surl.li Open in urlscan Pro
2606:4700:20::681a:413 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://surl.li/xdhx
Effective URL:
https://surl.li/xdhx
Submission: On February 17 via api (February 17th 2024, 10:46:49 pm UTC) from US — Scanned from US

Summary HTTP 133 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 133 HTTP transactions. The main IP is 2606:4700:20::681a:413, located in United States and belongs to CLOUDFLARENET, US. The main domain is surl.li. The Cisco Umbrella rank of the primary domain is 794332.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.

This is the only time surl.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:413	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
6 8	2607:f8b0:400... 2607:f8b0:4004:c09::69	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::68	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:c0ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3 21	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c06::64	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
6	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:215... 2600:9000:215f:1c00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.90.254.78 69.90.254.78	() ()
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
133	18

1 2606:4700:20::681a:513 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:413 (United States)

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c09::69 (Washington, United States) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::68 (Washington, United States)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c0ea (United States)

ASN13335 (CLOUDFLARENET, US)

web-screen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c0b::9a (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::64 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:1c00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States)

ASN- ()

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	796 KB
28	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	189 KB
19	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659	71 KB
17	gstatic.com t0.gstatic.com www.gstatic.com fonts.gstatic.com	209 KB
14	surl.li 1 redirects surl.li — Cisco Umbrella Rank: 794332	527 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	22 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 640	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 513	1 KB
2	web-screen.com web-screen.com	18 KB
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7175	598 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 632	363 B
1	acuityplatform.com ums.acuityplatform.com — Cisco Umbrella Rank: 1440	27 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 906	727 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 964	760 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	83 KB
133	17

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	surl.li pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	surl.li	1 redirects surl.li
13	www.gstatic.com	googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	www.google.com	6 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.googleadservices.com	surl.li
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google-analytics.com	surl.li www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	web-screen.com	surl.li
1	dsp.adkernel.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	ums.acuityplatform.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	um.simpli.fi	1 redirects
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t0.gstatic.com	surl.li
133	23

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua
posta.tmweb.ru
secom.com.ua

Subject Issuer	Validity	Valid
surl.li GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
web-screen.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://surl.li/xdhx
Frame ID: D7A017178208D50AA9D3B359D6942B85
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: AF3AE4DE42AAE15725E533C1865F0C90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1708210004&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fxdhx&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004107&bpp=12&bdt=204&idt=164&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=636734432385&frm=20&pv=2&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: E8DB3D2F29FE54D22A9CF371B75C45B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=940430000&adf=995855647&pi=t.aa~a.1280646152~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708210004&rafmt=1&to=qs&pwprc=9566348750&format=1140x280&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004119&bpp=1&bdt=217&idt=177&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=180
Frame ID: FE66C1505C220487108B291B0FF7636D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6821564864D8D2443BA4F84E9F7B382E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75
Frame ID: 22E325F3E7C17E15C2A469F53E28C518
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1229&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280%2C1200x90&nras=4&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=81
Frame ID: 74B4CFC2206B0CFC2F68CBCDDE739D85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 256AC36D737D93B6328DF4FD8E10E468
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7529873BDBB182EA972EE5B567177363
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 63C9858678C8FCBDC02DB7C22D9BA40A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 4F243FA9248E99450254C97499460B9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF97FC0539C99735E78F28F272C064D9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9C97D509F5908EEF5DD5F502483E0A45
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9912F79DAA4428F4F5D48AAE4AC320AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 51ED5200C7E7118CC53CD1D27E14FE8F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 7BFAE98AF9E1B7DFE6726903A69A39F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1AC579653410781A1805BE24C3F6343D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 507501FF6EA69A254209768F4E113D41
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 63FD7DE0383249F9ABA4C2FB72CA1FCA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: A1CA027AD5F395638B06AFFD4EAEFF8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F777DC2A4F448C0E89D18C6E78144BB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 51CE93B19CED0D683AD3B6B93A88EE9A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surli redirect page

Page URL History Show full URLs

http://surl.li/xdhx HTTP 301
https://surl.li/xdhx Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

133
Requests

93 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

18
IPs

3
Countries

1922 kB
Transfer

4930 kB
Size

22
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/en/vpn?utm_source=surl&utm_medium=menu&utm_campaign=menu_button&utm_content=menu_button
Title: Buy VPN

Search URL Search Domain Scan URL

URL: https://posta.tmweb.ru/postaleservicefr
Title: 4 Go to site

Search URL Search Domain Scan URL

URL: http://hyperhost.ua/tools/terms/term-en.pdf
Title: The rules of usage

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/hosting
Title: Купити Хостинг

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vps-vds
Title: Купити VPS

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vpn
Title: Купити VPN

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/
Title: Hyperhost.UA

Search URL Search Domain Scan URL

URL: https://secom.com.ua/
Title: Secom.com.ua

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://surl.li/xdhx HTTP 301
https://surl.li/xdhx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.google.com/s2/favicons?domain=https://posta.tmweb.ru/postaleservicefr HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://posta.tmweb.ru/postaleservicefr&size=16

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 47

https://googleads.g.doubleclick.net/pagead/adview?ai=CPElfVDfRZYHfGI6n4_UP-faiiAPQkMXQde3crYOYD8Pk8_0IEAEgz8ndb2DJ7o6LwKSMEKAB_ZKK_QPIAQGoAwHIA8sEqgTPAU_QB_6g4NxdPeL0sXzEeOMEzHTnX7GJiBkosVYFiPORx5JJsstBqVYVrbe9VrSr__NAQdDB-A7Dq7tZSyKqWz5axp40nM6mjCVqscn7sAcv8JU01eBLgjj5M8X85MtYdS5LW7PEMlxCJIJLVkkSSbcVuBnwrYBb4FYsetr2j_UYE2p3v9-2Jm0LDq6bndLQ_Sm-27wwFpb5JxVMtj0t2dqkxC1TrnIjufY6iTqOlPai3-6AlUIpXNBY-6uveKcZ0RCdQCs32mq5LIIHea4gDcAEl4zH140CiAXBp47uBpIFBAgEGAGSBQQIBRgEgAemtpwyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQjbQs0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WJvfjJS6s4QDmgkpaHR0cHM6Ly93d3cuanVzdGFuc3dlci5jb20vc2lwL2p1c3RhbnN3ZXKACgHICwHaDBAKChDQio7b7b3tqRASAgED2BMLiBQC0BUBgBcBshccChoIABIUcHViLTUyMTM0MDcxODg0MDY3OTAYAA&sigh=vnkyYGTSZB0&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_XO9mHgyyzMtpg89HVxbAxVyLeNTPxBdnXzbSXs1f6o2fA2lbxMKgsWKHwWiWmhSW_yCNdDlj1sy43nzaZeu36dQdoaSRd-N1dqMYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071ff0eb8608d40000000000000000%22,%224%22:%220x2793db76c61bd2880000000000000000%22,%225%22:%220x60596d4a18dd92340000000000000000%22},%22debug_key%22:%2215455362349327972541%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215049623935625533473%22}&andc=true

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://googleads.g.doubleclick.net/pagead/adview?ai=CloQpVDfRZZfVGJby998P6Kq0uALyx8qddN3znJGwEezI__jbKRABIM_J3W9gye6Oi8CkjBCgAffLuMICyAEBqQJsw2wBXt5JPqgDAcgDywSqBM4BT9AEHK2fkfWKPPrpyHfgHRnGql66Egbi7z8t_Jje3O5m7ChXIj13EGIpVWGIHcRk8jQkaVX5eIne_uixfJvSNV-1TxB30SCI2pOwfCSxspKGHTSTsy7c5gwjqSSxIhoEiruX8E6RgcyN4tsbWpRdhVm4VqdLO1dN44zAEm1NgZ-tkgkbJr8CzUDvyk95L6XWGvt9Paze2BODPL6k5QlmMl_30CLTxG0CrAlX2na9YL-l8AGPads6FdBsCkrpQH3-GQXiei-znYK-nUIO9m7ABM3Pi7vcA4gF1fuQnjeSBQQIBBgBkgUECAUYBIAH8bPHvQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBDMpxXSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYr9OMlLqzhAOaCVBodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL3NlcnZpY2UtZGVzay9scC9zZXJ2aWNlLWRlc2stc29sdXRpb24uaHRtbIAKAcgLAdoMEAoKENCm0q2p__GAGhICAQPYEwKIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNTIxMzQwNzE4ODQwNjc5MBgA&sigh=mV8TfYTI25Y&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_Bx2yxGQhuOkX-YbhD_TErmQ6C0F4eitHArDUX_4knTSpt_82XoMgWbYbzga1b3XSV6UBwspzz6PEhpYUBwsMyWqo30y9DUWwjqUYAQ&template_id=5001&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87a914ac2c6168880000000000000000%22,%222%22:%220x55a872bd1b58edb90000000000000000%22,%223%22:%220x2cc69d43fa6f55dc0000000000000000%22,%224%22:%220xb62c82832fdf15090000000000000000%22,%225%22:%220xbdd8d3f57829e7ec0000000000000000%22},%22debug_key%22:%2211945134226844178400%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213997440363629963729%22}&andc=true

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://um.simpli.fi/gp_match?google_gid=CAESECB29LrUvTbOkRJyOkxv5CQ&google_cver=1&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3vmSq0nu6U3SUe5w2zHLbFyRhH8GOjGSm2dV0JPHYW4YNG7Db10nf01ORQmch_-Aq8dxeCc8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=996212BC2ECB4CFA98BF41069418ECBF&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3vmSq0nu6U3SUe5w2zHLbFyRhH8GOjGSm2dV0JPHYW4YNG7Db10nf01ORQmch_-Aq8dxeCc8E

Request Chain 105

https://d.agkn.com/pixel/2175/?google_gid=CAESENjQC32leSYVI8JtPAywZWM&google_cver=1&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5EyMhUEuO-l4-smjt933-iG3T3WZe1EmgTRnoy6L9hAweM_77dl9oy6iQX-Gk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5EyMhUEuO-l4-smjt933-iG3T3WZe1EmgTRnoy6L9hAweM_77dl9oy6iQX-Gk&google_hm=Q0FFU0VOalFDMzJsZVNZVkk4SnRQQXl3WldN

Request Chain 107

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu3mmjXKf2aqAkr2Ky7BVILFuj5wQ5j2DL2hBNgBiRCiQECS1P-vB5wJ7MYoSQsxcD84NZy8 HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu3mmjXKf2aqAkr2Ky7BVILFuj5wQ5j2DL2hBNgBiRCiQECS1P-vB5wJ7MYoSQsxcD84NZy8&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=k4R-c0MxudXd5CFhG5taTKlCi1onw10rviGC7lu0jYY&pi=adx&pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu3mmjXKf2aqAkr2Ky7BVILFuj5wQ5j2DL2hBNgBiRCiQECS1P-vB5wJ7MYoSQsxcD84NZy8&tc=1

Request Chain 109

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP9bP6SJ7C4LyfFeR0py62Q&google_cver=1&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF9GEe37u7vUseigpcL0qnsyFNq3kZvQATzpA0GPK1QQnGPwo1yO77MnxImAEzl84VNJRTabtT3BzbzUs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP9bP6SJ7C4LyfFeR0py62Q&google_cver=1&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF9GEe37u7vUseigpcL0qnsyFNq3kZvQATzpA0GPK1QQnGPwo1yO77MnxImAEzl84VNJRTabtT3BzbzUs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgyNDE3MzAzMDc4NTU4MTI3Mg&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF9GEe37u7vUseigpcL0qnsyFNq3kZvQATzpA0GPK1QQnGPwo1yO77MnxImAEzl84VNJRTabtT3BzbzUs

Request Chain 110

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAY7l3b382RGqYlWXVsKu94&google_cver=1&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86MVhVv7R48Pk1J_NcIXv--r4PCGXnJd1u05Dj12eFoBEPikKRAfUqUJevyxsgvmMM4aWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM2Njk3NDk1MzkwODg1NDE2MTI&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86MVhVv7R48Pk1J_NcIXv--r4PCGXnJd1u05Dj12eFoBEPikKRAfUqUJevyxsgvmMM4aWQ

Request Chain 112

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Nt0VTfRZb63EMjD998P2_a46ALQkMXQde3crYOYD8Pk8_0IEAEgz8ndb2DJ7o6LwKSMEKAB_ZKK_QPIAQGoAwHIA8uEgIAEqgTOAU_QB8hPnSxScF2KCfIkCBHKB3a4XS8HQ2JUyvQAG29yxerlPf8n-gvAvnVmNolhNX92NR-qC9Ev1cFm5kCXM-QL6WmcaGkd6aQL9XiAALUt0HUbmbj23vkTcsp6CZZG2uAA49niUsxYYItpH-ZG-H-xHqPerPBbtgfBnkkQ_GNyvQg7XDeuMGrT9bGwT3ZU2Ts1xwGN6wxoMOCYioofLTyoXZc_Oj5vvQL5ih03IxXh2dbfNxuMIt8F8NNiybYEL03U8DeqiY92MO2cz9WlwASXjMfXjQKIBcGnju4GkgUECAQYAZIFBAgFGASAB6a2nDKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBDb2APSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYzcXBlLqzhAOaCSlodHRwczovL3d3dy5qdXN0YW5zd2VyLmNvbS9zaXAvanVzdGFuc3dlcoAKAcgLAdoMEQoLEODi6baqh8uSzwESAgED2BMLiBQC0BUBgBcBshccChoIABIUcHViLTUyMTM0MDcxODg0MDY3OTAYAA&sigh=Fb3Jfk6C7L8&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_E4ORR-OasKdlzgEnm6bgI-IWGJyaMOdls3uDSr8glaYOY4Ckpdwtla_OkvwS_YNroCvTXQGS2xgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071ff0eb8608d40000000000000000%22,%224%22:%220x2793db76c61bd2880000000000000000%22,%225%22:%220x60596d4a18dd92340000000000000000%22},%22debug_key%22:%2210615366564283607786%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214301650262571339601%22}&andc=true

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request xdhx Show response
surl.li/
Redirect Chain

http://surl.li/xdhx
https://surl.li/xdhx

13 KB
4 KB

471ms
406ms

Document
text/html

2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

2c67c64566ce98ba75c5441ea3591f8735d17727e6056917278ec85cb4a500bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85719169ea514bcc-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:46:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkp%2BrYAe07vyzqB9u9899Zlf2GCdaZz%2Bv0Wlufuxs1uOr62l4BjonWl3PL5ta8PbLApEw%2F8kCehss9AOvwzZhkVQfkvogTbJPQm6WLslDnPkA8znv7qm8t5apWJlw%2FE6QWncdTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.15

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 857191682ea94bbb-BUF
Connection: keep-alive
Content-Type: text/html
Date: Sat, 17 Feb 2024 22:46:43 GMT
Location: https://surl.li/xdhx
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52aZBMRyvmOE3N5gbGvtJY46xv%2FVKNMdSPbdaEKrVwyDmrzIROhBWAL1OuFSktJ8YEup64P3LDexfau1Zj6lWfybcf1uEwFydv%2Ff7jVQMRdAj3iHM4JWomKtqR07nGueRpPfPKY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 app.css
surl.li/css/ 158 KB
27 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/css/app.css

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2d6323ec235556eb2cd441c849220e38f271eea88d721083f05db92a155322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-2794f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoKUnAF30uOoIugHZMl5CdUsg4X2bq66StD3Mio%2FeR1wwHMJk2gGRxh8%2BBfHa885Gat0AyAzvOZV%2FkucIFQm%2FAL6VL%2BMOPm%2BeNQHTxwx4OQYrVkwYPQoFTYRj%2B%2F1YPaCI0cf%2BJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c7bea4bcc-BUF

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 138ms
72ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cadb0f5a85b0e3379f8a3d39e862a3958aa3c2143605153ebb6f04717b2de04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51585
x-xss-protection: 0
server: cafe
etag: 7206489655798786134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 22:46:44 GMT

GET
H2 200 surli-logo.svg
surl.li/img/ 9 KB
4 KB 39ms
38ms Image
image/svg+xml 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/surli-logo.svg

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: W/"65c61d4a-233d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOWOJ6S%2Bq4vI740BVE09fHLSABAVDZfNTp6x%2Fvc76bk5JwyGNY03Hwg6n4XpgiU9vdF1FGF7PvymKCwscxn13LlLnao5RI1pix2GdduOhq6nQFY7Ep5A2DbXQqHEOUAtCZYQSGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c7bec4bcc-BUF

GET
H2

404

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://posta.tmweb.ru/postaleservicefr
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://posta.tmweb.ru/postaleservicefr&size=16

726 B
917 B

196ms
93ms

Image
image/png

2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://posta.tmweb.ru/postaleservicefr&size=16

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Server

2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Sat, 17 Feb 2024 22:46:44 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://posta.tmweb.ru/postaleservicefr&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
expires: Sat, 17 Feb 2024 23:16:44 GMT

GET
H2 200 plug.jpg
web-screen.com/img/ 13 KB
14 KB 108ms
36ms Image
image/jpeg 2606:4700:3035::ac43:c0ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/img/plug.jpg

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c0ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1690
alt-svc: h3=":443"; ma=86400
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
server: cloudflare
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRVADPZdUgv38C1THZ4LUe91zNFf4UrHVoVaHbsUjfwb7gvYu8uI1Pp9ThAdYLIYrPEof66YdtILXCghnBoalcCucgmdc6s%2Fk8yat94hiGwQ1I2SqFQT%2FD7to71oAsaicQKV%2Fy5Nv6soH%2B7gyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8571916cec254bc6-BUF

GET
H2 200 pc-rouded-icon.svg
surl.li/img/ 20 KB
15 KB 39ms
37ms Image
image/svg+xml 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/pc-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: W/"65c61d4a-4f3e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxAIOGJCOSY3OMwWOufzB4bE8PHsKuOLtGvZDokZfY8utvGc7xjIq%2FAV6fu1Saj06EMYZkgRSftaIhJVeP5dF0yf843zae8oKmXRcxzDS5nYTjKdckuiN8TK%2FAEEM8BQ44RHWKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c9bfa4bcc-BUF

GET
H2 200 gears-rouded-icon.svg
surl.li/img/ 4 KB
1 KB 42ms
40ms Image
image/svg+xml 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/gears-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: W/"65c61d4a-e1f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiclyKsBE4ail9RLZTF7p1LfQwhledaAWi7I2x43XeMqj%2BYHMyNhr3C5s20dW8L6yMlysZmTfSqOkr5TtX9v3hIspGwTqWuhyhARTgk6Pv5H6Axsd9CI4JZDThbA90AtxyQX9NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c9bfb4bcc-BUF

GET
H2 200 planet-rouded-icon.svg
surl.li/img/ 5 KB
3 KB 40ms
38ms Image
image/svg+xml 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/planet-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: W/"65c61d4a-1574"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74jUWEgk1mdlecwZAikfr8lBwjMZLYqCBHQJOjFPr5uSCz4OLm0tQ7TkcDjh3xa5ZxCZJoHZBLTTwO0wWITYmN%2BhpUe0%2FR2NJImrIuBeZMrvP7G0H5rFzM2newq6E2HTL1n6K%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c9bfc4bcc-BUF

GET
H2 200 app.js Show response
surl.li/js/ 186 KB
61 KB 53ms
52ms Script
application/javascript 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/app.js

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ea30badf267e780878a8fdd63da55c8b8e6ea39d3f1b122855ac01c02d3db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-2e9ad"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXSuY8eYGd3QmHHRJiv9BMnw%2ByEFS6jrKcSmh6S3aLUE01fx4KOBI9wci%2F44wACbtclAart0kS%2BiwuYuQkMu32wRFdhbGDO2cyworNKMZeOlyUVmjdgaoM0vj4athsedHRdYXoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c9bf84bcc-BUF

GET
H2 200 preview.js Show response
surl.li/js/ 88 KB
32 KB 42ms
41ms Script
application/javascript 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/preview.js

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6dfd360ccbae2e81dc8f69b9c561e99e7034b0417b2a0bcbc85c2ff629ab6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/xdhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-160f5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkSODq%2BffTe70mra8jGbI049f77vzZZZyRYGOZkSh9SqMmVhMe0CEyNcF1%2FilnmTHmKcsY%2FymZGD3mTRGWj3w2SkiDBethIHiTqaGqQiodzP0CjzewXXO57EeQMYpi1XIml3jCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8571916c9bfd4bcc-BUF

GET
H2 200 NunitoSans-Regular.ttf
surl.li/fonts/ 136 KB
136 KB 51ms
51ms Font
application/octet-stream 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/NunitoSans-Regular.ttf?a427ddbe4dc20889d6e0ac752dce4bea

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7acb3e456d98d55be401bb07a32c9cb04e074de37bd58932b11bcf0fe9f59ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-length: 139168
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: "65c61d4a-21fa0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw9OmYlPNhpmUgGVdowthzKyplcSQYDvSieLJz3xh4lr5xVo8Dk%2B%2BmllgNa3wRVKjj0dbgmp576e4P1raAu52nloor4Gr95PhqxCBJ4fJfiVynlqiuGn1o81eh74P6Y7X2Ii2Og%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8571916ccc184bcc-BUF

GET
H2 200 Roboto-Regular.ttf
surl.li/fonts/roboto/ 127 KB
127 KB 45ms
45ms Font
application/octet-stream 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/roboto/Roboto-Regular.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-length: 129584
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: "65c61d4a-1fa30"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncr7UogXKEimBQu1sxnrm6Q98Xyu5X7j2o4rYf02pfZAIg4JzwyUcYwJgzVod7A5tW162IIJlZqE9SHNHcLU2T0PScW8BxgrVpEO%2FFh4pRLe8gbEER6hw33orqCIwIDp16LQAao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8571916ccc1a4bcc-BUF

GET
H2 200 Rubik-Medium.ttf
surl.li/fonts/rubik/ 113 KB
114 KB 49ms
49ms Font
application/octet-stream 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/rubik/Rubik-Medium.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689
content-length: 116056
last-modified: Fri, 09 Feb 2024 12:40:42 GMT
server: cloudflare
etag: "65c61d4a-1c558"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5cdSf3UUZnt8jlisOB264Itj%2Fn3QRsFBQbI%2F%2Boh4LJoaU88eYZIEyx%2FH6iUnjXf0VWnnDfIbsg9ZhbYo4Kky%2FVpB3LdZL3j%2BWrfelL%2FJXWNpTGo%2B48kTlb7xIDh62g4%2F0wHD6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8571916ccc1b4bcc-BUF

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
26ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 21:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 17 Feb 2024 23:51:42 GMT

POST
H2 200 getPreview Show response
surl.li/ 100 B
1 KB 266ms
265ms XHR
application/json 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getPreview

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

5efd810822d26a7e6a5a91fb7cfefc5dad4b3080461329d06260473027702c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/xdhx
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: enBItaKvFsOb29bt9sNCclNUH1K4uAOtulFrHjYk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/8.2.15
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcmvHqfVQ46f82ShhdbZqXaOBXoI5kDvr1XvMCoKRsT7eSOCwBZ3VkeVtNXUAJP6EMBxPTK41l4PzJAui1OZgTZy18f7lkxio9mWvKpmgIO9q4gIivqmBkZoRCPqN5embJGfJO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 8571916d5c754bcc-BUF

POST
H2 200 getMetaInfo Show response
surl.li/ 22 B
1 KB 632ms
632ms XHR
application/json 2606:4700:20::681a:413
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getMetaInfo

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:413 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

e30046945347abe51f6765fe7ad3aea9af756c51c70cc12eb0548c9f53696c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/xdhx
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: enBItaKvFsOb29bt9sNCclNUH1K4uAOtulFrHjYk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/8.2.15
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfPRxl7xhUuuVEAUq0fRsvxlctpGF9mQsnoBwO9ULjj3DpUZlARPBPR6OliBdTprWPzy7srIcZXTdLj8f7yQrwqibuS9JTvGmivmk7HSlUD2oJ4CU%2BOru3kB5RFdBHz1WEEmkwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 8571916d5c774bcc-BUF

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 406 KB
138 KB 83ms
83ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c724da1dafeef500e55f2f95f42018a8723e3558fb6440867a0472fd3a7ee5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140976
x-xss-protection: 0
server: cafe
etag: 3940521035597851920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:46:44 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame AF3A 9 KB
5 KB 237ms
31ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:14:33 GMT
etag: 3890843268177463596
expires: Sat, 02 Mar 2024 22:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 28ms
27ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 17 Feb 2024 23:22:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
215 B 39ms
38ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2063870872&t=pageview&_s=1&dl=https%3A%2F%2Fsurl.li%2Fxdhx&ul=en-us&de=UTF-8&dt=Surli%20redirect%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhAAAAACAAI~&jid=866419809&gjid=51633864&cid=1107706998.1708210004&tid=UA-18721904-9&_gid=1969045849.1708210004&_slc=1&z=919947339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
240 B 39ms
39ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18721904-9&cid=1107706998.1708210004&jid=866419809&gjid=51633864&_gid=1969045849.1708210004&_u=KGBAgEIhAAAAAGAAI~&z=1368371906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Feb 2024 22:46:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E8DB 494 KB
81 KB 611ms
606ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1708210004&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fxdhx&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004107&bpp=12&bdt=204&idt=164&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=636734432385&frm=20&pv=2&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a275b9a44c9cb1e2464ccc49cfe62439712f9c30688424fe8fd88d73c9405d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 82818
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:44 GMT
expires: Sat, 17 Feb 2024 22:46:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE66 130 KB
44 KB 555ms
554ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=940430000&adf=995855647&pi=t.aa~a.1280646152~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708210004&rafmt=1&to=qs&pwprc=9566348750&format=1140x280&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004119&bpp=1&bdt=217&idt=177&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=180

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b16ee40bea419aa3a7cd803ab62c212bd4a060d922ef9bf32a935b842642aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44444
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:44 GMT
expires: Sat, 17 Feb 2024 22:46:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1833d7a7-b665-4459-9abc-34e04253e0cb.png
web-screen.com/storage/screenshots/2024/02/ 4 KB
5 KB 213ms
213ms Image
image/png 2606:4700:3035::ac43:c0ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/storage/screenshots/2024/02/1833d7a7-b665-4459-9abc-34e04253e0cb.png

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c0ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfd620057709d4c00b28fd86e8b4b7dd9ef4d2a6ec10440ba3718887378275b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4299
last-modified: Fri, 16 Feb 2024 19:31:30 GMT
server: cloudflare
etag: "65cfb812-10cb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC11DkbgKnb95B76B0wrnaga1Z8fOabYigDAUzG9Amb3ojzQ4LEG%2FLws9DODc2ydte7jjrHAP9HEQfthncJjtwM7WuBT%2FOCYZthZ5J%2BrncooipPpo8Xna9Emv7aInuhlAFxfC0tK6p4boapCDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8571916f0d0c4bc6-BUF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 114ms
49ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ceb2121963f8ceda405cd9ae3337e8d492c59875b8c31b72376aa351ec1b2273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84991
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 22:46:44 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BVLF49G8NB&gtm=45je42e0v9124767006za200&_p=1708210004331&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1107706998.1708210004&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsurl.li%2Fxdhx&dt=Surli%20redirect%20page&sid=1708210004&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1370
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame FE66 8 KB
4 KB 99ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=940430000&adf=995855647&pi=t.aa~a.1280646152~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708210004&rafmt=1&to=qs&pwprc=9566348750&format=1140x280&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004119&bpp=1&bdt=217&idt=177&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:20:17 GMT

GET
H2 200 e68b9a3ea3d0ca4326cbe6e201cd9625.js Show response
www.gstatic.com/mysidia/ Frame FE66 11 KB
5 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e68b9a3ea3d0ca4326cbe6e201cd9625.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ed498a4becffc02205ad16c7dc6e493e40d0af4bc5b4dc1f42c004df1aeb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4621
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FE66 14 KB
2 KB 107ms
41ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:30:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:46:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE66 2 KB
903 B 33ms
32ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame FE66 23 KB
9 KB 35ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE66 3 KB
1 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE66 20 KB
8 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FE66 204 KB
61 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:07 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame FE66 36 KB
15 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:55 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 165 KB
56 KB 76ms
76ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/reactive_library_fy2021.js?bust=31081134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd3dc43a75a57a046eae5d2f48aa157037707fded52e576a32ef39bd6a654f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57026
x-xss-protection: 0
server: cafe
etag: 15632625531613755414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:46:45 GMT

GET
H2 200 ca-pub-5213407188406790 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 130ms
64ms Script
application/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5213407188406790?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

971cfda4cee696fbcc3fc264562180ee580cb1a0236c853d05d88e8b48b65587

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1D-QH8wvJ2pD8dyHdjvvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-1D-QH8wvJ2pD8dyHdjvvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Oq--OrGMTaNj91xAAmqZEXA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6821 143 B
228 B 33ms
32ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=940430000&adf=995855647&pi=t.aa~a.1280646152~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708210004&rafmt=1&to=qs&pwprc=9566348750&format=1140x280&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210004119&bpp=1&bdt=217&idt=177&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=180
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FE66 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 122c70aee86e0d3cd8b79913e2c28cf3bd82ecf6084fedd1a4adda68f2795a4e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FE66 33 KB
34 KB 97ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:08:12 GMT
x-content-type-options: nosniff
age: 74313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 02:08:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6821
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22E3 129 KB
45 KB 362ms
361ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ca0bc8d4c83e1eb223e327535be537fe11d1f053b64e3c356ce1e12bead511f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45872
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74B4 436 B
237 B 318ms
317ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1229&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280%2C1200x90&nras=4&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d2931f8b5a08849b33065324dfe2a0708e4256f52ee164b1a5eb7a60fc3891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 256A 9 KB
4 KB 31ms
31ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 7529 9 KB
4 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 63C9 9 KB
4 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWVAXvc-qQIgd_YvURG_cK00ajRqDw1MMoohOO-J-8WL9QQBzuFQTWYKZVW2WLHCGYR7ReyRWNFBP5vzmvxpwVLQRTsxAH-ZfmACg7NzSuBPDZPH1k1dPmGK5EhF80qVou6O7NVLA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
56ms Script
application/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWVAXvc-qQIgd_YvURG_cK00ajRqDw1MMoohOO-J-8WL9QQBzuFQTWYKZVW2WLHCGYR7ReyRWNFBP5vzmvxpwVLQRTsxAH-ZfmACg7NzSuBPDZPH1k1dPmGK5EhF80qVou6O7NVLA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMDA1LDI0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdXJsLmxpL3hkaHgiLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38c3a78ced76a8bd52a1f7c3040a3f66557497a4145978297f282ceb90a3f554

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P0oziYiqGj87QJA2jRK7yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-P0oziYiqGj87QJA2jRK7yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Oq--OrGMTaDhxvJ0RANw4RIY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FE66
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPElfVDfRZYHfGI6n4_UP-faiiAPQkMXQde3crYOYD8Pk8_0IEAEgz8ndb2DJ7o6LwKSMEKAB_ZKK_QPIAQGoAwHIA8sEqgTPAU_QB_6g4NxdPeL0sXzEeOMEzHTnX7GJiBkosVYFiPORx5J...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071f...

0
0

160ms
91ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071ff0eb8608d40000000000000000%22,%224%22:%220x2793db76c61bd2880000000000000000%22,%225%22:%220x60596d4a18dd92340000000000000000%22},%22debug_key%22:%2215455362349327972541%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215049623935625533473%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xafaca5a389c23d4b0000000000000000","2":"0xb93818166e8b930f0000000000000000","3":"0xd6071ff0eb8608d40000000000000000","4":"0x2793db76c61bd2880000000000000000","5":"0x60596d4a18dd92340000000000000000"},"debug_key":"15455362349327972541","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"15049623935625533473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:46:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xafaca5a389c23d4b0000000000000000","2":"0xb93818166e8b930f0000000000000000","3":"0xd6071ff0eb8608d40000000000000000","4":"0x2793db76c61bd2880000000000000000","5":"0x60596d4a18dd92340000000000000000"},"debug_key":"15455362349327972541","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"15049623935625533473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F24 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

GET
H3 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 256A 8 KB
4 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:20:17 GMT

GET
H3 200 e68b9a3ea3d0ca4326cbe6e201cd9625.js Show response
www.gstatic.com/mysidia/ Frame 256A 11 KB
5 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e68b9a3ea3d0ca4326cbe6e201cd9625.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ed498a4becffc02205ad16c7dc6e493e40d0af4bc5b4dc1f42c004df1aeb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4621
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 256A 14 KB
1 KB 45ms
42ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 22:13:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:46:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 256A 2 KB
822 B 33ms
32ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 256A 23 KB
9 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 256A 3 KB
1 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 256A 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 256A 204 KB
61 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:07 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 256A 36 KB
15 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:55 GMT

GET
H3 200 AGSKWxUFBaEPlpdFBeYQL6zJw6UMFpQnnCUSQ8gHbjG384ByTy8RSocZQEw5dgQV-gZ94clRGqruCinKa3PKbvK2cM4rXZrFgLHTYtjyUof3x0u5uhQ8RcD7Mxo0XESd3TXT7Dky8Ce7vg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 63ms
63ms Script
application/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUFBaEPlpdFBeYQL6zJw6UMFpQnnCUSQ8gHbjG384ByTy8RSocZQEw5dgQV-gZ94clRGqruCinKa3PKbvK2cM4rXZrFgLHTYtjyUof3x0u5uhQ8RcD7Mxo0XESd3TXT7Dky8Ce7vg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMDA1LDMxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc3VybC5saS94ZGh4IixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

278d438ed8ee773142f2c3c057b7486e3e3bb891e6f79a44840c9a6ddf8f196a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AkGJNgFXA_2CNHymFKyf1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-AkGJNgFXA_2CNHymFKyf1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Oq--OrGMT6Ji4dgUjAOQcRGw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 155ms
88ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 7529 8 KB
4 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:20:17 GMT

GET
H3 200 e68b9a3ea3d0ca4326cbe6e201cd9625.js Show response
www.gstatic.com/mysidia/ Frame 7529 11 KB
5 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e68b9a3ea3d0ca4326cbe6e201cd9625.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ed498a4becffc02205ad16c7dc6e493e40d0af4bc5b4dc1f42c004df1aeb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4621
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7529 14 KB
1 KB 44ms
42ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:02:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:46:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7529 2 KB
822 B 37ms
35ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 7529 23 KB
9 KB 40ms
38ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7529 3 KB
1 KB 38ms
36ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7529 20 KB
8 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7529 204 KB
61 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:07 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 7529 36 KB
15 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 63C9 14 KB
1 KB 44ms
43ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 22:35:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:46:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 63C9 2 KB
822 B 35ms
35ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 63C9 23 KB
9 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF97 143 B
166 B 33ms
32ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 63C9 3 KB
1 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 63C9 20 KB
8 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 63C9 204 KB
61 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:07 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 63C9 36 KB
15 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:55 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10307301828943198359/ Frame 256A 2 KB
2 KB 33ms
32ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10307301828943198359/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcde2e47656deaecd3f8f95e9283fc2d3c97924567594e800e391658c8c97fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 09:02:36 GMT
date: Wed, 14 Feb 2024 09:02:36 GMT
x-content-type-options: nosniff
age: 308649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2488
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 19:46:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C97 143 B
166 B 32ms
31ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 256A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa3ae6423cf71d95ab4da29f8af6f6dec6ccc08db84abdc7eaad1faf93c46050

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9912 143 B
166 B 32ms
31ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 256A 33 KB
33 KB 32ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:08:12 GMT
x-content-type-options: nosniff
age: 74313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 02:08:12 GMT

GET
H3 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 22E3 8 KB
4 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:20:17 GMT

GET
H3 200 39b1936085524998ebfc7677a2ba517e.js Show response
www.gstatic.com/mysidia/ Frame 22E3 10 KB
4 KB 37ms
35ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4466
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:33:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 22E3 14 KB
1 KB 44ms
42ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 22:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 20:56:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 22:46:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 22E3 2 KB
822 B 32ms
32ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 22E3 23 KB
9 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:20:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 22E3 3 KB
1 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 22E3 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 22E3 0
0 47ms
46ms Image
text/html 2607:f8b0:4004:c09::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkppUoS5KrU8FnXftMmd0DMrb74YF5222kFIryHb_Kbjcd3czSCaLQ1rC8Nq4yMwT2YDUNqR7gG8o7H5ffNBC5m5z9bw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 22E3 204 KB
61 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:34:07 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 22E3 36 KB
15 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 May 2024 22:35:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF97
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 256A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CloQpVDfRZZfVGJby998P6Kq0uALyx8qddN3znJGwEezI__jbKRABIM_J3W9gye6Oi8CkjBCgAffLuMICyAEBqQJsw2wBXt5JPqgDAcgDywSqBM4BT9AEHK2fkfWKPPrpyHfgHRnGql66Egb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87a914ac2c6168880000000000000000%22,%222%22:%220x55a872bd1b58edb90000000000000000%22,%223%22:%220x2cc69d...

0
0

90ms
89ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87a914ac2c6168880000000000000000%22,%222%22:%220x55a872bd1b58edb90000000000000000%22,%223%22:%220x2cc69d43fa6f55dc0000000000000000%22,%224%22:%220xb62c82832fdf15090000000000000000%22,%225%22:%220xbdd8d3f57829e7ec0000000000000000%22},%22debug_key%22:%2211945134226844178400%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213997440363629963729%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x87a914ac2c6168880000000000000000","2":"0x55a872bd1b58edb90000000000000000","3":"0x2cc69d43fa6f55dc0000000000000000","4":"0xb62c82832fdf15090000000000000000","5":"0xbdd8d3f57829e7ec0000000000000000"},"debug_key":"11945134226844178400","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"13997440363629963729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:46:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x87a914ac2c6168880000000000000000","2":"0x55a872bd1b58edb90000000000000000","3":"0x2cc69d43fa6f55dc0000000000000000","4":"0xb62c82832fdf15090000000000000000","5":"0xbdd8d3f57829e7ec0000000000000000"},"debug_key":"11945134226844178400","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"13997440363629963729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C97
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 51ED 51 KB
19 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9912
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BFA 51 KB
19 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AC5 143 B
166 B 31ms
31ms Document
text/html 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5075 1 KB
643 B 31ms
31ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:01:19 GMT
etag: 48472445140208031
expires: Sat, 17 Feb 2024 23:01:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 22E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d59dee022bd83bc551f4e03cc040853f6856c9b96dd160169e96541154d1deb4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 22E3 33 KB
33 KB 32ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:08:12 GMT
x-content-type-options: nosniff
age: 74313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 02:08:12 GMT

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 63FD 51 KB
19 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: surl.li
URL: https://surl.li/xdhx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 89ms
88ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5075
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECB29LrUvTbOkRJyOkxv5CQ&google_cver=1&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3vmSq0nu6U3SUe5w...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=996212BC2ECB4CFA98BF41069418ECBF&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3...

170 B
232 B

43ms
42ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=996212BC2ECB4CFA98BF41069418ECBF&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3vmSq0nu6U3SUe5w2zHLbFyRhH8GOjGSm2dV0JPHYW4YNG7Db10nf01ORQmch_-Aq8dxeCc8E

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Feb 2024 22:46:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=996212BC2ECB4CFA98BF41069418ECBF&google_push=AXcoOmTPx0xSjiPcd5KZ0_f-yzQPH_QtsQ5vUE7TbFGDHrt7RY9cYQ1_0g3msAktvkwZ7KB-4OGakseVoY10Ta3vmSq0nu6U3SUe5w2zHLbFyRhH8GOjGSm2dV0JPHYW4YNG7Db10nf01ORQmch_-Aq8dxeCc8E
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Feb 2024 22:46:45 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5075
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENjQC32leSYVI8JtPAywZWM&google_cver=1&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5Ey...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5EyMhUEuO-l4-smjt933-iG3T3WZe1EmgT...

170 B
232 B

94ms
94ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5EyMhUEuO-l4-smjt933-iG3T3WZe1EmgTRnoy6L9hAweM_77dl9oy6iQX-Gk&google_hm=Q0FFU0VOalFDMzJsZVNZVkk4SnRQQXl3WldN

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:45 GMT
via: 1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvPl7HodCQB9pjWsFjIyS0ALLdLkCCq0m2Qlr-J7ro5OU1ZB_Ve_5OkgGCxsELd18iIk1PNgpB0MNtErK3ytnRJamHBT5EyMhUEuO-l4-smjt933-iG3T3WZe1EmgTRnoy6L9hAweM_77dl9oy6iQX-Gk&google_hm=Q0FFU0VOalFDMzJsZVNZVkk4SnRQQXl3WldN
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: poWg5GZ8ruVMlZMA9gTR6c432ByG7RVCzpPpNgcgCnPNNjOw9dftWQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content tum
ums.acuityplatform.com/ Frame 5075 0
27 B 101ms
34ms Image
text/plain 69.90.254.78

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJ5T8enfqL-WkCLi96W9nEE&google_cver=1&google_push=AXcoOmRaEulbk7KdPFP-mac04EgXmWeADImFVww7i7msgEWWAptPrmIi-BfSXwxaEZNJM4gipZSSSKn-73_GaVRWHwdChYexUuy-ci_uUGROE2s0Q2BcKITonHkuD11c53U5-m71RDuaJ56PPd9zwGO80vUTRkE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708210005&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fxdhx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210005131&bpp=1&bdt=1228&idt=-M&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc39a469dc26d39dd%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA&gpic=UID%3D00000dcad5d1d82e%3AT%3D1708210004%3ART%3D1708210004%3AS%3DALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug&eo_id_str=ID%3D61fd4677a5ec40df%3AT%3D1708210004%3ART%3D1708210004%3AS%3DAA-AfjbTF9L0lPNiu_lKis_LiBT0&prev_fmts=0x0%2C1140x280&nras=3&correlator=636734432385&frm=20&pv=1&ga_vid=1107706998.1708210004&ga_sid=1708210004&ga_hid=2063870872&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081141%2C31081186%2C31081189%2C31081223%2C95322434%2C95324581%2C95325068%2C31081134%2C95323761%2C95324155%2C95324160&oid=2&psts=AOrYGsm-Jr1aXJLWQNvWnRKwg7AyXLmOYoIIB6o1-FE7W9fRK_c2MddlPW9WTcSXnSBIm85uFoo9dVwbl58yF-FHfP0&pvsid=3589942907474908&tmod=2022657733&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.90.254.78 Herndon, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5075
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=k4R-c0MxudXd5CFhG5taTKlCi1onw10rviGC7lu0jYY&pi=adx&pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1...

170 B
188 B

43ms
42ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=k4R-c0MxudXd5CFhG5taTKlCi1onw10rviGC7lu0jYY&pi=adx&pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu3mmjXKf2aqAkr2Ky7BVILFuj5wQ5j2DL2hBNgBiRCiQECS1P-vB5wJ7MYoSQsxcD84NZy8&tc=1

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=k4R-c0MxudXd5CFhG5taTKlCi1onw10rviGC7lu0jYY&pi=adx&pi=adxab&google_gid=CAESEGboAxHjvva2b7KVxKgxFMk&google_cver=1&google_push=AXcoOmT52qA6ZqhN8m0lrVfYp0CCpb15bS1UE49ViTMfPJPRpDNlt8X9eplU4gYcGdj9hwcNJNvy0cpawyv2wWiVu3mmjXKf2aqAkr2Ky7BVILFuj5wQ5j2DL2hBNgBiRCiQECS1P-vB5wJ7MYoSQsxcD84NZy8&tc=1
pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT, Sat, 17 Feb 2024 22:46:46 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5075 43 B
363 B 96ms
30ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRx-nkfvLS_61JOZwrnjm1P_NXlht3lFEodHS4h8GZMsRimk7hVXCTEWxq3oR-Asfl39yll15oplWI0CHo6vBQ6WRhi-_No2bdd7VMychyBhEkpuxGcYALR41qEYdh15NyHuKtKU5pWGBz23DWyI5wbwxM&google_gid=CAESEA6AkedCQuaQef-SRrwK_4M&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 424023
expires: Sat, 17 Feb 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5075
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP9bP6SJ7C4LyfFeR0py62Q&google_cver=1&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP9bP6SJ7C4LyfFeR0py62Q&google_cver=1&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgyNDE3MzAzMDc4NTU4MTI3Mg&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20Sjr...

170 B
188 B

46ms
46ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgyNDE3MzAzMDc4NTU4MTI3Mg&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF9GEe37u7vUseigpcL0qnsyFNq3kZvQATzpA0GPK1QQnGPwo1yO77MnxImAEzl84VNJRTabtT3BzbzUs

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgyNDE3MzAzMDc4NTU4MTI3Mg&google_push=AXcoOmSAsM2M6WpBXk8dWw8xL5-rMZIhboE6tihF2QjJP7N7enp9x5p-iT24cXZ7fhiAJBnyl20SjrzF9GEe37u7vUseigpcL0qnsyFNq3kZvQATzpA0GPK1QQnGPwo1yO77MnxImAEzl84VNJRTabtT3BzbzUs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5075
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAY7l3b382RGqYlWXVsKu94&google_cver=1&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM2Njk3NDk1MzkwODg1NDE2MTI&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86MV...

170 B
329 B

43ms
43ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM2Njk3NDk1MzkwODg1NDE2MTI&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86MVhVv7R48Pk1J_NcIXv--r4PCGXnJd1u05Dj12eFoBEPikKRAfUqUJevyxsgvmMM4aWQ

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM2Njk3NDk1MzkwODg1NDE2MTI&google_push=AXcoOmT2rSvQlgfGMW4cyHoaleKZsf9AYiSPraThJir9rXZKd-oAXWj_3wNdPkiDnQB5BgrRW-Av4YIRd9jIdGpz86MVhVv7R48Pk1J_NcIXv--r4PCGXnJd1u05Dj12eFoBEPikKRAfUqUJevyxsgvmMM4aWQ
Date: Sat, 17 Feb 2024 22:46:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5075 0
130 B 108ms
41ms Image
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In6yCP70aEuQAPGghMwEshE-Kwq78ZI_Pa3J1djuOsOwJTSqCePpLZPx5yYiVYhV3yn2Hg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 22E3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Nt0VTfRZb63EMjD998P2_a46ALQkMXQde3crYOYD8Pk8_0IEAEgz8ndb2DJ7o6LwKSMEKAB_ZKK_QPIAQGoAwHIA8uEgIAEqgTOAU_QB8hPnSxScF2KCfIkCBHKB3a4XS8HQ2JUyvQAG29...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071f...

0
0

90ms
89ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071ff0eb8608d40000000000000000%22,%224%22:%220x2793db76c61bd2880000000000000000%22,%225%22:%220x60596d4a18dd92340000000000000000%22},%22debug_key%22:%2210615366564283607786%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214301650262571339601%22}&andc=true

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xafaca5a389c23d4b0000000000000000","2":"0xb93818166e8b930f0000000000000000","3":"0xd6071ff0eb8608d40000000000000000","4":"0x2793db76c61bd2880000000000000000","5":"0x60596d4a18dd92340000000000000000"},"debug_key":"10615366564283607786","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"14301650262571339601"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 22:46:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 22:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xafaca5a389c23d4b0000000000000000","2":"0xb93818166e8b930f0000000000000000","3":"0xd6071ff0eb8608d40000000000000000","4":"0x2793db76c61bd2880000000000000000","5":"0x60596d4a18dd92340000000000000000"},"debug_key":"10615366564283607786","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"14301650262571339601"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 126ms
63ms XHR
application/json 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c4e1f0b187b98ddab50148b9dc2875fcbd8c87eb6b3150e86892b1d800a441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12262
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AC5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
expires: Sat, 17 Feb 2024 22:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame A1CA 51 KB
19 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:16:55 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 89ms
88ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafaca5a389c23d4b0000000000000000%22,%222%22:%220xb93818166e8b930f0000000000000000%22,%223%22:%220xd6071ff0eb8608d40000000000000000%22,%224%22:%220x2793db76c61bd2880000000000000000%22,%225%22:%220x60596d4a18dd92340000000000000000%22},%22debug_key%22:%2210615366564283607786%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214301650262571339601%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 22:46:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 22:46:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F777 13 KB
5 KB 34ms
33ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 98557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:24:09 GMT
expires: Sat, 15 Feb 2025 19:24:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 51CE 829 B
560 B 49ms
48ms Document
text/html 2607:f8b0:4004:c09::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

788590c873913e60454e251abeb6548bdb20247139b4b36d996cee29b9b3d0ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7Px7YFl9r6F_1mpZDUxFZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7Px7YFl9r6F_1mpZDUxFZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 22:46:46 GMT
expires: Sat, 17 Feb 2024 22:46:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame F777 39 KB
15 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 13:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 13:47:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 51CE 0
0 87ms
87ms Image
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=3589942907474908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F777 0
10 B 33ms
33ms Image
text/plain 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QY-ypQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 336x280. Show response
fundingchoicesmessages.google.com/f/AGSKWxWIdUa_Ax0tvacgiFCTPywwJvGttkyjLhQneywdZ7Q-SGrO3u_MzdVavTLQAjWDVQU9Vgdna8j_KMFd_Wo2xPuV6Gmr-JSd4Rc1952w52ODh0cn8-pplYspcxgoQJ5UXXwqFY16Z9wkoTfj52OsYbsAXFcG0... 54 B
110 B 49ms
48ms Script
application/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWIdUa_Ax0tvacgiFCTPywwJvGttkyjLhQneywdZ7Q-SGrO3u_MzdVavTLQAjWDVQU9Vgdna8j_KMFd_Wo2xPuV6Gmr-JSd4Rc1952w52ODh0cn8-pplYspcxgoQJ5UXXwqFY16Z9wkoTfj52OsYbsAXFcG0T9mKKhn66EGwWUdu-uHrVLkgeLy2oNi/_/thumb-ads./468x60__pop_ad//300_ad_/336x280.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3da78f2ee25f53e86646ac1866f99e93a7b44416b876e786fa52ee9c6346c148

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r7CVEl-CxPLt9nvVTG1M3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-r7CVEl-CxPLt9nvVTG1M3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Oa--OrGMTuHDxdiMjAOYtRPs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

047c3df977d989034f0e2cefcf3453a057532e2a1ef498fb0317c73ffa3c6af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11581
x-xss-protection: 0
server: cafe
etag: 4624895235331549147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 23:25:10 GMT

POST
H3 204 AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 116ms
53ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q7ar_l5GSS2YyCJ-0VKs_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q7ar_l5GSS2YyCJ-0VKs_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAjL-7FzACAAW5GQk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE66 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUs6hiY1FVmILylXk18KAhhMj5IYi2wQCWcETjyg1y4VZueDmsJ0vD8uMhroUde52mrJTs-7nnhh-ctv9eSOIe5wAhAVPJTeP165gBfzjtlIS5PKjBkxeIzNPTeZ25PcGQ1cScw4LKyNQSnx1yrMF37xh6LRzFgQk&sai=AMfl-YQyxwUOL61hWxNVa41MOpMdfN1in_y3NtdbGnpQCoOsIWKuh18rWOdXrfnEVcEAvDdyf2sMmIlSoaW0J0R4UfoZiUSzYxr7mnYOiM5AlbEKYC1HOA5Rllro4jZ_qxxfOeugYjEyNxmMhcpox_7Fhw&sig=Cg0ArKJSzFC7PdzIqc91EAE&cid=CAQSTwAvHhf_XO9mHgyyzMtpg89HVxbAxVyLeNTPxBdnXzbSXs1f6o2fA2lbxMKgsWKHwWiWmhSW_yCNdDlj1sy43nzaZeu36dQdoaSRd-N1dqMYAQ&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=940430000&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=414280500&rst=1708210004299&rpt=968&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 83ms
56ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jftDAwUBWK9sVXM0_KB4jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-jftDAwUBWK9sVXM0_KB4jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAhGnfFzICAAWjGNs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 62ms
48ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j7y4V_DUIIHJJU_pyLTDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j7y4V_DUIIHJJU_pyLTDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAigXf5zMCAAPTGPE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 62ms
48ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e3_Io_x7N_Pu3Ilrhnit1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e3_Io_x7N_Pu3Ilrhnit1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAh0sdCxgBCNYZDg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWNNpP9UBsOJkCnG5aL87bKzZ8F2V1TZ-ygNd2mK-VnKKllcK3pN-dXHDE-ZJ6GcMsr8U1mEdTAzbxkje7LfsbotIIuVRMfCYRpyj8XiIjZ8Y_SKyuU3k3KotOezUcfgldTja_zfg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
55ms Script
application/javascript 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNNpP9UBsOJkCnG5aL87bKzZ8F2V1TZ-ygNd2mK-VnKKllcK3pN-dXHDE-ZJ6GcMsr8U1mEdTAzbxkje7LfsbotIIuVRMfCYRpyj8XiIjZ8Y_SKyuU3k3KotOezUcfgldTja_zfg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MjEwMDA2LDI5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdXJsLmxpL3hkaHgiLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4955a2b3d32dd810b9f568be8e24e2251237fa54c5c3aa8b7c222c431a584d2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8URbgN6JW4Ug4WH3FLqlrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8URbgN6JW4Ug4WH3FLqlrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Oa--OrGMTOHDo_VxGAN9LRQE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 256A 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR1DL9QKpaJ43X8S1pH2SzBc5lH6u8EEySTVQoUKoj5bsvf__pSfMW1WGYXH-lbH7IUah_UKqfb8due3Cr0dW8IHETjBEeM8xWKN4_N7T90qFPTjZ9BbSfsa-l0GOGKyiyUOwCsN8JJLcri7yevRJcUfii23khm9g&sai=AMfl-YR_atnxj96_IYYDh5sEj_ra-jGu3moqPvIhkrpgPfc6hFbZTLmBmqAe4GAo0h_Oqyiis3WHS4KxJj9CB0t3IWnD-BItZ0mDFp2BYgGEMR_tIm7rObVpiTIY7VMKX0S51nfcd_CBwFFIIJSlh_mCzQ&sig=Cg0ArKJSzBeLD43cmKV6EAE&cid=CAQSTwAvHhf_Bx2yxGQhuOkX-YbhD_TErmQ6C0F4eitHArDUX_4knTSpt_82XoMgWbYbzga1b3XSV6UBwspzz6PEhpYUBwsMyWqo30y9DUWwjqUYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=176,794,1000,1000,1000&tos=176,618,206,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=414280500&rst=1708210005229&rpt=452&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 22:46:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=3589942907474908&bg=!Q0ClQA_NAAZN4L4YbeA7ADQBe5WfOCVhif8CHreZmoye4QctJ80L8ootQJ4ioJ2depH-zt9CQKReYwINR7oI1wNK3pMQAgAAAE9SAAAAAmgBB5kCwzo67-hiCb7V4zL3bI_QhbBw-C-mDXjHRziaje3lFZ0Ge7OHcZRzVkdDLItEegYSstDhcs0sJsDGVkQbHxMzsEJU4XhES3fwHLiqzdF1z6F4HnAqc_fBVF7pLvBd5OnOtngjqJMNCj3z92w_ipE9ZKNeEdWoKI2bVYl-wdYojbAZNuRqvCXgKKlfijkuTb5OAFYKta_vr6grnFyUWNXVBJmj9NoQQOrSqJaUJImobgF4UEnZGj7W0u8CvbRnTCOxRo-iufYOtmjKXJ6D40LeaAObylfoGrWpLOydgACiPEp9AsWbQmq2-3hfpZiWpv03S9jbHDfCUBnqhftWSbD8-Gbwjt4P4XtE3SAizTynL3PG3E8n8KL635XfZb7ENOm6M8X1RO9EiNTRimzvUFjqHxa7LgEkv-A1oK21r1J-KWswEjnEoxJ8dY226xTiRwYDHsU9M7LvcJOnA5YuWcxK2i4BKms6ExtXwpxPCwJdKKwQltnqQW9vAehP7mdpg-3vFAPytcdD_qdNL74rByzRVlygnGs3Jx95UNi0Mhw9NzY1Cd72_M7RdBoHlvS8WimtVoTb4C58PINxayJAH8szjl4pXFBP2_BIQXYcdXwsiJXnEgQnhBT-qxL6NJ5LQeV_0iPoZpN_ZE5tp-XOM3lrYmo1QW-JYfgNfspL0vUtM-inxDpwyGVbkjqLCz6ARKdreiU0i0TmBh5ET83yKW1MLmPEqyRPH4ETDb1X4JtOv9Qqx9g98KX9Bhj2Fkzy00VZLFrZsSYLUvIjdYDNKHAW17VML4ToGuiM_clu9YcDVXL5LDqZ6wqWK5zlH_APOW0-mPezIUE1EqaUislLCydDdW-aQRX9wAqPPYBkKVUc-fxV96q0QYd0fZNINZRt94JyORvSHB0ZonVLKnTa8lZ_X1mnNG5bRKnGPKqGPpovI_137sbt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 AGSKWxUGYR7uayt-bkc0IRt0NSIzO-oGEkJndIQ3bAgijZUF8wFYjtVjLfbEucWKZmtRY1gzpJvQ3hg-jD_qZjVtDqQRgAwJs-_4fqDfJ2HqYvA87F7mtEcN1YNEBvqqRSkBHhOpjtPLrg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
53ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGYR7uayt-bkc0IRt0NSIzO-oGEkJndIQ3bAgijZUF8wFYjtVjLfbEucWKZmtRY1gzpJvQ3hg-jD_qZjVtDqQRgAwJs-_4fqDfJ2HqYvA87F7mtEcN1YNEBvqqRSkBHhOpjtPLrg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-meGpcVIGPpuP2MmD_V0XPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-meGpcVIGPpuP2MmD_V0XPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAg0lH9jADAAaEGRA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
50ms XHR
text/html 2607:f8b0:4004:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1Y14QD3Th05PMOCaA6d-MyO0F8raQ-fgqamJTBiXKLFwGrlaH6mgnYf1vNgblzLHGHMj_c6NrvsIqjg7kHvBVyZfmg0Whgjjf5iQd6kQyx8CtC3T3DwtszDUOoJdfX_C0PgMN6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rcWuuVv7OC0-Lg4uKaAN7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 22:46:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rcWuuVv7OC0-Lg4uKaAN7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XBce3dkHZvAjbdv9jADAAeGGYg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surl.li/	1970-01-21 04:06:10	Name: _ga Value: GA1.2.1107706998.1708210004
.surl.li/	1970-01-20 18:31:36	Name: _gid Value: GA1.2.1969045849.1708210004
.surl.li/	1970-01-20 18:30:10	Name: _gat Value: 1
.surl.li/	1970-01-21 04:06:10	Name: _ga_BVLF49G8NB Value: GS1.2.1708210004.1.0.1708210004.0.0.0
surl.li/	1970-01-20 18:30:17	Name: XSRF-TOKEN Value: eyJpdiI6IlNjRXlhN2hjZ0c1ek9kenBEaTRJbkE9PSIsInZhbHVlIjoiU3FXM1FFd1VIQWVuYWN4UjNlc2RNU0M3a3ZrcUVjczAvMVJJWGhlS0pBMXQwVVY2b1FQdERXaWpGOWs4WXJSb2Z4ME9nWXplMFQ4Vjl5MlJGK256TkxKN20wYWhPRlNLVk5zNWp1Q2szY3ZJMUxRQWgvSmpNUmhqckZDUjNjdUEiLCJtYWMiOiIzZjNkM2VjOWE2YTc3ZWVlYzBlZDIzYWFmOTcwYjJkYzgxZmVkYjQ1MDQ2MGI3YjJiZDU0ZTUyZmExN2Y3YmE0IiwidGFnIjoiIn0%3D
surl.li/	1970-01-20 18:30:17	Name: surli_application_session Value: eyJpdiI6IkJKUElFV1ZlWFIwbXRlRTlNR1BnQmc9PSIsInZhbHVlIjoiR0pMa3N3YmhjQWNpWUNZQzYvR1NaRFJBYmRJK3k2Qm91c1h3UGQ5aWMwRjlrYmJCL2RVa2RXZnlYVFZEbklDeldob25ITnZvM1lZeGZzbVcrMzhPcnM0cytCbHkveXN2a0J0ekdaR1hLQTEwQzhmRk01ZVVydzVmblhmaEZSUngiLCJtYWMiOiI1NjQ1NWYxNWJlMGE4NjM1ZGVjYjBjY2MxNWM2M2RkNmFjNjI3YzZkYTE2ZDdmNzJiNmU5ZGM1MDkyNDc4YTQ3IiwidGFnIjoiIn0%3D
.surl.li/	1970-01-21 03:51:46	Name: __gads Value: ID=c39a469dc26d39dd:T=1708210004:RT=1708210004:S=ALNI_MYBOWcVoiXdscLhUYngajvPdw1bzA
.surl.li/	1970-01-21 03:51:46	Name: __gpi Value: UID=00000dcad5d1d82e:T=1708210004:RT=1708210004:S=ALNI_MZ1eSstoFW6OJ6rjk3UBBZh4Qlwug
.surl.li/	1970-01-20 22:49:22	Name: __eoi Value: ID=61fd4677a5ec40df:T=1708210004:RT=1708210004:S=AA-AfjbTF9L0lPNiu_lKis_LiBT0
.doubleclick.net/	1970-01-20 18:30:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:06:10	Name: IDE Value: AHWqTUkV0sF0An0eXpATkNK8D9dO5-BmAN7bYaCXD0g6nmHpNCzbPEldoiP5bpQlqaA
.googleadservices.com/	1970-01-20 20:39:46	Name: ar_debug Value: 1
.adkernel.com/	1970-01-20 18:50:19	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 19:13:22	Name: ADKUID Value: A3669749539088541612
.simpli.fi/	1970-01-21 03:17:12	Name: suid Value: 996212BC2ECB4CFA98BF41069418ECBF
.agkn.com/	1970-01-21 03:15:46	Name: ab Value: 0001%3AHz4%2FesoFNb2WL1UjGN%2B93QlyKrSUfoYn
.agkn.com/	1970-01-21 03:15:46	Name: u Value: C\|0CEAtY_PWLWPz1gAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/	1970-01-20 19:11:55	Name: C Value: 1
.adform.net/	1970-01-20 19:56:34	Name: uid Value: 7824173030785581272
.creativecdn.com/	1970-01-21 03:15:46	Name: g Value: HMuNwG0USwMXLMZ0uaI7_1708210006187
.creativecdn.com/	1970-01-21 03:15:46	Name: ts Value: 1708210006
.surl.li/	1970-01-21 03:15:46	Name: FCNEC Value: %5B%5B%22AKsRol_GMU-qXtRoJDU8haO1aeOs2CnMJlTUfzcBQ_4WyHnttCdiYFjuCJUx_yWnxoys5tuSO73B7SGjQNbO5p9Hi4RVmTqbNbVn4UG8QW1pS2iivTKQWxeXbcAc4kjfOrvxV6RwzwBg2L6qKJuga468Seaf5qNnzg%3D%3D%22%5D%5D

75 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://surl.li/xdhx Message: Mixed Content: The page at 'https://surl.li/xdhx' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://surl.li/xdhx(Line 273) Message: Mixed Content: The page at 'https://surl.li/xdhx' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://posta.tmweb.ru/postaleservicefr&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/xdhx Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.adform.net
cm.g.doubleclick.net
creativecdn.com
d.agkn.com
dis.criteo.com
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
surl.li
t0.gstatic.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
web-screen.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
172.253.115.155
172.253.122.155
174.137.133.49
185.167.164.49
185.184.8.90
2001:4860:4802:38::178
2600:9000:215f:1c00:19:fc2c:a140:93a1
2606:4700:20::681a:413
2606:4700:20::681a:513
2606:4700:3035::ac43:c0ea
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::64
2607:f8b0:4004:c07::68
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::69
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c0b::9a
2607:f8b0:4004:c17::5e
35.236.220.17
69.90.254.78
74.119.119.150
047c3df977d989034f0e2cefcf3453a057532e2a1ef498fb0317c73ffa3c6af6
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0cadb0f5a85b0e3379f8a3d39e862a3958aa3c2143605153ebb6f04717b2de04
122c70aee86e0d3cd8b79913e2c28cf3bd82ecf6084fedd1a4adda68f2795a4e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd620057709d4c00b28fd86e8b4b7dd9ef4d2a6ec10440ba3718887378275b
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
278d438ed8ee773142f2c3c057b7486e3e3bb891e6f79a44840c9a6ddf8f196a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a2d6323ec235556eb2cd441c849220e38f271eea88d721083f05db92a155322
2c67c64566ce98ba75c5441ea3591f8735d17727e6056917278ec85cb4a500bb
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
38c3a78ced76a8bd52a1f7c3040a3f66557497a4145978297f282ceb90a3f554
3da78f2ee25f53e86646ac1866f99e93a7b44416b876e786fa52ee9c6346c148
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5efd810822d26a7e6a5a91fb7cfefc5dad4b3080461329d06260473027702c2b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
6ca0bc8d4c83e1eb223e327535be537fe11d1f053b64e3c356ce1e12bead511f
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
788590c873913e60454e251abeb6548bdb20247139b4b36d996cee29b9b3d0ed
7acb3e456d98d55be401bb07a32c9cb04e074de37bd58932b11bcf0fe9f59ab0
80ed498a4becffc02205ad16c7dc6e493e40d0af4bc5b4dc1f42c004df1aeb23
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
86c4e1f0b187b98ddab50148b9dc2875fcbd8c87eb6b3150e86892b1d800a441
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
971cfda4cee696fbcc3fc264562180ee580cb1a0236c853d05d88e8b48b65587
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d6dfd360ccbae2e81dc8f69b9c561e99e7034b0417b2a0bcbc85c2ff629ab6d
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aa3ae6423cf71d95ab4da29f8af6f6dec6ccc08db84abdc7eaad1faf93c46050
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
b1a275b9a44c9cb1e2464ccc49cfe62439712f9c30688424fe8fd88d73c9405d
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
c4955a2b3d32dd810b9f568be8e24e2251237fa54c5c3aa8b7c222c431a584d2
c724da1dafeef500e55f2f95f42018a8723e3558fb6440867a0472fd3a7ee5b0
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
ceb2121963f8ceda405cd9ae3337e8d492c59875b8c31b72376aa351ec1b2273
d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe
d59dee022bd83bc551f4e03cc040853f6856c9b96dd160169e96541154d1deb4
dcde2e47656deaecd3f8f95e9283fc2d3c97924567594e800e391658c8c97fab
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e30046945347abe51f6765fe7ad3aea9af756c51c70cc12eb0548c9f53696c98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ea30badf267e780878a8fdd63da55c8b8e6ea39d3f1b122855ac01c02d3db9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
f7d2931f8b5a08849b33065324dfe2a0708e4256f52ee164b1a5eb7a60fc3891
f9b16ee40bea419aa3a7cd803ab62c212bd4a060d922ef9bf32a935b842642aa
fcd3dc43a75a57a046eae5d2f48aa157037707fded52e576a32ef39bd6a654f4

surl.li Open in urlscan Pro 2606:4700:20::681a:413 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

93 %HTTPS

65 %IPv6

17 Domains

23 Subdomains

18 IPs

3 Countries

1922 kBTransfer

4930 kBSize

22 Cookies

8 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

surl.li Open in urlscan Pro
2606:4700:20::681a:413 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

93 %
HTTPS

65 %
IPv6

17
Domains

23
Subdomains

18
IPs

3
Countries

1922 kB
Transfer

4930 kB
Size

22
Cookies

133 HTTP transactions
3 data transactions