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84a8e0e50c3d1bd3063fa450cc5f85bf551e84bfa10d0d606767443989dd7a6
ea0625c9401d98fb2dba8459be477fd4763d56841359206cb83bcc1af40d5cfc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3802f67ab9272e65cf29cb31b55943dbcec6216de0e8e51e562c05feb6242c0
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fded4b5989d45a910e578f7265063d67c86d12489692072a761be64a13b78aaa
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

t.ly Open in urlscan Pro 2606:4700:10::6814:785 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

86 %IPv6

14 Domains

19 Subdomains

20 IPs

1 Countries

2219 kBTransfer

6086 kBSize

52 Cookies

4 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t.ly Open in urlscan Pro
2606:4700:10::6814:785 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

86 %
IPv6

14
Domains

19
Subdomains

20
IPs

1
Countries

2219 kB
Transfer

6086 kB
Size

52
Cookies

77 HTTP transactions
1 data transactions