t.ly Open in urlscan Pro
2606:4700:10::6814:785 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://twtr.to/
Effective URL:
https://t.ly/
Submission Tags: @phish_report
Submission: On September 07 via api (September 7th 2024, 8:09:13 am UTC) from FI — Scanned from FI

Summary HTTP 64 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 64 HTTP transactions. The main IP is 2606:4700:10::6814:785, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 29484.
TLS certificate: Issued by WE1 on August 2nd 2024. Valid for: 3 months.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.220.91.95 168.220.91.95	40509 (FLY) (FLY)
1 23	2606:4700:10:... 2606:4700:10::6814:785	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.73.14 104.17.73.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:a400:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
15	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
64	17

1 168.220.91.95 (United States) 1 redirects

ASN40509 (FLY, US)

twtr.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6814:785 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.73.14 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:a400:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 29484	1 MB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	302 KB
9	google.com www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	72 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 td.doubleclick.net — Cisco Umbrella Rank: 481	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	349 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	cloudflare.com ajax.cloudflare.com — Cisco Umbrella Rank: 2266 cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	18 KB
1	google.ru www.google.ru — Cisco Umbrella Rank: 8663	64 B
1	gstatic.com www.gstatic.com	214 KB
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 44174	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	twtr.to 1 redirects twtr.to	846 B
64	12

	Domain	Requested by
23	t.ly	1 redirects t.ly ajax.cloudflare.com static.cloudflareinsights.com
8	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com
5	www.google.com	t.ly www.gstatic.com tpc.googlesyndication.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.googletagmanager.com	t.ly www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.ru
1	www.gstatic.com	www.google.com
1	td.doubleclick.net	www.googletagmanager.com
1	r.wdfl.co	t.ly
1	cdnjs.cloudflare.com	t.ly
1	static.cloudflareinsights.com	t.ly
1	ajax.cloudflare.com	t.ly
1	twtr.to	1 redirects
64	16

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
t.ly WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
ajax.cloudflare.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-08-07` - `2025-08-06`	a year	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com.ru WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://t.ly/
Frame ID: CB370158528D74B09AD5A98C93630BCD
Requests: 51 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js
Frame ID: D687EBA4A422B8ABF35D6C00ED06DEDF
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1725696546137&cv=11&fst=1725696546137&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=527457594.1725696546&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C978336D4353B0483840457081A9F264
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html
Frame ID: B42D2D1A02DFF9675E83AF7BFCB839A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725696544&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696546039&bpp=28&bdt=1291&idt=576&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5499396373179&frm=20&pv=2&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1236
Frame ID: 66664D2ECAC668E5B8E238AF0626CCBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696546039&bpp=3&bdt=1291&idt=671&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1259
Frame ID: 8ABB4D160C39AAB3C74B933840909757
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=fi&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=kl3pn87s3rql
Frame ID: FE9BBBDF70270EBFAB959C85FB78F086
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FFF3F3424745830D5305158372136F1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47D246625765B112499AFA6892C91A30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3975757563&adf=2975737942&pi=t.aa~a.1108372886~rp.4&w=1140&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&to=qs&pwprc=8670500221&format=1140x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696548166&bpp=1&bdt=3418&idt=-M&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=2&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=24
Frame ID: F62DE269CFE1C86438734C610739695C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3422485851&adf=1884426790&pi=t.aa~a.3318223460~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&to=qs&pwprc=8670500221&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696548166&bpp=1&bdt=3418&idt=1&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1140x280&nras=3&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=30
Frame ID: 3F87076418668EF2FEB25B94FB748BEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html
Frame ID: E4D625256AFF1B1931072DF050770147
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html
Frame ID: 78733D18F48B0376E76D1352CD10391F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=EGbODne6buzpTnWrrBprcfAY&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: C6D5A9A9F93EBD05BE4777DD5AE6BBFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

http://twtr.to/ HTTP 307
https://twtr.to/ HTTP 302
https://t.ly/ Page URL

Detected technologies

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

64
Requests

97 %
HTTPS

59 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2165 kB
Transfer

5956 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://twtr.to/ HTTP 307
https://twtr.to/ HTTP 302
https://t.ly/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
t.ly/
Redirect Chain

http://twtr.to/
https://twtr.to/
https://t.ly/

65 KB
18 KB

709ms
627ms

Document
text/html

2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80575b7d7fc71dc4fef633020c5ade4c0fa24aebe2c3fc6068021b6166897733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8bf536e90c124c87-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Sep 2024 08:09:04 GMT
last-modified: Sat, 07 Sep 2024 08:09:04 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8bf536e73f1a42db-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 07 Sep 2024 08:09:03 GMT
location: https://t.ly/
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 5c61e289-8f53-407d-81ed-4c9bbf8a9dcd
x-do-orig-status: 302
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 41ms
35ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66d8a3c5-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8bf536ecdf1d4c87-HEL
expires: Mon, 09 Sep 2024 08:09:04 GMT

GET
H2 200 app.css
t.ly/css/ 298 KB
56 KB 55ms
49ms Stylesheet
text/css 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=19114040e05c815470e4

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131840d9b347777c33709ed809626df841b8e62116fa0d2e73e00f0ecef5d641

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280816
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-4a789"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536ecdf1c4c87-HEL
expires: Thu, 04 Sep 2025 01:17:07 GMT

GET
H3 200 mirage2.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ 38 KB
12 KB 150ms
52ms Script
application/javascript 104.17.73.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.73.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
strict-transport-security: max-age=15780000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66d8a3a1-9688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00nDC5MHol4LLC6CmSSbMH0NHR%2F%2FpSzJ0Kj1V4k%2Bky%2BRfbm5xlASGbsRrdQGQbwG%2FldaF96IUwAty1jYTs3IjQGvUok8qa7uOROZkxzRAkG4kib0LGknLE%2FF0phHos%2BytJ5YKGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8bf536ed7cb49914-ARN
expires: Mon, 09 Sep 2024 08:09:04 GMT

GET
H2 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
728 B 37ms
35ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66d8a3c5-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8bf536ecdf1e4c87-HEL
expires: Mon, 09 Sep 2024 08:09:04 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 165ms
66ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8bf536edef8c8d8e-HEL

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 115ms
49ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 121584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTbU2C9f8t4h34lVWHfHonR0Rajizetykco4aSjlsJc6BkY1rhEslTlVBz9vUT7gjuj1pQ0tAj2AsbpXc%2F95QVhG0fXQHB5nszIH37vdqwaBdzvA0sLq9BAvuWUpgnFsqUMQxOTt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bf536edbfff9921-ARN
expires: Thu, 28 Aug 2025 08:09:04 GMT

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 277ms
69ms Script
text/javascript 2600:9000:225e:a400:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 779a545e076629a93bdc064adfff29d02d798282adf37bb3de449ff86e581c78

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 07:51:53 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified: Fri, 06 Sep 2024 07:51:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1033
x-amz-server-side-encryption: AES256
etag: W/"c861c915ce042bb84047d0a36e69d361"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PDaaVvUM6DEdgNQBbaoKCEgSUySBtrDetLXeHoTNKNmuKzYsqhng1Q==

GET
H2 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 58ms
49ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280816
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-9807"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536eeb8d24c87-HEL
expires: Thu, 04 Sep 2025 01:16:55 GMT

GET
H2 200 vendor.js Show response
t.ly/js/ 2 MB
696 KB 65ms
56ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=f8cc85c800039e8f8ce3

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e6b994f4eb87e55c350ba474624725ba06c9f87f51103d0e29458e154ded9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280816
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-22f221"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536eeb8d34c87-HEL
expires: Thu, 04 Sep 2025 01:33:26 GMT

GET
H2 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 55ms
47ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=6b0fb63b095981feabf5

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de692c6d78291e4f78a5d3b1fa22fd093de483f21ef28940fb9f070a7bc628d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 149661
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536eeb8d44c87-HEL
expires: Fri, 05 Sep 2025 14:34:03 GMT

GET
H2 200 app.js Show response
t.ly/js/ 108 KB
27 KB 87ms
79ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=4be77fcecc56461c8476

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d83693237e4d50843ce6426180fba18106399dfce0a7143d4d1a321e53db680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 136280
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-1b176"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536eeb8d54c87-HEL
expires: Fri, 05 Sep 2025 18:07:11 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 172 KB
52 KB 280ms
85ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

539da8bfff5f7fb3c24f22d9afe34cf284178d9b39dadfde4b1577e11a6514eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53521
x-xss-protection: 0
server: cafe
etag: 293420999972265418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 07 Sep 2024 08:09:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 286ms
81ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1c08551dbca547e14978247ebc1e00bc0fa01ede91887a835895ad6c01bfcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 08:09:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 374ms
169ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f974814d6ce97ccf4209664a65925bc9514a58d9893343e5003c1a26917ea932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90047
x-xss-protection: 0
last-modified: Sat, 07 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Sep 2024 08:09:05 GMT

GET
H2 403 favicon-32x32.png
t.ly/ 18 KB
9 KB 57ms
39ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008e15b37ec0d86c51baed3811faac3a78dc02f8ab3de4cf82e3135fe235a62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: IfXxFkd3pMu8GPKiRUPk1I+MxpPUqZ6aioPyBDRuBAouIweLef+MX+9eAAInG1GZmpMw1A/NtbHX+AogmsRH0WRuZoQsVyCVSRrgJBkLaeGyWT89aS70WqRre7Ut6u8icRLibPkGHvAWUFGBmyY8oA==$M8kttVTr7+cncvFZEx39lA==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8bf536efe9de4c87-HEL
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 403 favicon.ico
t.ly/ 18 KB
8 KB 81ms
68ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d148559124b2132f29d73b10e6f0c2e4e5c879ad5911f6428c1fddb69121efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: GmiheXvFmae4X0oLb8Kbp3+cQuM08sCdSVDp631OvOZAXxG/Pz7Eoc/kdoLTV1bEVHmw7PtILaHc/S30N3zZz0tVWKITszzbO3SuTCCjs1o0OJnGIiiuEPPBD5waqXU6kNQRcWhaPuBQzTGZfE3epA==$RmiS8f71Hp0+kG0NHayjZw==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8bf536f06a5f4c87-HEL
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 950.js Show response
t.ly/js/ 788 B
721 B 57ms
47ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=de956b39a4455fcff160

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=6b0fb63b095981feabf5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280814
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-314"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536f2cc064c87-HEL
expires: Thu, 04 Sep 2025 01:17:02 GMT

GET
H2 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
33 KB 112ms
110ms Font
text/plain 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 8bf536f35c844c87-HEL
alt-svc: h3=":443"; ma=86400
content-length: 33896

GET
H2 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 69ms
68ms Font
font/woff2 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=19114040e05c815470e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=19114040e05c815470e4
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280816
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 156496
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-26350"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8bf536f35c864c87-HEL
expires: Thu, 04 Sep 2025 01:27:58 GMT

GET
H2 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
115 KB 57ms
56ms Font
font/woff2 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=19114040e05c815470e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=19114040e05c815470e4
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280814
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 117372
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-1ca7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8bf536f35c874c87-HEL
expires: Thu, 04 Sep 2025 01:17:02 GMT

GET
H2 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 58ms
57ms Image
image/png 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280816
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 10096
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-2770"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8bf536f35c7e4c87-HEL
expires: Thu, 04 Sep 2025 01:16:58 GMT

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
H2

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/ Frame D687
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?

8 KB
4 KB

44ms
44ms

Script
application/javascript

2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?

Protocol

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d36f68c47a2f0b90f42386feaac4ca9338903bc7e7d290f12a74d803d2cb5642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bf536f50dc04c87-HEL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 07 Sep 2024 08:09:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bf536f46d5e4c87-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 51ms
50ms Image
image/png 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280817
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 10096
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-2770"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8bf536f47d634c87-HEL
expires: Thu, 04 Sep 2025 01:16:58 GMT

GET
H2 403 favicon-16x16.png
t.ly/ 18 KB
9 KB 39ms
38ms Other
text/html 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-16x16.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fedb45544c2661b2d8e9c7aa92873e28bb42494dd4e9144315b75abcd4805a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: R+73UOAc1Bbou0AXy3er6JitS/eoDU5DZR39gOcAWD/w16GqtvslHH3mq/tqkc6YVZBva/xpm3V9E/Hq1I8jdqM2UmvUm5WtA2h/7Fc8cwGOScdMwLInBB33oYGz4RH3nF0NsGxMQ4oOQQluE6JJYw==$hS+kL51+w+cAchhNHFVSHQ==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8bf536f47d684c87-HEL
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/ 87 KB
30 KB 197ms
76ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

5c9114cc187b1d759d734420e6c64a73f35f072b741c029aa402cabac82e3b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31165
x-xss-protection: 0
server: cafe
etag: 7097728667509711034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Sep 2024 08:09:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/ 427 KB
143 KB 228ms
110ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5561763581314444&plah=t.ly

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

d178b0dbc154172c276c3de29dd17af8a5354b66fa3fd766112145acbbf41a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145883
x-xss-protection: 0
server: cafe
etag: 5235037815656099737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 Sep 2024 08:09:06 GMT

POST
H2 204 rum Show response
t.ly/cdn-cgi/ 0
141 B 38ms
37ms XHR
text/plain 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: application/json

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://t.ly
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8bf536f50dbd4c87-HEL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
100 KB 81ms
78ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a2134a4fb27449a6cec22cfe3c193f47a4c6d8d89d96b5c8f98af7c2a9fd0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 08:09:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 92ms
89ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b61f5c12f24a73abd688892677eb11ea596ab389b7b38f4194149b5e558391ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90058
x-xss-protection: 0
last-modified: Sat, 07 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Sep 2024 08:09:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 224ms
71ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Sep 2024 06:40:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5306
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Sep 2024 08:40:40 GMT

GET
H2 200 906.js Show response
t.ly/js/ 5 KB
2 KB 59ms
59ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/906.js?id=afc5f18fec7e06d6bf2c

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=6b0fb63b095981feabf5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280815
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-12e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536f53df44c87-HEL
expires: Thu, 04 Sep 2025 01:27:53 GMT

GET
H2 200 166.js Show response
t.ly/js/ 3 KB
1 KB 50ms
50ms Script
application/javascript 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=6b0fb63b095981feabf5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 280815
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-d91"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8bf536f53df64c87-HEL
expires: Thu, 04 Sep 2025 01:17:02 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 5 KB
3 KB 525ms
75ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1725696546137&cv=11&fst=1725696546137&bg=ffffff&guid=ON&async=1&gtm=45be4940v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=527457594.1725696546&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b917171a16ef36abfafcc812ffbfa952877aacc1d36cf58462b82f2d100f5aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10875945736
td.doubleclick.net/td/rul/ Frame C978 0
0 253ms
91ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10875945736?random=1725696546137&cv=11&fst=1725696546137&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=527457594.1725696546&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 8bf536e90c124c87 Show response
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D687 0
638 B 79ms
74ms XHR
text/plain 2606:4700:10::6814:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/8bf536e90c124c87

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8bf536f70f564c87-HEL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 936 B
618 B 202ms
70ms Script
text/javascript 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=f8cc85c800039e8f8ce3

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

ESF /

Resource Hash

9efa5779783e429b7c055d0f20699fcb7452a49421d39f414b59ff447d964c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 07 Sep 2024 08:09:06 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 76ms
66ms Fetch
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4940v878425165za200&_p=1725696545066&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1301527179.1725696547&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725696546&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3025
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 67ms
67ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=164596545&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F&ul=fi-fi&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1949111155&gjid=2027728394&cid=1301527179.1725696547&tid=UA-89207177-8&_gid=1252326181.1725696547&_r=1&gtm=457e4940za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=497336581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 250ms
100ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5561763581314444&plah=t.ly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9b531851b421be1d0da545fc15630a495b85eeca40bc979d221e4e42705faf7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-vjCyxrf-5vuXlNJbdGz-tQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-vjCyxrf-5vuXlNJbdGz-tQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMSqPZdYTYH4_rpLrM-BeO_HS6xHgViIh2PRlA_b2AQOfPu6mllJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDSwFTPwDi-wAAATmo_Pw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Fetch
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 540 KB
214 KB 271ms
60ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e021ef9edf3b2db8151fa1fccc8f46fa13aecc81a8bcfffdde84606b0232811d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Sep 2024 07:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218670
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Sep 2025 07:15:36 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 73ms
72ms Image
image/gif 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1725696546137&cv=11&fst=1725696000000&bg=ffffff&guid=ON&async=1&gtm=45be4940v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=527457594.1725696546&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf25dqdx23IKmZxY3IuZvrI6nYgEZ36Q&random=269210512&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ru/pagead/1p-user-list/10875945736/ 42 B
64 B 172ms
79ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-user-list/10875945736/?random=1725696546137&cv=11&fst=1725696000000&bg=ffffff&guid=ON&async=1&gtm=45be4940v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=527457594.1725696546&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf25dqdx23IKmZxY3IuZvrI6nYgEZ36Q&random=269210512&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUibmSmSKqDqd42nrr3o-OZiTAmA5QS3XBQt7muDnXgkzirLPUApEvO6rXfWMEddKm7mvXaCOGBIcEp7jN2nXfM0Dq2yO5NzFGvm3uQ0apZ8MolEj7Eptc6Wun-VucxYD7eZ6Z7Eg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 119ms
113ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUibmSmSKqDqd42nrr3o-OZiTAmA5QS3XBQt7muDnXgkzirLPUApEvO6rXfWMEddKm7mvXaCOGBIcEp7jN2nXfM0Dq2yO5NzFGvm3uQ0apZ8MolEj7Eptc6Wun-VucxYD7eZ6Z7Eg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1Njk2NTQ3LDE3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIjdrLWo0VUJ0ME5NIl0sWzksImZpIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTM0MDI1MV0sbnVsbCwxM10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.7k-j4UBt0NM.es5.O/am=SDA/d=1/rs=AJlcJMw3dkm9q22b8zCNXZ4NbENDFGorXw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3e3a4e28e9d02413642d13cb12a0fbe19d918eb9a6f31f8e918816b3eb10c02

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-3-TigXyrXJ5IvDNkMO_12Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-3-TigXyrXJ5IvDNkMO_12Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1JBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMSqPZdYTYH4_rpLrM-BeO_HS6xHgViIm2PxlA_b2AR2vFpZoqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGlgqmdgHF9gAAAAST6g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/ Frame B42D 0
0 196ms
59ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 32678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 23:04:29 GMT
etag: 5947459844715414650
expires: Fri, 20 Sep 2024 23:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6666 0
0 647ms
604ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725696544&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696546039&bpp=28&bdt=1291&idt=576&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5499396373179&frm=20&pv=2&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 86356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8ABB 0
0 908ms
874ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696546039&bpp=3&bdt=1291&idt=671&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39161
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 77ms
74ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240904&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

38d57872d56ea93d4fb259d9f042cafd65152e69d8f84da9058b884394ee26af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12951
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 241ms
76ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 08:09:07 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame FE9B 0
0 224ms
89ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=fi&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=kl3pn87s3rql

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-9A_mHbCZzWz07OEtM_dlGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-9A_mHbCZzWz07OEtM_dlGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVsQ6kCxnZA-tHLDElUHKpdU_VxDxUaYkpe1FON6ouhtgKZXsZ7nQcBd4GLuGh0ZurKxNFStUlLvEAs7fOjD0wk2EwPI0hRNNayPAhCnJc-2aPIJh04N7fKunhPlvTSiRFfSwiNOA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 98ms
97ms Script
application/javascript 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVsQ6kCxnZA-tHLDElUHKpdU_VxDxUaYkpe1FON6ouhtgKZXsZ7nQcBd4GLuGh0ZurKxNFStUlLvEAs7fOjD0wk2EwPI0hRNNayPAhCnJc-2aPIJh04N7fKunhPlvTSiRFfSwiNOA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1Njk2NTQ3LDY0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCI3ay1qNFVCdDBOTSJdLFs5LCJmaSJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzNDAyNTFdLG51bGwsMTNdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f14.1e100.net

Software

ESF /

Resource Hash

0097921b61caaecb7baf9aac0a159c45dc3bb319480ad53499563c2fdfc32497

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-ITzGr2oaptts-qZzCJIQhQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-ITzGr2oaptts-qZzCJIQhQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B-IlERdZDyReZDVUuMRqD8SqPZdYjYH4_rpLrM-BeO_HS6xHgViIh2PxlA_b2AQmrFx0hUlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDSwFTPwDi-wAAAKos-ig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FFF 0
0 189ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 07:53:49 GMT
expires: Sun, 07 Sep 2025 07:53:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 47D2 0
0 74ms
72ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-j1aqse6W904gL8q25hSZGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-j1aqse6W904gL8q25hSZGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:07 GMT
expires: Sat, 07 Sep 2024 08:09:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWyn9wdI7cz0HN_ZFuk2epXqh6KgFoKkxbADD_w1WlkaEIPNDWo00pr00LNkgnUQ9mlylduZFBWCBwl8XCYBZg7B5DxhdGZVEcxCXMYk5tOKfHYkY-V80TvncV4-4k3BWFsWUj4Jg== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 192ms
68ms XHR
text/html 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWyn9wdI7cz0HN_ZFuk2epXqh6KgFoKkxbADD_w1WlkaEIPNDWo00pr00LNkgnUQ9mlylduZFBWCBwl8XCYBZg7B5DxhdGZVEcxCXMYk5tOKfHYkY-V80TvncV4-4k3BWFsWUj4Jg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ePHHi35iXRPqd9-xZECsvg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sat, 07 Sep 2024 08:09:07 GMT
content-security-policy: script-src 'nonce-ePHHi35iXRPqd9-xZECsvg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDgWT_mwjU3gwKrPh5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGpnoF5fIEBAHMLLnc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/ 171 KB
58 KB 90ms
89ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

c440b12c7fca304089566bf3a5d47c8c5918ed9b6386e5f80dad1124274d3c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 08:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58848
x-xss-protection: 0
server: cafe
etag: 9160725246649706617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Sep 2024 08:09:08 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F62D 0
0 746ms
681ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3975757563&adf=2975737942&pi=t.aa~a.1108372886~rp.4&w=1140&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&to=qs&pwprc=8670500221&format=1140x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696548166&bpp=1&bdt=3418&idt=-M&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=2&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41508
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3F87 0
0 734ms
690ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3422485851&adf=1884426790&pi=t.aa~a.3318223460~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1725696544&rafmt=1&to=qs&pwprc=8670500221&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725696548166&bpp=1&bdt=3418&idt=1&shv=r20240904&mjsv=m202409030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1140x280&nras=3&correlator=5499396373179&frm=20&pv=1&u_tz=180&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&oid=2&pvsid=2524872227195733&tmod=650615524&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 19036
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 196ms
126ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C44759842%2C31086639%2C44795921%2C95338227%2C95341664%2C95342032%2C95335246%2C95340844%2C95340253%2C95340255&hl=en&pvc=2524872227195733

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:09:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 191ms
116ms Fetch
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5561763581314444&plah=t.ly
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/ Frame E4D6 0
0 12ms
12ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 32678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 23:04:29 GMT
etag: 5947459844715414650
expires: Fri, 20 Sep 2024 23:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/ Frame 7873 0
0 45ms
45ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240904/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 32678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 23:04:29 GMT
etag: 5947459844715414650
expires: Fri, 20 Sep 2024 23:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame C6D5 0
0 87ms
73ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fi&v=EGbODne6buzpTnWrrBprcfAY&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-a23KUX5jBf1J3g_32bgqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-a23KUX5jBf1J3g_32bgqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 08:09:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240904&jk=2524872227195733&bg=!KyilKGfNAAY2Tt88Fk47ADQBe5WfOGIu2ELPXkwN5bQjnahAVPPjIj5sF1g3I2EcjEQtN4AwGRc1yyUFk62V-UGvAhYnAgAAAPFSAAAACWgBB34ANYdv43p14G9dh_P0lMVJucPrR0YXUp8g9-rCi3NjcELlGBCAZCIDd33L1Jvv4JzkoQ6JaKjomQKZigmMnnF38vNwSXdIdwvE6_Ve3P2V8qBdUebdJbbqAsrGwKGDrQda-qA4D3oujS9chBQXYx9Y8ehxKTnMQXlObjPRAWGBAoe_rTXPCJgHCJ1Gic8MX8hJOif_LVOo0B6pZnsx08S9nUW5Je--TH8GlQ0mx0ZeqYc8QQC-ND_tWL0RyYZoSOJ6GZLpToX5XnVRnAxiHyCp7Ctd3h8wV2RN0HoR50jdGefKkAw_RpGwVVlrxkfiRsOJWdEnXOymcKhcMZnkaAjUrb0Nu44Z31xLjXPCn30AyCiMwCrCtPewbmNvGlp2DRAFI9RKxe6CNzkabq5zYTQP_RA61T_XJC8lemK-4VCw7KfMDpKIJ8z9eXHLApdsXkqe6RKIUbXvBZgrV8mSQ5r_wNUD4KiiFUAqp8gKSvmzFFxJZmIOgfR5fYy3_6fm7YHIlMcycj2sCdVb-OBpw6oGSuTBlBk-J-mD2DErevIjjPR38RVc2MV5oqZLTZM3MPHT6nDxQwaB4C87420oOt0m490Gn55NVE1t3uvAqvS9meAEuEDyweOKxZiCl7BEqEpClhLD7YGAsXo6mXApUAA_c3I_QmsbTJV1sJOai-_D7zJR7O4QKBHBkMeQVITXw2E9dueDsNGOqpxP2DyVI8cMRpMltRDHQBpOgI3uaiPtiXL7uCaPxTz5XTrz47Re30evKuKCA_Ax3xBC8iy5BjTgXCVPXoscKz7Vp56xggITLjqotxUjazVBdDE-fv2pHtO2AWXIEbssmG5_FJa98yMgTEJip1RGnQCi1PavAXGYQcNhFkkml3KnSgUVfFD_deoRZVjtBU020fQTprnB2K8ukI_NxXi1jdNzEFt58wx6nATUhhS5CKdppO1TYrDMqPqTMVw

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 03:40:48	Name: _GRECAPTCHA Value: 09ACY6sGw6iOzOc6SvWSaCW40FSknN1urp2-42Q94FiGD_X1_7R81B0kW77A1E5dlc7-JlzGs25Ms22Dbl6XKjEGM
.t.ly/	1970-01-20 23:41:46	Name: XSRF-TOKEN Value: eyJpdiI6IjZOdUN2dFVxeXlwaHNpTzlORnhWMFE9PSIsInZhbHVlIjoiak15QVNyU00zSTZXS0xKQUhxdGcvYXpWWE1IK2xYai9saVAyMXB6b1FZOU9EOEorcVZCOGphcUloNE15ejVsNlRCYWpoYU92YzZ5dUF1YzNlN09JdkRzOHJRK0pCNWk1czZzbVBuNGNxT2lNNjBvejFGZVNSakRobVFrdmVhbkMiLCJtYWMiOiIwNjYwMjIyMGRhZmMxOTljODk4ZGM0M2JkZDI1ZjgxMmYwMGI3N2JmNjllODEzOGY1NmIzYzg3MjRiMDgwYmQyIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-20 23:41:46	Name: tly_session Value: eyJpdiI6IlZjdXJkZEJGL251OW9mMDI0TWJqMHc9PSIsInZhbHVlIjoiWk5US3RraVdoNVBrNXlCZFpIM2ZIVHY1S2pXODFXQmY0eU01Z0NhZHpkaWRYaEplRVd4WUYvUTNoZlhrc0R4aStCTXJiVjB2ZXpkcGY2QTVmcG5UdWN0ekpPbzhZQWRFZXFkWDd1eW5CSEJBUE1IcjdlSkRrQThFREhidjVXRUgiLCJtYWMiOiI4ZWUzNmE2MWYyMTE4YmFhNzg2MTBhYzJhZTUwNDAzZDYzM2Y0YjYwMDM1YmFiMjIzZWIwMGQ5ZTAxYTVhMDk4IiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 23:31:41	Name: userTimezone Value: Europe/Helsinki
.t.ly/	1970-01-21 01:31:12	Name: _gcl_au Value: 1.1.527457594.1725696546
.t.ly/	1970-01-21 08:07:12	Name: cf_clearance Value: SUrGJ6KbVeb_Cr0LwuLhdZ0IZPm0fJLMRTLLWpBR5yw-1725696546-1.2.1.1-u0bthpzHmJrhwdA.kpc6gK1ufMDoPyqu1m_iDLvN1Byl7Hs4XwjVZgFYC72EZhymRQdVsuKe0FkAfqomDiPr4CqD4f9M_I0CavUwvV8jpXIjYINSLlBzEWbB1AIoPeXLLr6hswpYEzWpmIonT9k7mB3CVi174vHix2rvicA.2ORS_.RESMjDuzteTrHnSrJE.1r7onQlr6WPbDlJhpwELKhIMrXF3fv6zk_fLbVG3LwijLgacczDjhllZS3Rt9BHwenq2qxsNbqQNPprnf4ot9uTUfaVvNzaFwwBPjmnZlQXtAiLFsOhtyodbixcBoHRgu3prkp1dDY1LPM_SERTvmc4_1AFHktgLPlFZjDXCheGBBEdARr6lH6W8jPd6fPka7qdB0tFT0BI9xyDPaxWuZTDQqvZewp8rK.Uhqa6q1s3rAy6_UIcva5ITmjw7BKm
.t.ly/	1970-01-21 08:57:36	Name: _ga Value: GA1.2.1301527179.1725696547
.t.ly/	1970-01-20 23:23:02	Name: _gid Value: GA1.2.1252326181.1725696547
.t.ly/	1970-01-20 23:21:36	Name: _gat_gtag_UA_89207177_8 Value: 1
.doubleclick.net/	1970-01-21 08:43:12	Name: IDE Value: AHWqTUmBhFHUYxPePHOr9JJkok4TrCn5De3GFco-Sfuw6hUxP-3qpDBWspfIE8-syIE
.t.ly/	1970-01-21 08:43:12	Name: __gads Value: ID=f781b2188393f218:T=1725696547:RT=1725696547:S=ALNI_MbKbn_AVQJYuJrezp5zv9TGLWWCgQ
.t.ly/	1970-01-21 08:43:12	Name: __gpi Value: UID=00000ede67640702:T=1725696547:RT=1725696547:S=ALNI_MZK5IsQY1Xq5eDUBaCAIgRVE88iGg
.t.ly/	1970-01-21 03:40:48	Name: __eoi Value: ID=ebbf7f2e0b5bde9d:T=1725696547:RT=1725696547:S=AA-Afjamj5rK4xC3HSI2qxOCdQ_B
.googleadservices.com/	1970-01-21 01:31:12	Name: ar_debug Value: 1
.t.ly/	1970-01-21 08:57:36	Name: _ga_W1D48QS4F7 Value: GS1.1.1725696546.1.0.1725696549.0.0.0
.doubleclick.net/	1970-01-20 23:21:40	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.ly/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.wdfl.co
static.cloudflareinsights.com
t.ly
td.doubleclick.net
tpc.googlesyndication.com
twtr.to
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
104.17.24.14
104.17.73.14
168.220.91.95
216.58.206.34
216.58.206.36
216.58.206.67
216.58.206.78
2600:9000:225e:a400:1b:348c:b140:93a1
2606:4700:10::6814:785
2606:4700::6810:4f49
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
008e15b37ec0d86c51baed3811faac3a78dc02f8ab3de4cf82e3135fe235a62a
0097921b61caaecb7baf9aac0a159c45dc3bb319480ad53499563c2fdfc32497
0d148559124b2132f29d73b10e6f0c2e4e5c879ad5911f6428c1fddb69121efd
131840d9b347777c33709ed809626df841b8e62116fa0d2e73e00f0ecef5d641
1e1c08551dbca547e14978247ebc1e00bc0fa01ede91887a835895ad6c01bfcc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
38d57872d56ea93d4fb259d9f042cafd65152e69d8f84da9058b884394ee26af
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
4d83693237e4d50843ce6426180fba18106399dfce0a7143d4d1a321e53db680
539da8bfff5f7fb3c24f22d9afe34cf284178d9b39dadfde4b1577e11a6514eb
59e6b994f4eb87e55c350ba474624725ba06c9f87f51103d0e29458e154ded9e
5c9114cc187b1d759d734420e6c64a73f35f072b741c029aa402cabac82e3b26
5fedb45544c2661b2d8e9c7aa92873e28bb42494dd4e9144315b75abcd4805a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
779a545e076629a93bdc064adfff29d02d798282adf37bb3de449ff86e581c78
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2134a4fb27449a6cec22cfe3c193f47a4c6d8d89d96b5c8f98af7c2a9fd0d9
80575b7d7fc71dc4fef633020c5ade4c0fa24aebe2c3fc6068021b6166897733
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8de692c6d78291e4f78a5d3b1fa22fd093de483f21ef28940fb9f070a7bc628d
9efa5779783e429b7c055d0f20699fcb7452a49421d39f414b59ff447d964c2b
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a3e3a4e28e9d02413642d13cb12a0fbe19d918eb9a6f31f8e918816b3eb10c02
b61f5c12f24a73abd688892677eb11ea596ab389b7b38f4194149b5e558391ad
b917171a16ef36abfafcc812ffbfa952877aacc1d36cf58462b82f2d100f5aba
c440b12c7fca304089566bf3a5d47c8c5918ed9b6386e5f80dad1124274d3c26
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d178b0dbc154172c276c3de29dd17af8a5354b66fa3fd766112145acbbf41a28
d36f68c47a2f0b90f42386feaac4ca9338903bc7e7d290f12a74d803d2cb5642
d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e021ef9edf3b2db8151fa1fccc8f46fa13aecc81a8bcfffdde84606b0232811d
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f974814d6ce97ccf4209664a65925bc9514a58d9893343e5003c1a26917ea932
f9b531851b421be1d0da545fc15630a495b85eeca40bc979d221e4e42705faf7

t.ly Open in urlscan Pro 2606:4700:10::6814:785 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

59 %IPv6

12 Domains

16 Subdomains

17 IPs

3 Countries

2165 kBTransfer

5956 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

t.ly Open in urlscan Pro
2606:4700:10::6814:785 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

59 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2165 kB
Transfer

5956 kB
Size

16
Cookies

64 HTTP transactions
1 data transactions