t.ly Open in urlscan Pro
2606:4700:10::6814:685 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bitbitz.icu/
Effective URL:
https://t.ly/
Submission: On July 22 via api (July 22nd 2024, 7:18:05 pm UTC) from CA — Scanned from US

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 70 HTTP transactions. The main IP is 2606:4700:10::6814:685, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 29484.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.220.91.95 168.220.91.95	40509 (FLY) (FLY)
1 23	2606:4700:10:... 2606:4700:10::6814:685	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21d... 2600:9000:21dd:7400:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
9	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
5	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.80.14 142.250.80.14	15169 (GOOGLE) (GOOGLE)
1	142.251.40.238 142.251.40.238	15169 (GOOGLE) (GOOGLE)
70	15

1 168.220.91.95 (United States) 1 redirects

ASN40509 (FLY, US)

bitbitz.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6814:685 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:7400:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.80.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 29484	1 MB
15	google.com www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	77 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	331 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	343 KB
1	gstatic.com www.gstatic.com	212 KB
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 44174	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	bitbitz.icu 1 redirects bitbitz.icu	845 B
70	11

	Domain	Requested by
23	t.ly	1 redirects t.ly static.cloudflareinsights.com
10	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
5	www.google.com	t.ly www.gstatic.com tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	t.ly www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.gstatic.com	www.google.com
1	r.wdfl.co	t.ly
1	cdnjs.cloudflare.com	t.ly
1	static.cloudflareinsights.com	t.ly
1	bitbitz.icu	1 redirects
70	13

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
t.ly GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://t.ly/
Frame ID: 050F458B48F1D7942D35DD78F08E627C
Requests: 59 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: 4F17388151073D13923444342883B601
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html
Frame ID: C2CA91FA3DCBCC106402CA068515CF63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721675877&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_7~27_8~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675879408&bpp=13&bdt=1280&idt=1169&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2189367765646&frm=20&pv=2&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1187
Frame ID: 7FD024ED9468EF7279FC85CEC84DCAD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721675877&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675879421&bpp=2&bdt=1293&idt=1184&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2189367765646&frm=20&pv=1&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1192
Frame ID: 48262C6269117E67B1983CB3BC799B0F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=7lplw0ygpaoh
Frame ID: 2C5095B24000B8B4C7114B8314136109
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9911C529899FC2B5D7E6DA9A1B8615A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A92B00A83173A2DCEDE2E680E80B1C69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: 518CBFDFD425A7732B9B2E03D691500C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1721675877&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675882865&bpp=1&bdt=4737&idt=-M&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D387ef2c81ff590d2%3AT%3D1721675880%3ART%3D1721675880%3AS%3DALNI_MYi6gHTqvGZxJugZSYuSe46anlzow&gpic=UID%3D00000ea284969ac4%3AT%3D1721675881%3ART%3D1721675881%3AS%3DALNI_MbF-VBf9z2JkFpZVjMU00CpNcLr3g&eo_id_str=ID%3D653d333fde360002%3AT%3D1721675881%3ART%3D1721675881%3AS%3DAA-AfjbjSq3VP_ZSRafyqph_n0jy&prev_fmts=0x0%2C1110x280&nras=2&correlator=2189367765646&frm=20&pv=1&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmwr5KnUa5YkbeDf_eAHAH29LuZw6aBSmGM63KR2jSpHOfUVs78M0a7jZCH145jKXMs6DQJFjhb0WSmDpKUtZbKWgA5&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=706
Frame ID: 141E40688AEB77EA26827C0A99077595
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html
Frame ID: D26ED026FCF64C8EC1EC63C9B1921DBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html
Frame ID: BDED7801EEEA9DAC7E8CF47A879520D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

https://bitbitz.icu/ HTTP 302
https://t.ly/ Page URL

Detected technologies

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

70
Requests

94 %
HTTPS

53 %
IPv6

11
Domains

13
Subdomains

15
IPs

2
Countries

2171 kB
Transfer

5963 kB
Size

47
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bitbitz.icu/ HTTP 302
https://t.ly/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
t.ly/
Redirect Chain

https://bitbitz.icu/
https://t.ly/

64 KB
18 KB

547ms
338ms

Document
text/html

2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372dc4f26e384c148edeea51badbe67ed20816af4814615c7c4c2e04c30fef13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8a75c61c3baa7c47-LAX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 22 Jul 2024 19:17:58 GMT
last-modified: Mon, 22 Jul 2024 19:17:57 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8a75c619de3f0ccd-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 22 Jul 2024 19:17:57 GMT
location: https://t.ly/
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 5c61e289-8f53-407d-81ed-4c9bbf8a9dcd
x-do-orig-status: 302
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 91ms
90ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2024 17:12:08 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6696a9e8-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8a75c61e9e867c47-LAX
expires: Wed, 24 Jul 2024 19:17:58 GMT

GET
H2 200 app.css
t.ly/css/ 298 KB
56 KB 103ms
103ms Stylesheet
text/css 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=19114040e05c815470e4

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131840d9b347777c33709ed809626df841b8e62116fa0d2e73e00f0ecef5d641

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276430
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-4a789"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c61e9e837c47-LAX
expires: Tue, 08 Jul 2025 00:44:08 GMT

GET
H2 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 119ms
114ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276430
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 10096
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-2770"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8a75c61f3f367c47-LAX
expires: Tue, 08 Jul 2025 00:44:08 GMT

GET
H2 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
728 B 93ms
92ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2024 17:12:08 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6696a9e8-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8a75c61e9e877c47-LAX
expires: Wed, 24 Jul 2024 19:17:58 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 314ms
131ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a75c6205fd96a26-LAX

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 223ms
113ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 886592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SAeSUglXPSXGP5Jkn1725IlcX4rVeE2azuL%2B43Tg9J2mORj3qnmLtSHAC35azevLVugbPTtVvh7JrdReqj4ltH8crtEIdq3w0ytPAJsSJRLWJU%2F7rnXn4QwLqJOXXc%2BTRMgrKhw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a75c61fed8e96ab-SJC
expires: Sat, 12 Jul 2025 19:17:58 GMT

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 709ms
349ms Script
text/javascript 2600:9000:21dd:7400:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:7400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcf8bb603f4fc395546fc55e745c53d86c581a19b0c6bcd4ffafde4432034292

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:55:59 GMT
content-encoding: gzip
via: 1.1 45a2ed7d71b913b3658a34b14cb3cc86.cloudfront.net (CloudFront)
last-modified: Sat, 20 Jul 2024 05:53:47 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1320
x-amz-server-side-encryption: AES256
etag: W/"b7ee3d419f26dafab569dd9a3adcdb1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: A637-FrFR0eA8ePNtYs6IkKUscs6gu5T6n3hIowd6eqdKrIPR40JyQ==

GET
H2 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 241ms
237ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276430
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-9807"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c61f8fed7c47-LAX
expires: Tue, 08 Jul 2025 00:44:09 GMT

GET
H2 200 vendor.js Show response
t.ly/js/ 2 MB
696 KB 200ms
197ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=f8cc85c800039e8f8ce3

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e6b994f4eb87e55c350ba474624725ba06c9f87f51103d0e29458e154ded9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276429
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-22f221"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c61f8ff27c47-LAX
expires: Tue, 08 Jul 2025 00:44:08 GMT

GET
H2 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 240ms
237ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=a87e3c8dd4a528147c19

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0188af4a9d04bb1fc01d8c442242261dc0dbc7f6f6a3b751fa2f381e7a0a887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1226924
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c61f8ff47c47-LAX
expires: Tue, 08 Jul 2025 14:29:14 GMT

GET
H2 200 app.js Show response
t.ly/js/ 105 KB
26 KB 240ms
238ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=88bcbbcb63b675c54cfd

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f0096c941f2a16f5c945ae60b48b69dd1c0953fd7e91dadaaac4cbb45d9d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1226924
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-1a5d6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c61f8ff77c47-LAX
expires: Tue, 08 Jul 2025 14:29:14 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 178 KB
53 KB 813ms
506ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

33231e596239a737a51e0d9efeba772fddd7e38b45eaa594433cc21b8e3fb110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54633
x-xss-protection: 0
server: cafe
etag: 4619261368774889796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jul 2024 19:17:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 505ms
192ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dbb49472eff266b1b687e9c59eb66735c995d9947456d7c48f4d46b4f5bd864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jul 2024 19:17:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
86 KB 550ms
238ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b9c434d579308574919a341efa6047302e995d3e13c6e8db130aef795bd773e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88052
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 18:38:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 19:17:58 GMT

GET
H2 403 favicon-32x32.png
t.ly/ 16 KB
8 KB 226ms
225ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9072d5ea03544f5f4bc9f2c447766a196bb311b00342758a4a7140ee3b3c8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: jry8QQ7swa/Vk1i0VMw+SrccP0zQQbQBgMhRpxDm12izMCWBZfeLn919ddNj1hds3K02I+jbi5zkUCFdGWp0/05/ADT0oyGJ+3RTJkUMXJcaEX2TTBvlKJyf3bdfEgHYvFLGu6X4FSoZ0hizN321MA==$peI6gk3jjOIPnRXRX7hE8Q==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8a75c62139da7c47-LAX
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 403 favicon.ico
t.ly/ 16 KB
7 KB 92ms
91ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc33793434ddba19925a8668b375ebf43ceeda61aa45d98a691e004302ad4fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: bkDg32dA3BVIGeparfNmICEgQOL2HJARlAxbkJqt4LaDPRmUGJ6vmBfwI/iktmoqH5wcRBiQkfAv69G1I4lS9M491qhRDhsif1XDi5q6ElX7++Vfwmd8c6l5cl2Vt90TINz704dxOtAXjbQAXwuScA==$5Wgf9QlKs2PN51I4uM3YsA==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8a75c622dbb57c47-LAX
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 950.js Show response
t.ly/js/ 788 B
780 B 108ms
108ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=de956b39a4455fcff160

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=a87e3c8dd4a528147c19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276430
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-314"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c6243d867c47-LAX
expires: Tue, 08 Jul 2025 00:44:09 GMT

GET
H2 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 112ms
111ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=f8cc85c800039e8f8ce3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276431
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 10096
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-2770"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8a75c6244dad7c47-LAX
expires: Tue, 08 Jul 2025 00:44:08 GMT

GET
H2 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
33 KB 212ms
210ms Font
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 8a75c6249e3d7c47-LAX
alt-svc: h3=":443"; ma=86400
content-length: 33896

GET
H2 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 98ms
97ms Font
font/woff2 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=19114040e05c815470e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=19114040e05c815470e4
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276429
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 156496
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-26350"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8a75c6249e3f7c47-LAX
expires: Tue, 08 Jul 2025 00:44:09 GMT

GET
H2 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
115 KB 202ms
201ms Font
font/woff2 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=19114040e05c815470e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=19114040e05c815470e4
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276429
x-do-orig-status: 200
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
content-length: 117372
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "12cea601-1ca7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000, no-transform, no-store
accept-ranges: bytes
cf-ray: 8a75c6249e407c47-LAX
expires: Tue, 08 Jul 2025 00:44:09 GMT

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame 4F17
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

8 KB
4 KB

90ms
89ms

Script
application/javascript

2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

Protocol

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a35f99ab2e79644766d60b9c85c093436cfb5cc568b07659123a7618dfd55d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a75c625eff77c47-LAX
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a75c6252f037c47-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 rum Show response
t.ly/cdn-cgi/ 0
140 B 115ms
113ms XHR
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://t.ly
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a75c6253f0c7c47-LAX

GET
H2 403 favicon-16x16.png
t.ly/ 16 KB
8 KB 115ms
114ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-16x16.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8d7b976bc83f1f39cae14cbc9b72992a1a3f403af5c59703dc7da1f0ab9f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-content-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: GPMhohenyuMvOGOonYCJGPDkVMyYtvncToA0FuhYYS4C7VVBzEB8DtV3fJwueBnEeL6uD+yLyaq7Y9v0XXZURnLLNUw/1Kl2ubPq74JZCH5A6MfGi/6sqKr60B81yBeGWTHPWnV/kaULEtQHJsAikg==$dqwVE2DOi5y+n2GeZ36xCg==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8a75c6253f0e7c47-LAX
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 906.js Show response
t.ly/js/ 5 KB
2 KB 109ms
108ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/906.js?id=afc5f18fec7e06d6bf2c

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=a87e3c8dd4a528147c19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276429
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-12e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c6253f147c47-LAX
expires: Tue, 08 Jul 2025 00:44:10 GMT

GET
H2 200 166.js Show response
t.ly/js/ 3 KB
1 KB 111ms
110ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=a87e3c8dd4a528147c19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
age: 1276429
x-do-orig-status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-whom: tly-app
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12cea601-d91"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, no-transform, no-store
cf-ray: 8a75c6253f187c47-LAX
expires: Tue, 08 Jul 2025 00:44:10 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
987 B 506ms
176ms Script
text/javascript 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=f8cc85c800039e8f8ce3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

3e20eaa8f7acd4bf088cdd367c98c399d30c52d0adfdb65951928166dccc9084

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 22 Jul 2024 19:17:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
99 KB 191ms
190ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb5970312a7546947b79db3d8a6d77de0d2b842d00fef9e5ea3f071c59905920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jul 2024 19:17:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
86 KB 1213ms
1213ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77b74527acf4d6c4fbab62dc5da49bf3463b523df5de49b7effea1b3827b2b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88078
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 18:45:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 19:18:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1648ms
153ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jul 2024 18:15:29 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jul 2024 20:15:29 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 93 KB
32 KB 727ms
252ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

d0300b8e7b7829c9a35979f2a4e41e89ab5eb12ff3799c0f037a2e148fb91dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33083
x-xss-protection: 0
server: cafe
etag: 5186224731859647656
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 19:17:59 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 423 KB
143 KB 712ms
238ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

4c28df4b90ef34a45ec9e923a847cc257157bfa554cfe156e412aee13b89de2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146094
x-xss-protection: 0
server: cafe
etag: 13732632240513160638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 19:17:59 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 2 KB
1 KB 707ms
232ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1721675879433&cv=11&fst=1721675879433&bg=ffffff&guid=ON&async=1&gtm=45be47h0v888461834za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=149350818.1721675879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

45008758148a1fe7b5621f82373bd5aea0e6bd7eb200b8c03fdd0aa06d744aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 8a75c61c3baa7c47 Show response
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4F17 0
346 B 119ms
114ms XHR
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/8a75c61c3baa7c47

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jul 2024 19:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8a75c627aa207c47-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 534 KB
212 KB 476ms
155ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216123
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Jul 2025 19:03:34 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 175ms
175ms Image
image/gif 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1721675879433&cv=11&fst=1721674800000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v888461834za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=149350818.1721675879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLhjCQZ3mytsUdz7Ye2w4uKD9v8w2gjg&random=1699507406&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 615ms
296ms Fetch
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je47h0v878425165za200&_p=1721675878553&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=809831322.1721675881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1721675880&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3603&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 209ms
209ms Fetch
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/ Frame C2CA 0
0 465ms
153ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:16:11 GMT
etag: 2738592464165616
expires: Mon, 05 Aug 2024 19:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7FD0 0
0 1834ms
1528ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721675877&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_7~27_8~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675879408&bpp=13&bdt=1280&idt=1169&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2189367765646&frm=20&pv=2&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 69803
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:02 GMT
expires: Mon, 22 Jul 2024 19:18:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 234ms
233ms XHR
application/json 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240718&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

446f9da67d82a526380f2034f15fb755a56166a17994744e35b07f4093680b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12929
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4826 0
0 1566ms
1273ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721675877&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675879421&bpp=2&bdt=1293&idt=1184&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2189367765646&frm=20&pv=1&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:02 GMT
expires: Mon, 22 Jul 2024 19:18:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2C50 0
0 561ms
187ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=7lplw0ygpaoh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4jOphl7Usy9jHb3S-xugBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4jOphl7Usy9jHb3S-xugBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 569ms
181ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jul 2024 19:18:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 170ms
168ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1494587180&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F&ul=en-us&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=542741764&gjid=1382941955&cid=809831322.1721675881&tid=UA-89207177-8&_gid=2106548116.1721675881&_r=1&gtm=457e47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=1566476106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A991 0
0 462ms
159ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:00:18 GMT
expires: Tue, 22 Jul 2025 19:00:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame A92B 0
0 165ms
164ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y-GK1ObwlqY9tM5IfPrnMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y-GK1ObwlqY9tM5IfPrnMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:01 GMT
expires: Mon, 22 Jul 2024 19:18:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 171 KB
57 KB 216ms
216ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

2d9c9494c431f3b3a56e830274fed9631262c0ccb10eb55f16627c097653dbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58809
x-xss-protection: 0
server: cafe
etag: 3292530180086636029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 19:18:02 GMT

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 201 KB
67 KB 614ms
194ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

235abcc7cfa74ecae15e7b184d5fc75ec0a9e388c518f01e3a691bfc12f8abed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZPfs-UVYrmOVQtB9UKp_OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZPfs-UVYrmOVQtB9UKp_OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLmeP3g1xY2gR13vzkoaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGxnqGZjHFxgAAPD6Ooo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 208ms
208ms Image
image/gif 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&hl=en&pvc=3090613480580481

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 200ms
200ms Fetch
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 518C 0
0 169ms
168ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iEDiiEjTQ-KqzyHZv0RLeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iEDiiEjTQ-KqzyHZv0RLeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 469ms
169ms XHR
text/html 142.250.80.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jZ3sgsKoKFY.es5.O/am=Mhg/d=1/rs=AJlcJMw9eA3oDHO2pgn57RZ0-OKYkI67qA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZLGhjHjWl7SLMDgZM3rkcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 19:18:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZLGhjHjWl7SLMDgZM3rkcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_H6wa8tbAIrnu_YwqzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDc30DMzjCwwAkNgsmQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWuRBHV0vjnyUa6K1aPwfEmnX_wjtckJqsDl3e4OX2goVWsM0lyalMPmJ4VvZre_2L2191Ih38gDMvUp5Kydac6qNsAlfluy9sferC4HPfqOsoK8-hnAafGnC5TffUxMy9t5rDDgQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 695ms
694ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWuRBHV0vjnyUa6K1aPwfEmnX_wjtckJqsDl3e4OX2goVWsM0lyalMPmJ4VvZre_2L2191Ih38gDMvUp5Kydac6qNsAlfluy9sferC4HPfqOsoK8-hnAafGnC5TffUxMy9t5rDDgQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNjc1ODgzLDU2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsImpaM3Nnc0tvS0ZZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6efd182d03814c0eca6dde83f9a3b109c7a1142e7e60ee8556d69e7c42b8a61a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tPevm6y7LoI7S2_gHnBGqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-tPevm6y7LoI7S2_gHnBGqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLmePPg1xY2gRmb9oUoaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGxnqGZjHFxgAANZxOg4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 141E 0
0 899ms
898ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1721675877&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721675882865&bpp=1&bdt=4737&idt=-M&shv=r20240718&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D387ef2c81ff590d2%3AT%3D1721675880%3ART%3D1721675880%3AS%3DALNI_MYi6gHTqvGZxJugZSYuSe46anlzow&gpic=UID%3D00000ea284969ac4%3AT%3D1721675881%3ART%3D1721675881%3AS%3DALNI_MbF-VBf9z2JkFpZVjMU00CpNcLr3g&eo_id_str=ID%3D653d333fde360002%3AT%3D1721675881%3ART%3D1721675881%3AS%3DAA-AfjbjSq3VP_ZSRafyqph_n0jy&prev_fmts=0x0%2C1110x280&nras=2&correlator=2189367765646&frm=20&pv=1&ga_vid=809831322.1721675881&ga_sid=1721675881&ga_hid=1494587180&ga_fc=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334527%2C95334830%2C95337496%2C95337586%2C95337869%2C95338247%2C31084678%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmwr5KnUa5YkbeDf_eAHAH29LuZw6aBSmGM63KR2jSpHOfUVs78M0a7jZCH145jKXMs6DQJFjhb0WSmDpKUtZbKWgA5&pvsid=3090613480580481&tmod=1844025199&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=706

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11058
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:18:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/ Frame D26E 0
0 0ms
0ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:16:11 GMT
etag: 2738592464165616
expires: Mon, 05 Aug 2024 19:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/ Frame BDED 0
0 0ms
0ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240718/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 19:16:11 GMT
etag: 2738592464165616
expires: Mon, 05 Aug 2024 19:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 164ms
164ms Fetch
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je47h0v878425165za200&_p=1721675878553&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=809831322.1721675881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEII&_s=2&sid=1721675880&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=ad_impression&ep.query_id=CN6iubquu4cDFd8jTwgdYaEFMg&_et=2081&tfd=6710&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 19:18:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWrfdG4lRxhEf6z1xK7JTjsIDDEMnNvGk0YukhX9mCRyRO01O11hq6Zlynx6ED3msZY3pi5L6_XrEqQFV4XcllaTdZFeq1hLgj7Li52Dr31YuehD4HfLS9RF-Wg59uVs3ShALijwg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 171ms
170ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWrfdG4lRxhEf6z1xK7JTjsIDDEMnNvGk0YukhX9mCRyRO01O11hq6Zlynx6ED3msZY3pi5L6_XrEqQFV4XcllaTdZFeq1hLgj7Li52Dr31YuehD4HfLS9RF-Wg59uVs3ShALijwg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNjc1ODg0LDI2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCJqWjNzZ3NLb0tGWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5055e6a2f0d70375c4c9a26bb86f195979c3a8261010ca7ce0146e114149e56

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--4fndab4hRTntzgkgzN4Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--4fndab4hRTntzgkgzN4Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhePPg1xY2gYYFs1cwKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsZ6hmYxxcYAAADwzoY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads_door. Show response
fundingchoicesmessages.google.com/f/AGSKWxVvlpqmZU0h6x7o0WD8phlLqZ4ND1tGKPMZru8MUi1hoYfpwhV8rf3sCwMwh_E3PB01uEpH9QXHbiv7yYJ8y_6szJ3TfFD-7ko81QmG1gneJrOtwUoTI7X0oihFfIVrlRuYEVv7qPRzZXkCn4KPDim5Kewrk... 54 B
109 B 176ms
175ms Script
application/javascript 142.250.80.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvlpqmZU0h6x7o0WD8phlLqZ4ND1tGKPMZru8MUi1hoYfpwhV8rf3sCwMwh_E3PB01uEpH9QXHbiv7yYJ8y_6szJ3TfFD-7ko81QmG1gneJrOtwUoTI7X0oihFfIVrlRuYEVv7qPRzZXkCn4KPDim5KewrkMe8qSCFoDXON0ICgXSQlrNdXPOsmJWN/_/530x60_/adtag./popad.-ad-001-/ads_door.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jZ3sgsKoKFY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxyMTmmiTdrKahpNEfnmZZLaLhAtw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

8c0b7f6ebd9db3d2f29689aad5ea9bd942c9a130dfa1f85012e09a8d020bb998

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Br5ZWsPFoKZ-ma74wWDNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-Br5ZWsPFoKZ-ma74wWDNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgNlS4xOoIxELcHG8f_NrCJtBxrMdOSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA3MhQz8A8vsAAAIxKPDQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 68 KB
25 KB 152ms
151ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

38e9a26f6324f88cc4dff3eeb5e20615e40a82d0235653c05a3bfd1683288164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25860
x-xss-protection: 0
server: cafe
etag: 6594329541611521052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jul 2024 20:02:57 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uredRGNan5iyVyRnYzxCAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-uredRGNan5iyVyRnYzxCAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEzfH2wa8tbAILPqywVXJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuaGZnoG5vEFBgBbhSwa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-azdB0kR2jqSBUNdEWl0qHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-azdB0kR2jqSBUNdEWl0qHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_H2wa8tbAIzNtyYyKjkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDc30DMzjCwwAfV4sUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q_nmC1_QVzh5LnFQWIPRYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q_nmC1_QVzh5LnFQWIPRYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_H2wa8tbAILdqxcz6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDc30DMzjCwwAf_YsWQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLaXrsRzFloe9eVWOvq5ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-uLaXrsRzFloe9eVWOvq5ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEw_H2wa8tbAIfjjasZ1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmhmZ6BubxBQYAjicsig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWmtlVEb6otphbzlwVAeXh3ujBTbUmbftPzFWPdJzcIu7IUIUb8xOqK5eyZRx0TnBjiwnGnHqRXKE_L3zpZhFNkUOMCJEVEQXYT6scfNQKM5EYeWxXDNCZAWTjq01vgwosncm-SbQ==
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 171ms
171ms Script
application/javascript 142.250.80.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWmtlVEb6otphbzlwVAeXh3ujBTbUmbftPzFWPdJzcIu7IUIUb8xOqK5eyZRx0TnBjiwnGnHqRXKE_L3zpZhFNkUOMCJEVEQXYT6scfNQKM5EYeWxXDNCZAWTjq01vgwosncm-SbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNjc1ODg1LDU1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsImpaM3Nnc0tvS0ZZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nt6-Sykf0k_CsLVCzUOmsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 19:18:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nt6-Sykf0k_CsLVCzUOmsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIDZUuMTqCMRCPBxvH_zawiaw4Nv6LUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgbmRoZ6BubxBQYAtLFCJQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST AGSKWxVbJiBtRT46n4kUXThQVyHTHxPdbH_ab83-7POG4iC-TFCGMvyRD-P9DVBu7XttEd6mHKW7wNmQhjhyeLmjjv56ZbGOB02dMkNGvVMuTOfwOvkm_mXUB8N6pR0zCwdhs06j1QPxhw==
fundingchoicesmessages.google.com/el/ 0
0

POST AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==
fundingchoicesmessages.google.com/el/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240718&jk=3090613480580481&bg=!iIuli8TNAAakBOpbhAQ7ADQBe5WfOCmyhwEGVUSTmKjdKGs718QZpMnwFggPCG3AA-xa-2e9Jo87heoKrahwME-T470xAgAAAMpSAAAAA2gBB34ANgugMz4kSNWj6-N55H3tLc43F6ua873St5TuFYcnCAS2MoPMJ2r_-Mh6xnhrMzbOdpAIR1Ztg5kCsGJW9crFs7nWG_5VYwW0GhX3Mano7wCZLsnafuvQB8cjWxuKute9H8Flbj3KQTQoT1MzTVjUgKHwLX3LXYuImtWmdogCYmXitTw8istDXB8SWmJSn8ytXQd-IUmqhdLXhRoIWmL31Hv6iSvaEICHWsN1kluh2bhJk2ZRQ06McW0vqpMFx2Qnbh65SxiIIC2H6MVuDACHB3xf51laC9vqNGs6eNeMIh3LUPiG78sWxsuGWsTUc8FJJwnnJUE2R0rxXs4AI4feGWQpaDWx2ulmkz3Zyt_rnR03Kb5aascHgQkgkxsV7mM1WWhBjpFteRySUAJn4XmXA1GNeJXSL2TGzZtbG5lNuMPFSf4lDYApt3PboDJ4dF90ujwZwITYI4fbdee1af61PIWl6RMJ1unRkCOnsVz8eT8HbMkG35nEwYJH6pdP5wwQXiz-lqN7CWCUZPIcJzhZme1YdjdUh3IB-eeYL6KHPcRSFip54cxSlDuKe4SHuITfUhjqmZ0BVC1nvueiBR0kh62uCqgCcB0Oku8zZs5ON59mkSI4Ac34Tb-jGfK-iFZ2AifeE53unXiBJC-Tyvq1hXD0qiGQHH75sQDQJU2xrLpo2fRBJcz9UAOU8s5ZHHGSo4wPgAYqjxA8RCZfNkS1mOSscQFjQwf6Mk7reMtRWTq9GxJzFYk-iwyKH8bZIqhz-OojCnOaj3MBUMyLoVhKNX4M81UXrHMeAlYKbVNbkt4h61YlJePUBqL28a5KGOyZQUW9NEfAtmPKweRYb_OZRqZ8cr-B4kHgo-DjyxMg6BXiGo9cxJX0r4exnVeUCr1W1J_Mp3DDIjGBE1KpdJKG2-TCpVfq2IxBXT0gXyrzVxHS1qG7LfoETMjBLbBJFpyXkiX7moArAtJHVFD7Rx5hgQjuYqe4Y6YCSeg

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxVbJiBtRT46n4kUXThQVyHTHxPdbH_ab83-7POG4iC-TFCGMvyRD-P9DVBu7XttEd6mHKW7wNmQhjhyeLmjjv56ZbGOB02dMkNGvVMuTOfwOvkm_mXUB8N6pR0zCwdhs06j1QPxhw==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxV13voXUf1vl7CMS00KksxSZDp1az2ZR5_TwRCGOnEoJSSWZXku5A12X2ed9axM0bDP6ThGV5JoPo39EmezvvQgdMoisG1lSWAMRFspBpZsABUnG1K9uCLesGOABdRdeuJeSHVpBA==

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:33:47	Name: _GRECAPTCHA Value: 09ALvppY-5SCyZYQTBwsFCyG30uFuBv0rdLxeQ-13UZmgyrBdvwIcSVvuBXBqMFIGfRO5w7lbUAZ73JtsgBW5wQS4
.t.ly/	1970-01-20 22:34:45	Name: XSRF-TOKEN Value: eyJpdiI6InFoSDAxUTBGN3RUOE80SmtDR250Znc9PSIsInZhbHVlIjoiYUs4cWdJSEhMV1A3ZEIvN0VUaHFSOXpRWENvREVMNjdZNytFREpIL3laZG5hYlp1bGxwRUI4SVAzeUZxUURISEpzS2tjai9Xdi9JSXdQSEo4MU80d1p0eFRxcXhvQjc5Tkc1RjhJTy80WDNuYVMyQTZoQ25BU1ZVT25kNlVLRDgiLCJtYWMiOiI0ZGZlM2FjNTk0ZGU2NTNhNDNkNmM3YTdhMGFlODNmYjYyNzk5YWNkMWNkZDM5OWU5Y2JkYTFlZGVmNDFiMzBmIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-20 22:34:45	Name: tly_session Value: eyJpdiI6Ilc4aVNuVU9WeG5nenoxNFhZdElhQXc9PSIsInZhbHVlIjoiZGFhTUl1Y29hMlVTVHVRYmI5ZU1pQUhTQSszeFhTdExQVE9Gd05NNjExSTNVcDY4NENmK002VTBhVUtWbVNMZXoya3BxOGJiRmFSV2h0NC9IK0hlM2gwU1hhRm9ndlU2TzZkbUNmVlBTM3cvVHlCZFlXN3lqdE9xN2o0N2ZNajAiLCJtYWMiOiI5YmJiZTFiODBiMThlZWY3ZGY0YjMxOTk5MzBkZWUwOGE3YWFjZmZmZDBhMzgwOGFlOWQ5ZDM4OGZjMGExNGUwIiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 22:24:40	Name: userTimezone Value: Pacific/Honolulu
.t.ly/	1970-01-21 00:24:11	Name: _gcl_au Value: 1.1.149350818.1721675879
.t.ly/	1970-01-21 07:00:11	Name: cf_clearance Value: fKD5MjAd2zhJnhmtjfisrJ8nh0dmIEJuONC2ZCnajtM-1721675879-1.0.1.1-z7lEy0fh.eD.9mebkycNyY75qEloSsLNuuEicktVJlXZgqBXXigGC3RL0zZkFYSkM2Eh1aOGnzaTRgVyAqTrsg
.t.ly/	1970-01-21 07:50:35	Name: _ga Value: GA1.2.809831322.1721675881
.t.ly/	1970-01-20 22:16:02	Name: _gid Value: GA1.2.2106548116.1721675881
.t.ly/	1970-01-20 22:14:35	Name: _gat_gtag_UA_89207177_8 Value: 1
.doubleclick.net/	1970-01-21 07:50:35	Name: IDE Value: AHWqTUkyXF0KnAIuj1YO4B2W2W0aKKd8eHopUdnsIgbwnNRjmtJCo0RrNpq8fqwFeCM
.t.ly/	1970-01-21 07:36:11	Name: __gads Value: ID=387ef2c81ff590d2:T=1721675880:RT=1721675880:S=ALNI_MYi6gHTqvGZxJugZSYuSe46anlzow
.t.ly/	1970-01-21 07:36:11	Name: __gpi Value: UID=00000ea284969ac4:T=1721675881:RT=1721675881:S=ALNI_MbF-VBf9z2JkFpZVjMU00CpNcLr3g
.t.ly/	1970-01-21 02:33:47	Name: __eoi Value: ID=653d333fde360002:T=1721675881:RT=1721675881:S=AA-AfjbjSq3VP_ZSRafyqph_n0jy
.tribalfusion.com/	1970-01-21 00:24:11	Name: ANON_ID Value: aFns6ErZcAQ9BqEr72it9ZcngUa3ZbTv4giKXahwLtTeBHHEESSGA1TIdvCUrcGB1YybZaYVBU9YJ5PWeGWTxxQi
.bidswitch.net/	1970-01-21 07:00:11	Name: tuuid Value: a472091b-903c-4e44-a6a5-004e2fecf03a
.bidswitch.net/	1970-01-21 07:00:11	Name: c Value: 1721675883
.bidswitch.net/	1970-01-21 07:00:11	Name: tuuid_lu Value: 1721675883
.googleadservices.com/	1970-01-21 00:24:11	Name: ar_debug Value: 1
.creativecdn.com/	1970-01-21 07:00:11	Name: ts Value: 1721675883
.creativecdn.com/	1970-01-21 07:00:11	Name: g Value: KDwAjhwkTA68fH30gj2Z_1721675883141
.contextweb.com/	1970-01-21 06:52:59	Name: V Value: OBonfvt78i37
.contextweb.com/	1970-01-21 06:52:59	Name: VP Value: part_OBonfvt78i37
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 26be779deb7ab66d
.bidr.io/	1970-01-21 07:43:09	Name: bito Value: AADLUk7NPWEAABWhtOKbGA
.bidr.io/	1970-01-21 07:43:09	Name: bitoIsSecure Value: ok
.adsrvr.org/	1970-01-21 07:00:11	Name: TDID Value: 0bd8bfc5-6c5e-4289-be84-ea2c435412d5
.doubleclick.net/	1970-01-21 02:33:47	Name: APC Value: AfxxVi5XD8Tsh67aLHFIA1FLdL0LNkbgB_GfJxvDHLjm-iFHOe2Bjw
.doubleclick.net/	1970-01-21 02:33:47	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 07:00:11	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI0PfBraGjlT0QBRgFIAEoAjILCML7wdm3o5U9EAU4AQ..
.blismedia.com/	1970-01-21 07:00:15	Name: b Value: 669EB06C111A80A69C48125ABLIS
.w55c.net/	1970-01-21 07:44:50	Name: wfivefivec Value: FdHkbBP81SvYxS5
.teads.tv/	1970-01-21 06:58:45	Name: tt_viewer Value: a92ff2ad-bacd-4d78-9928-110035d85c19
.sportradarserving.com/	1970-01-21 06:58:45	Name: zuuid Value: 526c8388-59cd-4508-b059-2e868f22316a
.sportradarserving.com/	1970-01-21 06:58:45	Name: c Value: 1721675884
.sportradarserving.com/	1970-01-21 06:58:45	Name: zuuid_lu Value: 1721675884
.w55c.net/	1970-01-20 22:57:47	Name: matchgoogle Value: 5
.mfadsrvr.com/	1970-01-21 07:00:11	Name: tuuid Value: aa86eba1-23b3-49ea-932a-8a99ba38c35d
.mfadsrvr.com/	1970-01-21 07:00:11	Name: c Value: 1721675884
.mfadsrvr.com/	1970-01-21 07:00:11	Name: tuuid_lu Value: 1721675884
.adx.opera.com/	1970-01-21 07:00:11	Name: UID Value: OPUd343e148d8c54a2583361b67662f2c21
.sportradarserving.com/	1970-01-21 06:58:45	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 06:58:45	Name: zuuid_k_lu Value: 1721675884
.mfadsrvr.com/	1970-01-21 07:00:11	Name: ssh Value: !google=1721675884
.casalemedia.com/	1970-01-21 00:24:11	Name: CMPS Value: 2285
.casalemedia.com/	1970-01-21 07:00:11	Name: CMID Value: Zp6wbNHM4ZcAAApiAHTn3AAA
.casalemedia.com/	1970-01-21 00:24:11	Name: CMPRO Value: 2469
.t.ly/	1970-01-21 07:50:35	Name: _ga_W1D48QS4F7 Value: GS1.1.1721675880.1.0.1721675885.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.ly/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitbitz.icu
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.wdfl.co
static.cloudflareinsights.com
t.ly
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
104.17.24.14
142.250.80.100
142.250.80.14
142.250.80.98
142.251.32.98
142.251.40.238
168.220.91.95
2600:9000:21dd:7400:1b:348c:b140:93a1
2606:4700:10::6814:685
2606:4700::6810:5049
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81f::2001
2607:f8b0:4006:823::2008
2607:f8b0:4006:823::200e
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
131840d9b347777c33709ed809626df841b8e62116fa0d2e73e00f0ecef5d641
235abcc7cfa74ecae15e7b184d5fc75ec0a9e388c518f01e3a691bfc12f8abed
23f0096c941f2a16f5c945ae60b48b69dd1c0953fd7e91dadaaac4cbb45d9d07
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b9c434d579308574919a341efa6047302e995d3e13c6e8db130aef795bd773e
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
2d9c9494c431f3b3a56e830274fed9631262c0ccb10eb55f16627c097653dbb0
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
33231e596239a737a51e0d9efeba772fddd7e38b45eaa594433cc21b8e3fb110
372dc4f26e384c148edeea51badbe67ed20816af4814615c7c4c2e04c30fef13
38e9a26f6324f88cc4dff3eeb5e20615e40a82d0235653c05a3bfd1683288164
3a35f99ab2e79644766d60b9c85c093436cfb5cc568b07659123a7618dfd55d9
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3e20eaa8f7acd4bf088cdd367c98c399d30c52d0adfdb65951928166dccc9084
446f9da67d82a526380f2034f15fb755a56166a17994744e35b07f4093680b5f
45008758148a1fe7b5621f82373bd5aea0e6bd7eb200b8c03fdd0aa06d744aa1
4c28df4b90ef34a45ec9e923a847cc257157bfa554cfe156e412aee13b89de2c
4f8d7b976bc83f1f39cae14cbc9b72992a1a3f403af5c59703dc7da1f0ab9f37
59e6b994f4eb87e55c350ba474624725ba06c9f87f51103d0e29458e154ded9e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6efd182d03814c0eca6dde83f9a3b109c7a1142e7e60ee8556d69e7c42b8a61a
77b74527acf4d6c4fbab62dc5da49bf3463b523df5de49b7effea1b3827b2b88
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c0b7f6ebd9db3d2f29689aad5ea9bd942c9a130dfa1f85012e09a8d020bb998
8dbb49472eff266b1b687e9c59eb66735c995d9947456d7c48f4d46b4f5bd864
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a5055e6a2f0d70375c4c9a26bb86f195979c3a8261010ca7ce0146e114149e56
a9072d5ea03544f5f4bc9f2c447766a196bb311b00342758a4a7140ee3b3c8e6
bb5970312a7546947b79db3d8a6d77de0d2b842d00fef9e5ea3f071c59905920
bc33793434ddba19925a8668b375ebf43ceeda61aa45d98a691e004302ad4fb6
bcf8bb603f4fc395546fc55e745c53d86c581a19b0c6bcd4ffafde4432034292
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0300b8e7b7829c9a35979f2a4e41e89ab5eb12ff3799c0f037a2e148fb91dae
d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0188af4a9d04bb1fc01d8c442242261dc0dbc7f6f6a3b751fa2f381e7a0a887
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

t.ly Open in urlscan Pro 2606:4700:10::6814:685 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

94 %HTTPS

53 %IPv6

11 Domains

13 Subdomains

15 IPs

2 Countries

2171 kBTransfer

5963 kBSize

47 Cookies

4 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

t.ly Open in urlscan Pro
2606:4700:10::6814:685 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

94 %
HTTPS

53 %
IPv6

11
Domains

13
Subdomains

15
IPs

2
Countries

2171 kB
Transfer

5963 kB
Size

47
Cookies

70 HTTP transactions
1 data transactions