Submitted URL: https://t.ly/ird.govt.nz/verify
Effective URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Submission: On October 14 via manual from NZ — Scanned from NZ

Summary

This website contacted 21 IPs in 5 countries across 14 domains to perform 126 HTTP transactions. The main IP is 2606:4700:10::6814:685, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 43201.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.
This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 50 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 2600:9000:277... 16509 (AMAZON-02)
7 2404:6800:400... 15169 (GOOGLE)
4 2620:1ec:bdf::31 8075 (MICROSOFT...)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
5 51.8.44.252 8075 (MICROSOFT...)
4 2404:6800:400... 15169 (GOOGLE)
7 142.250.204.2 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
6 142.251.221.68 15169 (GOOGLE)
3 142.251.221.67 15169 (GOOGLE)
8 142.251.221.66 15169 (GOOGLE)
6 142.251.221.72 15169 (GOOGLE)
4 142.251.221.78 15169 (GOOGLE)
1 142.250.66.227 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
126 21
Apex Domain
Subdomains
Transfer
50 t.ly
t.ly — Cisco Umbrella Rank: 43201
blog.t.ly
3 MB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
359 KB
11 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
c.clarity.ms — Cisco Umbrella Rank: 1236
f.clarity.ms — Cisco Umbrella Rank: 13416
31 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
301 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
5 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
67 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
231 KB
2 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 40758
128 B
2 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 23281
5 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
6 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
775 B
126 14
Domain Requested by
41 t.ly 2 redirects t.ly
static.cloudflareinsights.com
13 www.googletagmanager.com t.ly
www.googletagmanager.com
9 blog.t.ly
8 pagead2.googlesyndication.com t.ly
pagead2.googlesyndication.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 googleads.g.doubleclick.net www.googletagmanager.com
pagead2.googlesyndication.com
6 www.google.com t.ly
www.gstatic.com
tpc.googlesyndication.com
5 f.clarity.ms www.clarity.ms
4 fonts.googleapis.com pagead2.googlesyndication.com
4 www.clarity.ms t.ly
www.clarity.ms
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.co.nz
2 td.doubleclick.net www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 r.wdfl.co t.ly
2 cdnjs.cloudflare.com t.ly
2 static.cloudflareinsights.com t.ly
1 fonts.gstatic.com fonts.googleapis.com
1 fundingchoicesmessages.google.com pagead2.googlesyndication.com
1 www.gstatic.com www.google.com
1 c.bing.com 1 redirects
126 21

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com
Subject Issuer Validity Valid
t.ly
WE1
2024-10-01 -
2024-12-30
3 months crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02
2024-08-02 -
2025-08-30
a year crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.co.nz
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.gstatic.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 14 frames:

Primary Page: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Frame ID: 615F10AD71EB7BA77259F04CD49427F6
Requests: 114 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 3EBF5235F5C2100FB2D3774FC6053F93
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1728868075582&cv=11&fst=1728868075582&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 5F35F6EEAA71B01C121CFCE2759F8BB2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1728868076545&cv=11&fst=1728868076545&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3B9AFAB281ACFF59572DAF31281723FE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=lxbmo75nxw7u
Frame ID: 7F7FC38BADDCB31B3F2E6045EF757101
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: 56E57FD6D9F4C72FCB7523F72A6A5494
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728868076&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868076956&bpp=16&bdt=509&idt=589&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1140391893437&frm=20&pv=2&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=608
Frame ID: 03D4321DAAB1E9D805C40205C0DE265D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728868076&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868076972&bpp=2&bdt=525&idt=600&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1140391893437&frm=20&pv=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=605
Frame ID: BCAE0ADF7ECD4EF3D6418E8800CA755D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 4EF18FBBF2D5E81F9D1E33089B96200F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2390621EFDF38FC7FA79FFC03D934C0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: 04F34AB39E97D45056C5F12C8F5F6BA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728868076&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868080352&bpp=1&bdt=3905&idt=-M&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc00a981a8d86d33b%3AT%3D1728868077%3ART%3D1728868077%3AS%3DALNI_Mb12jK8WMk5JAn4Fka0K-YdR20ZhQ&gpic=UID%3D00000f410da2bc7f%3AT%3D1728868077%3ART%3D1728868077%3AS%3DALNI_MY0GI19gF584ltUlYs71ju8z48Cyg&eo_id_str=ID%3D8ddecdba873b7411%3AT%3D1728868077%3ART%3D1728868077%3AS%3DAA-AfjaaeZ0S_XsZIfAYaR_Q3lXr&prev_fmts=0x0%2C1110x280&nras=2&correlator=1140391893437&frm=20&pv=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&psts=AOrYGslNPhCfIEBQmQ21uxasGbd1Vn_N7Ys2KuIxKHnnH8K5F02T8gaTtxu8BFKBZ0QmruYCeWMukKDlpMDRUrOPVFKNupl1&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=835
Frame ID: AA2B4A388D626C9CC489E9A5A943E6A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: 118A623EAFBD81028CAAFC02F479B3A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Frame ID: D5DE1028FE38344D3F5C5AB02DF0ED9C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

  1. https://t.ly/ird.govt.nz/verify HTTP 302
    https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify Page URL
  2. https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

126
Requests

93 %
HTTPS

52 %
IPv6

14
Domains

21
Subdomains

21
IPs

5
Countries

4235 kB
Transfer

11058 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.ly/ird.govt.nz/verify HTTP 302
    https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify Page URL
  2. https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t.ly/ird.govt.nz/verify HTTP 302
  • https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Request Chain 21
  • https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Request Chain 27
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&RedC=c.clarity.ms&MXFR=00D203607C98644A0247167878986A87 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&MUID=13EBBA75884C66E23A5BAF6D89B667A9

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
expired
t.ly/
Redirect Chain
  • https://t.ly/ird.govt.nz/verify
  • https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
57 KB
17 KB
Document
General
Full URL
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54388c4909c2fa1bbd9a1d71e9c9f71fc89aa7dbca3da6a503b93deecd60e91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8d23acd23e6a7253-AKL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 01:07:54 GMT
last-modified
Mon, 14 Oct 2024 01:07:54 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
200
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8d23acccc9887253-AKL
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 01:07:53 GMT
location
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
302
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block
rocket-loader.min.js
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-302c"
x-content-type-options
nosniff
cf-ray
8d23acd8dc787253-AKL
expires
Wed, 16 Oct 2024 01:07:54 GMT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
app.css
t.ly/css/
298 KB
56 KB
Stylesheet
General
Full URL
https://t.ly/css/app.css?id=0865437f8e4ad9ea935b
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-4a7b8"
age
294874
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:12 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/css
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd8dc777253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/
10 KB
10 KB
Image
General
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
294873
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd91cb57253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
email-decode.min.js
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
728 B
Script
General
Full URL
https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-4d7"
x-content-type-options
nosniff
cf-ray
8d23acd91cae7253-AKL
expires
Wed, 16 Oct 2024 01:07:54 GMT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d23acd9894ed992-AKL
access-control-allow-origin
*
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
360292
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOFNagFwaa%2BSnkeEVbhGcJqI84VjYniZ7uo7gkhdcVTxIBIdIMPG%2BvlOFKDNkZYvGD6pbbMPxpQQFgASFh1QggrXRiQALnFXXadiOpYn8E7jYPplTquAZTUBQwp%2BozkPwpU4vKtD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 01:07:54 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d23acd96a46d9b2-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2774:8600:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
239763f30086eefe8f98d5a6c34520d8665fb9dd994d3a0d3b42fc2953951395

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"47c0f78b40860b2dbff06669d6c2a46d"
age
614
via
1.1 fd52efac0e72eb0d0b1148d8f877dd9e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BOZEuuWyNsxeiTHMBhyGy1hskGlnkRypvyEBIZ6RBg7cCi2ALZ55xQ==
date
Mon, 14 Oct 2024 00:57:40 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 17:09:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
x-amz-server-side-encryption
AES256
sweetalert.min.js
t.ly/js/
38 KB
12 KB
Script
General
Full URL
https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-9807"
age
294874
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd96d077253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
vendor.js
t.ly/js/
2 MB
709 KB
Script
General
Full URL
https://t.ly/js/vendor.js?id=6fbd2b425824b998f084
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-23b8e0"
age
294874
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd96d087253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
manifest.js
t.ly/js/
4 KB
2 KB
Script
General
Full URL
https://t.ly/js/manifest.js?id=00f1298909f629264cba
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-e54"
age
294874
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd96d097253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
app.js
t.ly/js/
114 KB
28 KB
Script
General
Full URL
https://t.ly/js/app.js?id=03f77feb04025d212abd
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-1c608"
age
294874
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acd96d0b7253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
js
www.googletagmanager.com/gtag/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3ace778cc511b0ab014311249cdd5799abc01c986c3cf58200ae615417e5bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76737
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
256 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79d0622a8d5a6c1253417da5d26c7a15dc6732dca3357df87497a2e11f128320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92233
x-xss-protection
0
server
Google Tag Manager
dq2387w4bl
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/dq2387w4bl
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
78306d5cf4a8214480b469dd733399a4896ec7c31c88401d98a1742cda13ad0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/x-javascript
x-azure-ref
20241014T010754Z-1586fff4c98ls9p9ns2d4w5eq400000003d00000000074mr
favicon-32x32.png
t.ly/
10 KB
8 KB
Other
General
Full URL
https://t.ly/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6234b585f6add426f08540bb6f25d595221f922d3d671f2abca297cf3f480fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
UG7d5NBVBotqxCnSqgbTR1GsvChsgCvf0pQDXKGTNo/Yi0vSbq+l+DCPsHhzlIdi7AoywAwbk8QSNrlvLFipUmH2pY0caRXzKx3Kw5h8RGRIptwPChbpr2FMhpUg5osALF869iNCtz71Ejh6qEmrxQ==$Iw0qBR2Tw/BU8Qc7DtU1Lg==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23acd9dd7c7253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
t.ly/
10 KB
7 KB
Other
General
Full URL
https://t.ly/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13459e1557ebaf970cea61cf8c319b171a82ffd2eaca64daea4ba998445e8489
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
XK8P95XQs9fgoCnGybue38PRNcRMmWVW1sAOJXRVh6q8/XSCFC8Bu7tiNUtECV/5DpaK4UXdFG3qPn6hfL8CIc2KAvaR0lMFDNseD+J3JE6/zIuYE+Cm4h3NMyMtCOd3r0Mq9TrODuI7UofSgaqyvQ==$g2iTpoQaO2XIsM1nr6muAw==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23acda2dd77253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon-16x16.png
t.ly/
10 KB
7 KB
Other
General
Full URL
https://t.ly/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4498c8e6eaf98efbdaf69b84ac3610af26ffbae60457e108de38282dbd50542
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
pgredfH1z2ilrsGYXcGklnfPjPWGtgbuRiHDLiwAFs6HPaI/xVT8FwPCrgnFTP9xVfHKdZT2ahjjxNwQ0cra+aahvj7JwLHABkcFwD3DcKRc2CbbyPnpIi1EuH/cbyZwlJ642OQqLJR9GUCKGiA/yQ==$oVsF/tpAokmKwbC/kfNnug==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23acda6e0e7253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
483.js
t.ly/js/
782 B
754 B
Script
General
Full URL
https://t.ly/js/483.js?id=adb5c22e402946b6624d
Requested by
Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7b04238f46a45514f72255ac74aace7eb979a492c73eebed8c7d138bbede3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-30e"
age
294873
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:56:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acdb3ee67253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/
10 KB
10 KB
Image
General
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
294873
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acdb3eef7253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/
33 KB
33 KB
Font
General
Full URL
https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
x-content-type-options
nosniff
cf-ray
8d23acdb4efb7253-AKL
alt-svc
h3=":443"; ma=86400
content-length
33896
date
Mon, 14 Oct 2024 01:07:55 GMT
vary
Accept-Encoding
server
cloudflare
main.js
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 3EBF
Redirect Chain
  • https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB
Script
General
Full URL
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Protocol
H2
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eabac39e626a7dc188e0affff6566152217c5b95ec9ec5a8d786d97707c376b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8d23acdbef957253-AKL
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
x-content-type-options
nosniff
cf-ray
8d23acdbaf527253-AKL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Oct 2024 01:07:54 GMT
vary
Accept-Encoding
server
cloudflare
rum
t.ly/cdn-cgi/
0
140 B
XHR
General
Full URL
https://t.ly/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d23acdbaf597253-AKL
access-control-allow-origin
https://t.ly
date
Mon, 14 Oct 2024 01:07:54 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/
153 KB
153 KB
Font
General
Full URL
https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285
Requested by
Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status
HIT
etag
"12cea601-26350"
age
294873
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:15 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23acdbbf767253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
156496
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
truncated
/
42 B
42 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
Shrink-Your-QR-Codes-with-T.LY_.jpg
blog.t.ly/wp-content/uploads/2024/10/
57 KB
57 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/10/Shrink-Your-QR-Codes-with-T.LY_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd97811cbe52f1de7e6087ec73feeec9b13eb5d412c17759f5115f3a99e05d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66fedde6-e4a8"
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=58536
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Thu, 03 Oct 2024 18:09:42 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdc1fac7253-AKL
accept-ranges
bytes
content-length
58528
x-xss-protection
1; mode=block
server
cloudflare
clarity.js
www.clarity.ms/s/0.7.48/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.48/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dq2387w4bl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

x-azure-ref
20241014T010754Z-1586fff4c98ls9p9ns2d4w5eq400000003d00000000074my
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE961488285A1"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
2a143870-701e-0001-773d-1c7107000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 10 Oct 2024 19:25:21 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&RedC=c.clarity.ms&MXFR=00D203607C98644A0247167878986A87
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&MUID=13EBBA75884C66E23A5BAF6D89B667A9
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&MUID=13EBBA75884C66E23A5BAF6D89B667A9
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"3bd2d078c5edda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/gif
last-modified
Tue, 13 Aug 2024 21:12:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A7A1A4342B64C1A8E5C1E837136A79C&MUID=13EBBA75884C66E23A5BAF6D89B667A9
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6CE75274DCEA4FA8BF0611F39496E075 Ref B: SYD03EDGE2113 Ref C: 2024-10-14T01:07:55Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 14 Oct 2024 01:07:55 GMT
x-powered-by
ASP.NET
8d23acd23e6a7253
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3EBF
0
691 B
XHR
General
Full URL
https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/8d23acd23e6a7253
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-ray
8d23acdcd86b7253-AKL
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
How-to-Share-Spotify-Links-with-QR-Codes.jpg
blog.t.ly/wp-content/uploads/2024/09/
114 KB
114 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/09/How-to-Share-Spotify-Links-with-QR-Codes.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4a129ca2d27cbb6191b941ba6a41a9023bb9ba40af2494dd3235f8abd1bdeb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66f198ac-1c758"
age
3219
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=116568
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Mon, 23 Sep 2024 16:34:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdd08b57253-AKL
accept-ranges
bytes
content-length
116560
x-xss-protection
1; mode=block
server
cloudflare
How-to-Fix-ERR_QUIC_PROTOCOL_ERROR.jpg
blog.t.ly/wp-content/uploads/2024/09/
79 KB
80 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/09/How-to-Fix-ERR_QUIC_PROTOCOL_ERROR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167165316033763b6b85dd958824f5f0f8039e55a63542c841c2e74eb56cc303
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66d5ddef-13d5a"
age
4732
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=81242
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Mon, 02 Sep 2024 15:46:55 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdd18b97253-AKL
accept-ranges
bytes
content-length
81234
x-xss-protection
1; mode=block
server
cloudflare
How-to-Shorten-Spotify-Links.jpg
blog.t.ly/wp-content/uploads/2024/08/
279 KB
279 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/08/How-to-Shorten-Spotify-Links.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d66f6f2ab1e7231f101097e36d6afb87a09ce3985a9f7cbb01680b4f3833c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66d0bf71-4bef8"
age
4732
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=311032
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Thu, 29 Aug 2024 18:35:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdd18bd7253-AKL
accept-ranges
bytes
content-length
285517
x-xss-protection
1; mode=block
server
cloudflare
Top-Extensions-scaled.jpg
blog.t.ly/wp-content/uploads/2024/08/
92 KB
92 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/08/Top-Extensions-scaled.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d5474282b44cb650fb0e25b3e1cc644ea729975d43e4905c92c551aabb4c27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66c644bb-16e8d"
age
4732
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=93837
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 19:49:15 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdd18be7253-AKL
accept-ranges
bytes
content-length
93829
x-xss-protection
1; mode=block
server
cloudflare
Dynamic-Links-Deprecation.webp
blog.t.ly/wp-content/uploads/2024/07/
106 KB
106 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/07/Dynamic-Links-Deprecation.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3980a7d85fca01aaf5136552044deffb0aac0ba54018dd7912bed9fe1de88d08
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-cache-status
HIT
etag
"669e5afc-1a704"
age
4732
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/webp
last-modified
Mon, 22 Jul 2024 13:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdd18bf7253-AKL
accept-ranges
bytes
content-length
108292
x-xss-protection
1; mode=block
server
cloudflare
The-End-of-Google-URL-Shortener.jpg
blog.t.ly/wp-content/uploads/2024/07/
95 KB
95 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/07/The-End-of-Google-URL-Shortener.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4c3ede18f4dd950f02c5c0aabd56468434958064f953042fe56ee52dee18e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"669a6e46-17cb8"
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=97464
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Fri, 19 Jul 2024 13:46:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdda95b7253-AKL
accept-ranges
bytes
content-length
97456
x-xss-protection
1; mode=block
server
cloudflare
Worlds-Shortest-URL-Shortener.jpg
blog.t.ly/wp-content/uploads/2024/07/
71 KB
71 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/07/Worlds-Shortest-URL-Shortener.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280254e83401b92793d3d3fb5de27cb4da58917e7805864627c116a815ccd3b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"66880c1b-11c89"
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=72841
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Fri, 05 Jul 2024 15:07:07 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdda95c7253-AKL
accept-ranges
bytes
content-length
72833
x-xss-protection
1; mode=block
server
cloudflare
Understanding-HTTP-Status-Codes.jpg
blog.t.ly/wp-content/uploads/2024/07/
100 KB
100 KB
Image
General
Full URL
https://blog.t.ly/wp-content/uploads/2024/07/Understanding-HTTP-Status-Codes.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c3271d0b05f0cb01cf596885eb5f3d5d72d228977a36d342a7248ac632c606
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"668416d9-18e4b"
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=101963
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
image/jpeg
last-modified
Tue, 02 Jul 2024 15:03:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=31536000
cf-ray
8d23acdda95e7253-AKL
accept-ranges
bytes
content-length
101955
x-xss-protection
1; mode=block
server
cloudflare
collect
f.clarity.ms/
0
268 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://t.ly/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://t.ly
Date
Mon, 14 Oct 2024 01:07:56 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
js
www.googletagmanager.com/gtag/
305 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105168
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
256 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92282
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
age
6300
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:22:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 23:22:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1728868075582&cv=11&fst=1728868075582&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2339
date
Mon, 14 Oct 2024 01:07:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10875945736
td.doubleclick.net/td/rul/ Frame 5F35
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/10875945736?random=1728868075582&cv=11&fst=1728868075582&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Primary Request /
t.ly/
63 KB
18 KB
Document
General
Full URL
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Requested by
Host: t.ly
URL: https://t.ly/js/483.js?id=adb5c22e402946b6624d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f85c579d4537685acc1ab1124134ad8fd6d3c03b9998f653ca5420839bd8f25d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8d23ace1fd817253-AKL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 01:07:56 GMT
last-modified
Mon, 14 Oct 2024 01:07:56 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
200
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/10875945736/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10875945736/?random=1728868075582&cv=11&fst=1728867600000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf2DsRScR1wI6EvDMNu_HVKWEI_1z8Ag&random=1281664516&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.nz/pagead/1p-user-list/10875945736/
42 B
64 B
Image
General
Full URL
https://www.google.co.nz/pagead/1p-user-list/10875945736/?random=1728868075582&cv=11&fst=1728867600000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf2DsRScR1wI6EvDMNu_HVKWEI_1z8Ag&random=1281664516&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4a90v878425165za200&_p=1728868074515&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533422~101671035~101686685&cid=484026675.1728868076&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1728868076&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dt=T.LY%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3737
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/plain
server
Golfe2
collect
f.clarity.ms/
0
268 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://t.ly/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://t.ly
Date
Mon, 14 Oct 2024 01:07:56 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/j/
1 B
304 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1444721025&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ul=en-nz&de=UTF-8&dt=T.LY%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=305948806&gjid=1275351568&cid=484026675.1728868076&tid=UA-89207177-8&_gid=89823033.1728868076&_r=1&gtm=457e4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&jsscut=1&z=631810523
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
f.clarity.ms/
0
0

rum
t.ly/cdn-cgi/
0
0

rocket-loader.min.js
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
0
Script
General
Full URL
https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-302c"
x-content-type-options
nosniff
cf-ray
8d23acd8dc787253-AKL
expires
Wed, 16 Oct 2024 01:07:54 GMT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
app.css
t.ly/css/
298 KB
56 KB
Stylesheet
General
Full URL
https://t.ly/css/app.css?id=0865437f8e4ad9ea935b
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-4a7b8"
age
294876
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:12 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/css
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace5e9157253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/
10 KB
10 KB
Image
General
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
294875
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace5e9177253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
email-decode.min.js
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
0
Script
General
Full URL
https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-4d7"
x-content-type-options
nosniff
cf-ray
8d23acd91cae7253-AKL
expires
Wed, 16 Oct 2024 01:07:54 GMT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d23acd9894ed992-AKL
access-control-allow-origin
*
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
0
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
360292
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOFNagFwaa%2BSnkeEVbhGcJqI84VjYniZ7uo7gkhdcVTxIBIdIMPG%2BvlOFKDNkZYvGD6pbbMPxpQQFgASFh1QggrXRiQALnFXXadiOpYn8E7jYPplTquAZTUBQwp%2BozkPwpU4vKtD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 01:07:54 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d23acd96a46d9b2-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/
33 KB
0
Font
General
Full URL
https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
x-content-type-options
nosniff
cf-ray
8d23acdb4efb7253-AKL
alt-svc
h3=":443"; ma=86400
content-length
33896
date
Mon, 14 Oct 2024 01:07:55 GMT
vary
Accept-Encoding
server
cloudflare
rw.js
r.wdfl.co/
18 KB
0
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2774:8600:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
239763f30086eefe8f98d5a6c34520d8665fb9dd994d3a0d3b42fc2953951395

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"47c0f78b40860b2dbff06669d6c2a46d"
age
614
via
1.1 fd52efac0e72eb0d0b1148d8f877dd9e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BOZEuuWyNsxeiTHMBhyGy1hskGlnkRypvyEBIZ6RBg7cCi2ALZ55xQ==
date
Mon, 14 Oct 2024 00:57:40 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 17:09:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
x-amz-server-side-encryption
AES256
sweetalert.min.js
t.ly/js/
38 KB
12 KB
Script
General
Full URL
https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-9807"
age
294876
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace6597f7253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
vendor.js
t.ly/js/
2 MB
709 KB
Script
General
Full URL
https://t.ly/js/vendor.js?id=6fbd2b425824b998f084
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-23b8e0"
age
294876
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace659807253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
manifest.js
t.ly/js/
4 KB
2 KB
Script
General
Full URL
https://t.ly/js/manifest.js?id=00f1298909f629264cba
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-e54"
age
294876
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace659837253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
app.js
t.ly/js/
114 KB
28 KB
Script
General
Full URL
https://t.ly/js/app.js?id=03f77feb04025d212abd
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-1c608"
age
294876
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:52:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace659867253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
172 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
f5789239b10e5fcf0f882303336575d0d4c80cab660f60a84576b83005ce3745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

content-encoding
br
etag
3225792564903264410
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:07:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53869
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
208 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3ace778cc511b0ab014311249cdd5799abc01c986c3cf58200ae615417e5bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76737
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
256 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79d0622a8d5a6c1253417da5d26c7a15dc6732dca3357df87497a2e11f128320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92233
x-xss-protection
0
server
Google Tag Manager
dq2387w4bl
www.clarity.ms/tag/
552 B
806 B
Script
General
Full URL
https://www.clarity.ms/tag/dq2387w4bl
Requested by
Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf07fa6da74c904d7e31466564d502a72ee495cae8b147509fbe7550c21750ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
552
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/x-javascript
x-azure-ref
20241014T010756Z-1586fff4c98ls9p9ns2d4w5eq400000003d00000000074qy
favicon-32x32.png
t.ly/
11 KB
9 KB
Other
General
Full URL
https://t.ly/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e2425beb789a7841d707c6f8de02ed2dc1c53716b4757ef284d4d847fdb1f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
xb2oYI+EwGmJPnPF/1wDYHE+6jfxCC5sketXnsgQbcJAQZzh32n71HNBwWJLtM/vmysUzFSWi1u4KH9JikE6QPqM/JWrJfKh49pBcroQ3NUHJS33TcVI/YfQB4xCeIiKbqhUGLVLKkmEm5W844MiKg==$rooq/GOElcba3MYVToQbig==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23ace6899d7253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/
6 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1728868076545&cv=11&fst=1728868076545&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e8c35fb59846a38c7cab0b443d695e7e378a1a0b0b2dbb30a4d4798a77225fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2386
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10875945736
td.doubleclick.net/td/rul/ Frame 3B9A
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/10875945736?random=1728868076545&cv=11&fst=1728868076545&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
305 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcd1cff76ce197fd84442c7201721e27e713c12ab5b9fa4124ff7971b73d5ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 01:07:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105168
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
0
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
age
6300
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:22:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 23:22:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&es=1&e=gtm.init&eid=0&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&es=1&e=gtag.config&eid=1&h=Ag&tr=1rep.1zone&ti=1rep.1zone&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&es=1&e=gtag.config&eid=2&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&es=1&e=gtag.config&eid=4&h=Ag&epr=1UA&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=58267848&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ul=en-nz&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=484026675.1728868076&tid=UA-89207177-8&_gid=89823033.1728868076&gtm=457e4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&jsscut=1&z=1857653628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

age
63072
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 07:36:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4a90v878425165za200&_p=1728868076524&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533422~101671035~101686685&cid=484026675.1728868076&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1728868076&sct=1&seg=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dr=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&tfd=774
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/plain
server
Golfe2
favicon.ico
t.ly/
11 KB
8 KB
Other
General
Full URL
https://t.ly/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2990edb1dd371e39502c6ccba83e2c451d497797550076a2a3eb5536743b67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
KsXyuMvA4QrFho+oTc5rI30TJcjUlufAsXfdW9h8v6SIW6k8ut6fBTAd8B9lEwUZ6z5Y/yMZ1vf2X9ShN5svI532pv0QNMFBEtfp8LWmgcY1hnd0hn1nTJD1cHNW0EclWiVnE/0mFygiyE556uZpCA==$oBq+GR2ftmnK/dZBB0saew==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23ace6e9e67253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon-16x16.png
t.ly/
11 KB
8 KB
Other
General
Full URL
https://t.ly/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21cb4aa0606e909863bb7c896575663e0986876988b2776c5edd99706bcf3ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
Vvn/ThgzSt0V+BeQOU5erO/VE+eQGBsIHRIGk/p0L/bbDhf/lCKSovqSntB3rxTtljTEaHzSPd1pQ2NZf0up2D8QYH7mjACFuif+ZU7DbvnbnXsH+A2CRYxb2TI7nsObHTvhgzEg3PsWtGHpzNdR7A==$m3tv/2WhclsbV6XiiSmZIQ==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d23ace72a0d7253-AKL
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
950.js
t.ly/js/
788 B
802 B
Script
General
Full URL
https://t.ly/js/950.js?id=de956b39a4455fcff160
Requested by
Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-314"
age
294872
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:55:50 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace7aaae7253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/
10 KB
10 KB
Image
General
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
294875
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace7baaf7253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/
153 KB
153 KB
Font
General
Full URL
https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285
Requested by
Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status
HIT
etag
"12cea601-26350"
age
294875
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:15 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace7dace7253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
156496
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/
115 KB
115 KB
Font
General
Full URL
https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc
Requested by
Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status
HIT
etag
"12cea601-1ca7c"
age
294872
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:54:15 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace7dacf7253-AKL
x-whom
tly-app
accept-ranges
bytes
content-length
117372
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
rum
t.ly/cdn-cgi/
0
140 B
XHR
General
Full URL
https://t.ly/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d23ace83b197253-AKL
access-control-allow-origin
https://t.ly
date
Mon, 14 Oct 2024 01:07:56 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
/
www.google.com/pagead/1p-user-list/10875945736/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10875945736/?random=1728868076545&cv=11&fst=1728867600000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfUNa7FcoCKaTPGy6gwfrQYCz70fe8nhE5k5zGBBO0UKyKPSuY&random=2053120306&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.nz/pagead/1p-user-list/10875945736/
42 B
64 B
Image
General
Full URL
https://www.google.co.nz/pagead/1p-user-list/10875945736/?random=1728868076545&cv=11&fst=1728867600000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=761223696.1728868076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfUNa7FcoCKaTPGy6gwfrQYCz70fe8nhE5k5zGBBO0UKyKPSuY&random=2053120306&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
clarity.js
www.clarity.ms/s/0.7.48/
64 KB
0
Script
General
Full URL
https://www.clarity.ms/s/0.7.48/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dq2387w4bl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

x-azure-ref
20241014T010754Z-1586fff4c98ls9p9ns2d4w5eq400000003d00000000074my
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE961488285A1"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
2a143870-701e-0001-773d-1c7107000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 01:07:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 10 Oct 2024 19:25:21 GMT
906.js
t.ly/js/
5 KB
2 KB
Script
General
Full URL
https://t.ly/js/906.js?id=afc5f18fec7e06d6bf2c
Requested by
Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-12e5"
age
294872
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:55:51 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace83b207253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
166.js
t.ly/js/
3 KB
1 KB
Script
General
Full URL
https://t.ly/js/166.js?id=267eddd588cf4399f581
Requested by
Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/ird.govt.nz/verify

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-d91"
age
294872
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 14:55:51 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 14 Oct 2024 01:07:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8d23ace83b227253-AKL
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
api.js
www.google.com/recaptcha/
1 KB
994 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Requested by
Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
a8137f99e3bb9d5426c27d99006f72817d787d210de69c2bcb5c41c46bb1a613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:07:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 14 Oct 2024 01:07:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
collect
f.clarity.ms/
0
268 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://t.ly/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://t.ly
Date
Mon, 14 Oct 2024 01:07:57 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
91e1c6481ec584dce4a9929fc8590170c0b6db6c1528da64a75606b48703a912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
10723845994001285308
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:07:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:07:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31872
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/
420 KB
140 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
7652ac03f403d312ffd0f563c931929e6e1e2d77ac75282da19a94c9f7b5a5cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
8133542025510857993
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:07:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:07:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
142992
x-xss-protection
0
server
cafe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/
546 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

content-encoding
gzip
age
15716
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 20:46:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 20:46:01 GMT
last-modified
Mon, 07 Oct 2024 04:02:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220951
x-xss-protection
0
server
sffe
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://t.ly/

Response headers

anchor
www.google.com/recaptcha/api2/ Frame 7F7F
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=lxbmo75nxw7u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4gzrAHbpM-BEVtUoVfYKOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4gzrAHbpM-BEVtUoVfYKOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame 56E5
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 00:05:47 GMT
etag
13108003645644964576
expires
Mon, 28 Oct 2024 00:05:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 03D4
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728868076&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868076956&bpp=16&bdt=509&idt=589&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1140391893437&frm=20&pv=2&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=608
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
100621
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241009&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
69e846833aa901582d02d8c080ab3c8d55011313d8434284b37fa62ff45fe5ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12870
date
Mon, 14 Oct 2024 01:07:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame BCAE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728868076&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868076972&bpp=2&bdt=525&idt=600&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1140391893437&frm=20&pv=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=605
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
45191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:815::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:07:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
collect
f.clarity.ms/
0
268 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://t.ly/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://t.ly
Date
Mon, 14 Oct 2024 01:07:58 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 4EF1
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:815::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 00:58:52 GMT
expires
Mon, 14 Oct 2024 01:48:52 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B239
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tyhdcv6-Btn31VsfD7ifrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Tyhdcv6-Btn31VsfD7ifrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:58 GMT
expires
Mon, 14 Oct 2024 01:07:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 04F3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DsNCm20JHz8q2sz1ipzChw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DsNCm20JHz8q2sz1ipzChw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 01:07:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4a90v878425165za200&_p=1728868076524&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533422~101671035~101686685&cid=484026675.1728868076&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1728868076&sct=1&seg=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dr=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=scroll&epn.percent_scrolled=90&_et=15&tfd=3497
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:07:59 GMT
content-type
text/plain
server
Golfe2
sodar
pagead2.googlesyndication.com/pagead/
0
0

a
www.googletagmanager.com/
0
14 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&e=*&eid=0&u=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Mon, 14 Oct 2024 01:07:59 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/
172 KB
58 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b84f1a0389b6f7bcad42862f30420e2da29f0554495e5e683d33b5a529bf3d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
1025980440008445727
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:08:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
59108
x-xss-protection
0
server
cafe
ca-pub-5561763581314444
fundingchoicesmessages.google.com/i/
200 KB
66 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d353e4294d3b9eca13a5dc624e3ef9d6f87e5f6ba4710a0d4b029fec3fb018f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l9RFwSCivvegGSfOecC7cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XB8uLtxB5vAgu1zDzIpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGFjqGRjFFxgAAEdDSqU"
content-security-policy
script-src 'report-sample' 'nonce-l9RFwSCivvegGSfOecC7cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
1 KB
886 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a238a173c520c3ae11fcca533d6a0a6560a6b50a5d6cf59f6a7989d030a4a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:08:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 01:08:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
717 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:08:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 13 Oct 2024 23:28:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
656 B
463 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c40531c1d23119fc5fb4a5f2fd0132810f1fbed3533da1d85a3e56da06826fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:08:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 01:08:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
717 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text_old:400,500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 01:08:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 00:29:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfaz&evt=place&vh=1200&eid=95342163&hl=en&pvc=1375838203383464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 14 Oct 2024 01:08:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://t.ly/

Response headers

collect
f.clarity.ms/
0
268 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://t.ly/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://t.ly
Date
Mon, 14 Oct 2024 01:08:00 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://fonts.googleapis.com/

Response headers

age
476151
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 12:52:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 12:52:09 GMT
last-modified
Wed, 31 Jul 2024 20:31:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15996
x-xss-protection
0
server
sffe
AGSKWxVyksgJ073BA62hWBfj_v4CyFg28eW7Y7y7LU0XIns4vL0ed5ffcB7eEjvr3Bwf5tYLxjFdraf2fLINBFQuypQsLJ0B0KSCmNiSDlsx4M0C_ql1u9U1Ndt8umG9QKVaoV5voigFKQ==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxWpuc9KCldSdyYZh_HRvWn6izNQtwn9s-dnMcMLEn6_37I_-gqnRcIQ-NtnCuXcMPHqjIsgxnDxWCGWUt4rDgtigW7wb-LvLZ_A_CK5tzrDpaKAMgdeqiIFDWEK5OntP1xashtuhA==
fundingchoicesmessages.google.com/f/
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame AA2B
0
0

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame 118A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 00:05:47 GMT
etag
13108003645644964576
expires
Mon, 28 Oct 2024 00:05:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/ Frame D5DE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241009/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
3730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Oct 2024 00:05:47 GMT
etag
13108003645644964576
expires
Mon, 28 Oct 2024 00:05:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4a90v878425165za200&_p=1728868076524&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533422~101671035~101686685&cid=484026675.1728868076&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEII&_s=3&sid=1728868076&sct=1&seg=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dr=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=ad_impression&ep.query_id=CP7qkL3XjIkDFcGs2AUd5vsCqw&_et=2721&tfd=5461
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 01:08:01 GMT
content-type
text/plain
server
Golfe2
a
www.googletagmanager.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
f.clarity.ms
URL
https://f.clarity.ms/collect
Domain
t.ly
URL
https://t.ly/cdn-cgi/rum?
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241009&jk=1375838203383464&bg=!EBOlE1zNAAaUWUsktFk7ADQBe5WfOGG13gHxpP1YUvPOS1KNJQkVlxZh71GFcHoleNXriJkr1tLtXdHf6KWh7jrWhib0AgAAADJSAAAAA2gBB34ANm5r7trl1jz7jAGSZKI8Xf_DPpYejSwHddidnLdxR1PfHgBnX1or61AWTmt4qHtAHxJmCtZSgwoArw6dHOeROWAjKPDB63gMSTnt-xjcsDG9L7vSBaf17wXX6LqrFkTHCwvmjRc_1bgQ9vrveMfxB8SCb9b9rB1JPId0Gw88igw9fR9yYJtuuzeIQ3R_N2RWrOc0Dl6XTE6gPR_MV7j4qhdoBdwvWEMhXxEnBUbc9oDKTD-dQgL1Yy31cDh2bLQ42nAG3L79pjIcTBxQPOEQ5JoAooirjEmJQ-CUnpl0MJ6rCl4xH9F9_JaZAor4HJi8e-KmJVri8aH6nhcLwKRBZ1TqWM-w0dT6HWh_e1evTBEhTVVIUb458KAPU_Uj1lTN6aRfmyjgWsEFu_kr2Rt43ttdBlVTvJAx1ncmCDFOZ8bWqk6GfnzR4-t7zSkxabNkP8KT4C78RVwYTq_qGfjGwptGgziLwi7WJhrDdhFN8oIoDlJndDhdITzKyKdtFBht-TI50GQyPdIQ1OxdI-PVOSWhykqdshKwZIWFgHNzRHs5VKwkKcQcfeaPyvqoZp_AhQrGo-eNq8RtlT60WmcDxFs1wusOUCfZW1otwZixD6xHRiZr0HoVZXDRxjGw6mcKm1vyoTPpiSMf8WXm7btEHe9qHMV0kScwbjxVg3zp3Zf3RaDvbpLHBnpKIemiPvNzpdFwVqOlLknOFkfxKAwCa1Bg8eMQFZy6lXfLFPLa9U3MOMzVVcJFU-Wx6wRdQQJGY58QXtLLYHYAuMpM1r9DB_bQnaahPoa4_bq-LcmhKVSl2dz0j5UJdHi-SWuU3TGlJIJN_bcvbo4O0JUK8987XT4US2YM0Vp_7bCLG7XfdSNWVENVOZn16xzdZ9Yrf6BB9_7Hnw1S1jE1kil4-nDMqUjyOOmuWCf81knvqmzMYBfz5r3kXW0Y0bCYjsRCgi6UpX7Jqhx0KQIRf9tnUj4sTZgxwBxopdvdU8e_zLbeqeERNrABApbksBlU1tgnh1xrY6CwgtaTB65qLagxpndMDs1Av4UlOCzWUPKQhcvc4Wkv1Waj5G7x0Mdyc2uZql29FFhkkY10TB6G09w19vkkDNf7u4u4R3BMVuMaLObTPhFFYH6wVAOqyZi0jwm6W2KmKYay7kdrrPeOlQfqBJr52iNbAth8HA
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyksgJ073BA62hWBfj_v4CyFg28eW7Y7y7LU0XIns4vL0ed5ffcB7eEjvr3Bwf5tYLxjFdraf2fLINBFQuypQsLJ0B0KSCmNiSDlsx4M0C_ql1u9U1Ndt8umG9QKVaoV5voigFKQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxWpuc9KCldSdyYZh_HRvWn6izNQtwn9s-dnMcMLEn6_37I_-gqnRcIQ-NtnCuXcMPHqjIsgxnDxWCGWUt4rDgtigW7wb-LvLZ_A_CK5tzrDpaKAMgdeqiIFDWEK5OntP1xashtuhA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4ODY4MDgxLDE4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsInRhQmdHdlJRQzIwIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1728868076&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728868080352&bpp=1&bdt=3905&idt=-M&shv=r20241009&mjsv=m202410080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc00a981a8d86d33b%3AT%3D1728868077%3ART%3D1728868077%3AS%3DALNI_Mb12jK8WMk5JAn4Fka0K-YdR20ZhQ&gpic=UID%3D00000f410da2bc7f%3AT%3D1728868077%3ART%3D1728868077%3AS%3DALNI_MY0GI19gF584ltUlYs71ju8z48Cyg&eo_id_str=ID%3D8ddecdba873b7411%3AT%3D1728868077%3ART%3D1728868077%3AS%3DAA-AfjaaeZ0S_XsZIfAYaR_Q3lXr&prev_fmts=0x0%2C1110x280&nras=2&correlator=1140391893437&frm=20&pv=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95343852%2C95338738%2C31087793%2C31087803%2C44795921%2C95341937%2C95343454%2C95344189%2C95344777%2C31087609&oid=2&psts=AOrYGslNPhCfIEBQmQ21uxasGbd1Vn_N7Ys2KuIxKHnnH8K5F02T8gaTtxu8BFKBZ0QmruYCeWMukKDlpMDRUrOPVFKNupl1&pvsid=1375838203383464&tmod=1857904742&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fird.govt.nz%2Fverify&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=835
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/a?id=UA-89207177-8&v=3&t=t&pid=1664134737&cv=1&rv=4a90&tc=2&tag_exp=101671035~101686685&e=*&eid=0&u=Ag&h=Ag&z=0

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| __cfQR object| __cfBeacon string| _baseUrl string| _apiUrl string| _defaultShortDomain string| _googleRecaptchaSiteKey object| Spark function| gtag_report_conversion function| gtag object| dataLayer object| adsbygoogle function| clarity object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunk object| APP function| URI function| axios function| _ function| moment function| Popper function| __ function| jQuery function| $ function| Vue object| Bus function| SparkForm function| SparkFormErrors function| Color function| Chart function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal boolean| __cfRLUnblockHandlers boolean| _rewardful_loaded function| Rewardful function| rewardful function| vueRecaptchaApiLoaded object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| recaptcha object| closure_lm_740195 function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_pso_loaded_fonts object| googTempStyleOverrideInfo object| googNavStack object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmNkNDI1ODlkYTMzYjdlOWxvYWRlcl9qcw== string| NmNkNDI1ODlkYTMzYjdlOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

33 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGteOyqZXUgGQsMQ6pcI3NWebidElZpTMnhlpJRMYWMbSsA5C1EGfgYrDFrpc2dFjfjml9wuRWwIr0l9qRKKb7o
t.ly/ Name: userTimezone
Value: Pacific/Auckland
www.clarity.ms/ Name: CLID
Value: 38634163d5964d8c997f3486e75b5176.20241014.20251014
.t.ly/ Name: _clck
Value: l8opaj%7C2%7Cfq0%7C0%7C1748
.t.ly/ Name: cf_clearance
Value: gn9iXcERqaBUE_vhlqCG0cFBWbElJhvrkPI3zVGswvU-1728868075-1.2.1.1-yztNEBGHFc7eviIL_GbKkelMKa3EhIVHbXXR87KYbqHW2LRmEDL1amPa2JmVkd9wyoc_g5LX4VIzpdIfPBrtmskar5VO7k6NhQIOoBrM5nQ1CBKigxja0pbnlki8nzi3XdZcZ0lWzUU1zDL5OkO.ieU4UySZCvNRBJ_FDpjFBqdEpAZmUTZA641B8ak3VbTXGGfr_kdj1cRPutxe6eP2qXlfMyo729tgMvOdqnGhkImq9jEo2QYzFbOa18j66kPlb6zqhD58o5ExLVwhdwGBQE93sepiQv2S_o4crWUmaNhVPMVzgMuN9A292t5Y0UlA5JceEsnDm6mbqxfm5CIY1hkcuOeRXZrd8NuMu7FxLMHHsCht_KaC7ia3A.eGWIrM
.t.ly/ Name: _gcl_au
Value: 1.1.761223696.1728868076
.bing.com/ Name: MUID
Value: 13EBBA75884C66E23A5BAF6D89B667A9
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 13EBBA75884C66E23A5BAF6D89B667A9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 13EBBA75884C66E23A5BAF6D89B667A9
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.t.ly/ Name: _gid
Value: GA1.2.89823033.1728868076
.t.ly/ Name: _gat_gtag_UA_89207177_8
Value: 1
.t.ly/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdqM0Vkb1RQYUovb0o3T3hGc0NQelE9PSIsInZhbHVlIjoiKyt6bVJ2U2gySmNrTWRDZ3Q2aTFNdTVDK010bkJjK3JGMDJaZE9CaHg0S1czT1U2Z2Q5OXhMWkEzUXo4aEg5ODRJOTVsVXJJNGN3b0xmcEJ1ZTVMVE15YVJOci9KMWMrZmFQY3RPa2kxWXMrM0thcTdoeW1OQmo4RmxtcWMvelkiLCJtYWMiOiJiZTdjNGVmZGFiOTBhYTAwZWZkYTlhMDYzNzliYzUyN2RlMDM3NjJhOTgzNThjMzdhYTRjYzQ2MTA2ZTAyNTVkIiwidGFnIjoiIn0%3D
.t.ly/ Name: tly_session
Value: eyJpdiI6IkppV3VSczlJMmY4V1kvWmR3ZGtvUFE9PSIsInZhbHVlIjoiQXM5NzJpanhkV05OMTRzL0oyOHB0WnlVd3RPcUhScSt6WHl4OTh4MXJhT05aemI5QjByV1Aya2ZqRFkwYWR4VTZSaXA4cm9DQ3Y3bUdHOHk0Zkhham5yMjlueW9yWW9zbStyK3pqS05rNzFkYmpXQVUyK3FuL1YvaDl1N0dJUWQiLCJtYWMiOiJmZGU0ZDAxYjU5NGExMGI4NmQ2MmZiNzcxY2JlMzVmZDdjNGMzZWRjYjFjZDA3MmQ3N2VjZjkyNjA4NzEwMTZhIiwidGFnIjoiIn0%3D
.t.ly/ Name: _ga
Value: GA1.2.484026675.1728868076
.doubleclick.net/ Name: IDE
Value: AHWqTUkb0hL_cy3lsAwlTf0oDIi8vhSfcEnr4Dx2crE7LYsZ943nTykSL9dacb0F
.t.ly/ Name: _clsk
Value: 1us3d4i%7C1728868077459%7C2%7C1%7Cf.clarity.ms%2Fcollect
.t.ly/ Name: __gads
Value: ID=c00a981a8d86d33b:T=1728868077:RT=1728868077:S=ALNI_Mb12jK8WMk5JAn4Fka0K-YdR20ZhQ
.t.ly/ Name: __gpi
Value: UID=00000f410da2bc7f:T=1728868077:RT=1728868077:S=ALNI_MY0GI19gF584ltUlYs71ju8z48Cyg
.t.ly/ Name: __eoi
Value: ID=8ddecdba873b7411:T=1728868077:RT=1728868077:S=AA-AfjaaeZ0S_XsZIfAYaR_Q3lXr
.t.ly/ Name: _ga_W1D48QS4F7
Value: GS1.1.1728868076.1.1.1728868079.0.0.0
.googleadservices.com/ Name: ar_debug
Value: 1
.onetag-sys.com/ Name: OTP
Value: 1LhL_BqidlKbqh_pQTDQlYT-wg3YBcqyr2IwLMLVmog
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221591C2AF-7024-4B20-00F1-6E1C46600DE2%22%7D
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A7555115043180874909
.zemanta.com/ Name: zuid
Value: jGahqgWatE5oBUuXE0C_
.docomo.ne.jp/ Name: adxppthrd
Value: 72ea7c81-1289-4b27-a4c1-2a38f50921fe
.reemo-ad.jp/ Name: deviceIdentifier
Value: KMWlQdwfZCWHBAZUsPcYLTeKtFbUBPYk
.reemo-ad.jp/ Name: sync_gadx
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://t.ly/favicon-32x32.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://t.ly/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://t.ly/favicon-16x16.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://t.ly/favicon-32x32.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://t.ly/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://t.ly/favicon-16x16.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.t.ly
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.wdfl.co
static.cloudflareinsights.com
t.ly
td.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.gstatic.com
f.clarity.ms
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
t.ly
www.googletagmanager.com
104.17.24.14
142.250.204.2
142.250.66.227
142.251.221.66
142.251.221.67
142.251.221.68
142.251.221.72
142.251.221.78
2404:6800:4003:c0f::5f
2404:6800:4006:810::200e
2404:6800:4006:814::2002
2404:6800:4006:814::2008
2404:6800:4006:814::200e
2600:9000:2774:8600:1b:348c:b140:93a1
2606:4700:10::6814:685
2606:4700::6810:4f49
2607:f8b0:4007:815::2001
2620:1ec:bdf::31
2620:1ec:c11::237
51.8.44.252
52.231.230.148
0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b
1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1
13459e1557ebaf970cea61cf8c319b171a82ffd2eaca64daea4ba998445e8489
167165316033763b6b85dd958824f5f0f8039e55a63542c841c2e74eb56cc303
1c2990edb1dd371e39502c6ccba83e2c451d497797550076a2a3eb5536743b67
239763f30086eefe8f98d5a6c34520d8665fb9dd994d3a0d3b42fc2953951395
23d5474282b44cb650fb0e25b3e1cc644ea729975d43e4905c92c551aabb4c27
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
280254e83401b92793d3d3fb5de27cb4da58917e7805864627c116a815ccd3b0
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
36e2425beb789a7841d707c6f8de02ed2dc1c53716b4757ef284d4d847fdb1f0
3980a7d85fca01aaf5136552044deffb0aac0ba54018dd7912bed9fe1de88d08
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3d353e4294d3b9eca13a5dc624e3ef9d6f87e5f6ba4710a0d4b029fec3fb018f
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
67c3271d0b05f0cb01cf596885eb5f3d5d72d228977a36d342a7248ac632c606
69e846833aa901582d02d8c080ab3c8d55011313d8434284b37fa62ff45fe5ff
6b7b04238f46a45514f72255ac74aace7eb979a492c73eebed8c7d138bbede3b
7652ac03f403d312ffd0f563c931929e6e1e2d77ac75282da19a94c9f7b5a5cc
78306d5cf4a8214480b469dd733399a4896ec7c31c88401d98a1742cda13ad0a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d0622a8d5a6c1253417da5d26c7a15dc6732dca3357df87497a2e11f128320
7f4c3ede18f4dd950f02c5c0aabd56468434958064f953042fe56ee52dee18e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a238a173c520c3ae11fcca533d6a0a6560a6b50a5d6cf59f6a7989d030a4a0a
8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78
8bd97811cbe52f1de7e6087ec73feeec9b13eb5d412c17759f5115f3a99e05d4
91e1c6481ec584dce4a9929fc8590170c0b6db6c1528da64a75606b48703a912
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
9f4a129ca2d27cbb6191b941ba6a41a9023bb9ba40af2494dd3235f8abd1bdeb
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a8137f99e3bb9d5426c27d99006f72817d787d210de69c2bcb5c41c46bb1a613
a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6
b3ace778cc511b0ab014311249cdd5799abc01c986c3cf58200ae615417e5bf8
b84f1a0389b6f7bcad42862f30420e2da29f0554495e5e683d33b5a529bf3d97
c40531c1d23119fc5fb4a5f2fd0132810f1fbed3533da1d85a3e56da06826fd9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf07fa6da74c904d7e31466564d502a72ee495cae8b147509fbe7550c21750ff
d54388c4909c2fa1bbd9a1d71e9c9f71fc89aa7dbca3da6a503b93deecd60e91
d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e21cb4aa0606e909863bb7c896575663e0986876988b2776c5edd99706bcf3ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c35fb59846a38c7cab0b443d695e7e378a1a0b0b2dbb30a4d4798a77225fa2
eabac39e626a7dc188e0affff6566152217c5b95ec9ec5a8d786d97707c376b1
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d66f6f2ab1e7231f101097e36d6afb87a09ce3985a9f7cbb01680b4f3833c3
f4498c8e6eaf98efbdaf69b84ac3610af26ffbae60457e108de38282dbd50542
f5789239b10e5fcf0f882303336575d0d4c80cab660f60a84576b83005ce3745
f6234b585f6add426f08540bb6f25d595221f922d3d671f2abca297cf3f480fd
f85c579d4537685acc1ab1124134ad8fd6d3c03b9998f653ca5420839bd8f25d
fcd1cff76ce197fd84442c7201721e27e713c12ab5b9fa4124ff7971b73d5ba8
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99