shor.by Open in urlscan Pro
138.197.149.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shor.by/C5UI
Effective URL:
https://shor.by/C5UI
Submission: On August 22 via api (August 22nd 2023, 5:37:14 am UTC) from SA — Scanned from CA

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 138.197.149.119, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is shor.by.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.

This is the only time shor.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	138.197.149.119 138.197.149.119	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	3.160.6.245 3.160.6.245	16509 (AMAZON-02) (AMAZON-02)
1	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
1	172.64.103.11 172.64.103.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.71.49 31.13.71.49	32934 (FACEBOOK) (FACEBOOK)
1	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	104.26.1.70 104.26.1.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
2	52.210.141.128 52.210.141.128	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.13.110 172.217.13.110	15169 (GOOGLE) (GOOGLE)
2	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
2	172.217.13.131 172.217.13.131	15169 (GOOGLE) (GOOGLE)
1	172.217.13.196 172.217.13.196	15169 (GOOGLE) (GOOGLE)
36	16

5 138.197.149.119 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: shor.by

shor.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.filestackcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.160.6.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-6-245.cmh68.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.103.11 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.71.49 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: whatsapp-cdn-shv-01-lga3.fbcdn.net

pps.whatsapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.1.70 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.141.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-141-128.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 1060	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	328 KB
5	shor.by 1 redirects shor.by	452 KB
3	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 14801	69 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8647	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	399 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 195 www.google.com — Cisco Umbrella Rank: 3	656 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 615	1 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 16257 directory.cookieyes.com — Cisco Umbrella Rank: 18956	416 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1193	33 KB
2	filestackcontent.com cdn.filestackcontent.com — Cisco Umbrella Rank: 19691	90 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	whatsapp.net pps.whatsapp.net — Cisco Umbrella Rank: 2746	21 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1288	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	989 B
36	16

	Domain	Requested by
7	tr.snapchat.com	1 redirects sc-static.net
5	www.googletagmanager.com	shor.by www.googletagmanager.com
5	shor.by	1 redirects shor.by
3	cdn-cookieyes.com	www.googletagmanager.com cdn-cookieyes.com
2	www.google.ca	shor.by
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	pixel.tapad.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sc-static.net	shor.by tr.snapchat.com
2	cdn.filestackcontent.com	shor.by
1	directory.cookieyes.com	cdn-cookieyes.com
1	www.google.com	shor.by
1	analytics.google.com	www.googletagmanager.com
1	log.cookieyes.com	cdn-cookieyes.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pps.whatsapp.net	shor.by
1	use.fontawesome.com	shor.by
1	fonts.googleapis.com	shor.by
36	18

This site contains links to these domains. Also see Links.

Domain
shorby.com

Subject Issuer	Validity	Valid
shor.be R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.filestackcontent.com R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.whatsapp.net DigiCert SHA2 High Assurance Server CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
directory.cookieyes.com Amazon RSA 2048 M02	`2023-03-03` - `2024-04-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://shor.by/C5UI
Frame ID: 0FDC638DD761F943A97C8AC24C336363
Requests: 32 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=72dc5386-59e2-45bd-b468-59033a69b121&u_scsid=1f554076-d792-4096-b6be-9adf8cfc59a1&u_sclid=5a5f6881-8eea-47a7-9660-37b126dc6dbe
Frame ID: 3FFC21D0271573B0D2DE47459F541975
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1692640061193&pnid=140&pcid=9de0a335-9c49-4917-9f60-4d76c7a390a3
Frame ID: F63E4177A456E8A4C431D5FB8D20D06F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

شركة شيرتوب | موزع معتمد ✅

Page URL History Show full URLs

http://shor.by/C5UI HTTP 301
https://shor.by/C5UI Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

1030 kB
Transfer

1804 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://shorby.com/?utm_source=shorby&utm_medium=logo
Title: made on shor

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shor.by/C5UI HTTP 301
https://shor.by/C5UI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1692682629180&u_scsid=9ed1ab1a-5521-4b81-a6b9-19a9380393bd&u_sclid=d519a220-8aa8-4efe-bae4-2db2d278bec2 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692640061193%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692640061193%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1692640061193&pnid=140&pcid=9de0a335-9c49-4917-9f60-4d76c7a390a3

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request C5UI Show response
shor.by/
Redirect Chain

http://shor.by/C5UI
https://shor.by/C5UI

6 KB
3 KB

87ms
30ms

Document
text/html

138.197.149.119
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://shor.by/C5UI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.149.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: shor.by
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 2a03b80d7c6d4268fe0c78df625dbdd82275dd43dfccc85385e51f814e797683

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Aug 2023 05:37:08 GMT
ETag: W/"1799-KVUiHBLlc7caUX1YuuTib1KN7iA"
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Tue, 22 Aug 2023 05:37:08 GMT
Location: https://shor.by/C5UI
Server: nginx/1.14.0 (Ubuntu)

GET
H/1.1 200
OK main.css
shor.by/css/ 10 KB
10 KB 32ms
31ms Stylesheet
text/css 138.197.149.119
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://shor.by/css/main.css
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.149.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: shor.by
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 9bbc72b85f6ec39248c2ba66f1a806edb205aa8394b852f1c1267fe7fa140b25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/C5UI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 05:37:08 GMT
Last-Modified: Wed, 21 Apr 2021 09:37:19 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2769-178f3ca84ef"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10089

GET
H/1.1 200
OK shorby-page.css
shor.by/css/ 241 KB
242 KB 71ms
37ms Stylesheet
text/css 138.197.149.119
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://shor.by/css/shorby-page.css?dc02a642
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.149.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: shor.by
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 4102c38d98a36e201e5515c1cb65809424c8ebefff8ac6c6f9044b3ba33ca8a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/C5UI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 05:37:08 GMT
Last-Modified: Tue, 17 Aug 2021 13:39:54 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"3c4ef-17b545706f3"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 247023

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 168ms
72ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118079587-2

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a7deee9d8b4bf9f6f80f0959b47c1757d0bcabc5839cc98be9b58f291e0bc515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66511
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 05:37:08 GMT

GET
H/1.1 200
OK smartpage.js Show response
shor.by/ 197 KB
198 KB 101ms
50ms Script
application/javascript 138.197.149.119
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://shor.by/smartpage.js?ec02a642
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.149.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: shor.by
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 443d96969afeea3d4bf03338d9a0d094b7217a5bb0173f29764210b4b14a83ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/C5UI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 05:37:08 GMT
Last-Modified: Mon, 06 Feb 2023 17:19:04 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"31543-18627bd0428"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202051

GET
H2 200 MnNsvHTQ62hcrwPoUaJp
cdn.filestackcontent.com/ 30 KB
30 KB 152ms
88ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.filestackcontent.com/MnNsvHTQ62hcrwPoUaJp

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34ac10f4a0dbf69e5be7b836c5c38f2221ed2b01e8a77e227f259e997aa5d95e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';
age: 913192
x-cache: HIT, MISS
content-disposition: inline; filename="11.jpg"
content-length: 30762
x-served-by: cache-iad-kcgs7200137-IAD, cache-yyz4577-YYZ
last-modified: Sun, 08 Jan 2023 12:41:53 GMT
x-timer: S1692682629.653286,VS0,VE19
etag: "cc6b198ab06a136850440da69e30b281"
x-file-name: 11.jpg
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1691769437-R5cT28QSH2
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 39, 0

GET
H2 200 scevent.min.js Show response
sc-static.net/ 37 KB
16 KB 161ms
58ms Script
application/javascript 3.160.6.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.6.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-6-245.cmh68.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4d37fd4fa6c0db58ee58d1fa67d0e2402883274b42938e745a799756a5cf3b53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: gzip
via: 1.1 a791ece59ab90f323cd986ba2aeaf9c4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16343
x-amz-cf-id: -iEI9uBSSUtSoecZGMf39s1cTWUfxs5HDnirMTbqpr9Iwyly1lNNgg==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
989 B 155ms
62ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,700&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: shor.by
URL: https://shor.by/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2b8ee016fa5cc52c44cc00324c50034292116dc80132b0b8723ca6af6307b2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 05:37:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 05:37:08 GMT

GET
H2 200 svg-with-js.css
use.fontawesome.com/releases/v5.1.0/css/ 5 KB
2 KB 157ms
51ms Stylesheet
text/css 172.64.103.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/svg-with-js.css
Requested by: Host: shor.by
URL: https://shor.by/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9b483c39b80b502cdf876220035f603e1eac56d819d8efd818979d8a2fd481

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EYXB3MSQCA94XQ9D
age: 1001829
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XG4kwpYsKEO9v98FFDJU+ezZ/k4dbFEPtTBpK4CdwCswlI3m0lRzMDiJWiC1hD+XToh5aD10WgI6aOiG0Dg6qQ==
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"bd066123cdf3337103b21713df9bfd01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwizpkNzFZ5TGrY5b4F4pBctv8kyIXKGexF26v%2BdqOniQDS2cjUT50Fq%2BK1MH5pUCxQJIV39YuOF4jHoplhXXyG5c%2BTiww8ksZqwKvYsw7YqpaPp9AXheCgmhnL7i5zBR%2FiKvLxf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7fa8c31c6cdd42bc-EWR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 157ms
65ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCJDT87

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0d6609f354b1a32d12ec6e0caf10d12ff318fb72fafbcad46d792a858189e985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43933
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 05:37:08 GMT

GET
H2 200 PerGl4EBQOeuPdz9b9Do
cdn.filestackcontent.com/pjpg=q:80/no_metadata/cache=expiry:max/compress=m:true/ 59 KB
60 KB 63ms
32ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.filestackcontent.com/pjpg=q:80/no_metadata/cache=expiry:max/compress=m:true/PerGl4EBQOeuPdz9b9Do
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c0bc2bb37b31f1491d0c02adf4438a9219b11f966bc819449463c3dc7bf2785

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 908485
x-cache: HIT, HIT
content-disposition: inline; filename="1674633018379.jpg"
content-length: 60721
x-served-by: cache-iad-kiad7000170-IAD, cache-yyz4577-YYZ
last-modified: Sun, 23 Jul 2023 15:15:35 GMT
x-timer: S1692682629.653323,VS0,VE2
etag: "ebdaabb85d934d5a4b33073f4ef25a76"
x-file-name: 1674633018379.jpg
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=31536000
filestack-trace-id: 1691774143-C18TUpvuQ1
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 33, 1

GET
H2 403 359789724_614001767522572_3154548119013933223_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 21 B
21 B 135ms
39ms Image
text/plain 31.13.71.49
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/359789724_614001767522572_3154548119013933223_n.jpg?ccb=11-4&oh=01_AdTeZHKnwo6agQYcADyo5V1wtudjQVIAECc6nTrTzIDnjw&oe=64DD4CE3
Requested by: Host: shor.by
URL: https://shor.by/C5UI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.71.49 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS: whatsapp-cdn-shv-01-lga3.fbcdn.net
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: x-wa-metadata
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 21
proxy-status: http_request_error; e_clientaddr="AcJiQHeNYo3EOJOQrXjKosejoAlitJdAP7-ZSFLFmBLMSJnfu8bRowYZut5CqiqN6MQ4MYTgo5WFwzce"; e_fb_vipaddr="AcIwX9Dpr7fykGJ1VVlUjWt0XGtj2EgdjsbyyifuMVzLrz2nPEOwReLNL86XQe9yyvtKl2I"; e_fb_builduser="AcJrmBvg_nxm8h7k-BD6tfl2QYhL8xbdNaMGxA2GQ4IVdYSWvSBBOu3BzSemh-eoIb8"; e_fb_binaryversion="AcKUfZOheW5dAeCn3ziFYX_NlozrWuytNYxZg_YZ1ko8tRkDHSAdx8JwpJbnhw4z2ze5DDtwjqxZwtp39x-tSmVx2kuS55t6a54"; e_proxy="AcImDfs865kHYFipF3_X9AxhkQN6QQVViIKWz6iTQXfpAe8OLg2jrtHtuTySNDod9fNaS_m6Iq7fcrwO"

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 136ms
40ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shor.by
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:38:33 GMT
x-content-type-options: nosniff
age: 273515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 01:38:33 GMT

GET
H2 200 72dc5386-59e2-45bd-b468-59033a69b121.js Show response
tr.snapchat.com/config/by/ 158 B
439 B 148ms
78ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/by/72dc5386-59e2-45bd-b468-59033a69b121.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

7d8148bc7c98f5d76d4b189524ebd596b85b072277826c495934fc9fefcbe338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shor.by/
Origin: https://shor.by
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://shor.by
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 3FFC 672 B
1 KB 151ms
90ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=72dc5386-59e2-45bd-b468-59033a69b121&u_scsid=1f554076-d792-4096-b6be-9adf8cfc59a1&u_sclid=5a5f6881-8eea-47a7-9660-37b126dc6dbe

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://shor.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 22 Aug 2023 05:37:08 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 13

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 68ms
67ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N41057G5Y6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118079587-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

70d4fb7f6749fc8817c681bcb2c58871df540704d99071f366c7164950d089aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 05:37:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 69ms
68ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118091080-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118079587-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3828ece504abc86b598817af863f95e3e8f200c55dc6f4a602e5a91bd7dd77c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66538
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 05:37:08 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/ 95 KB
35 KB 100ms
35ms Script
application/javascript 104.26.1.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCJDT87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df72f41295f1b07e9da6e440bfa2e3dd7ccc855fb9dae32e24917faa1f9f143f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 11:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149446
etag: W/"17a51-60125d65d927a-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRZVk0yFJWN16c1wjPnPILUqIeK38aj7mRK%2Fwb5hIiU3pJx6tUo7Zt5pWxUxdAXVzhbCiAod4xMMAji1AoYfG%2Bcmuj4tTYZmmWXdQmLdunJT%2FG88df4efO1iGbKCaWT2erzU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 7fa8c31f2d805431-YYZ

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 69ms
68ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BNHC2KBE6F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118091080-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

38f95e772504acdbcb15d8bb66a1e72ada826996ec565a29c5f6b430a13e2216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 05:37:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
40ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118091080-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 05:33:53 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 196
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 22 Aug 2023 07:33:53 GMT

POST
H2 200 p
tr.snapchat.com/ 68 B
195 B 82ms
80ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shor.by/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Aug 2023 05:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 3FFC 37 KB
16 KB 53ms
52ms Script
application/javascript 3.160.6.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=72dc5386-59e2-45bd-b468-59033a69b121&u_scsid=1f554076-d792-4096-b6be-9adf8cfc59a1&u_sclid=5a5f6881-8eea-47a7-9660-37b126dc6dbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.6.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-6-245.cmh68.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4d37fd4fa6c0db58ee58d1fa67d0e2402883274b42938e745a799756a5cf3b53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:48:07 GMT
content-encoding: gzip
via: 1.1 a791ece59ab90f323cd986ba2aeaf9c4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P4
age: 28142
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 16343
x-amz-cf-id: t0bncRTiNUTHmW301gq50efIYlHJfvxR4L02BzAmDsOslpXXeHZpUw==

POST
H3 200 hm
tr.snapchat.com/ 68 B
89 B 88ms
86ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shor.by/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 05:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 55ms
54ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shor.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://shor.by
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 22 Aug 2023 05:37:08 GMT
server: API Gateway
via: 1.1 google

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 394ms
116ms Ping
text/plain 52.210.141.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.141.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-141-128.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://shor.by/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHebQmU47gR7BSGBC

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 05:37:09 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/ 97 KB
34 KB 43ms
39ms Script
application/javascript 104.26.1.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79636a42cf64329a9f4b155353c9155a566026cee7cb3c51bd7c6ad209d44530

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 11:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149447
etag: W/"182f9-60125d65d82da-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLZZ8Q7jhXgAU8k%2F8lletr%2F4mzW2mFnRumJWBRUyB59Ca56Ri%2Bl05nAD0dNvHUifXUEzyY%2FDpw5CstSkQJO9WySGpEldZOmELrLslZfsMENUkhU0%2BpfnEu5tMYyrHTtknz6K"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 7fa8c3200e0b5431-YYZ

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame F63E
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1692682629180&u_scsid=9ed1ab1a-5521-4b81-a6b9-19a9380393bd&u_sclid=d519a220-8aa8-4efe-bae4-2db2d278bec2
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692640061193%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692640061193%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1692640061193&pnid=140&pcid=9de0a335-9c49-4917-9f60-4d76c7a390a3

0
18 B

89ms
88ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1692640061193&pnid=140&pcid=9de0a335-9c49-4917-9f60-4d76c7a390a3

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Tue, 22 Aug 2023 05:37:09 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 14

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 22 Aug 2023 05:37:09 GMT
location: https://tr.snapchat.com/cm/p?rand=1692640061193&pnid=140&pcid=9de0a335-9c49-4917-9f60-4d76c7a390a3
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 155ms
60ms Ping
text/plain 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BNHC2KBE6F&gtm=45je38l0&_p=1953496915&_gaz=1&cid=1525248026.1692682629&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692682629&sct=1&seg=0&dl=https%3A%2F%2Fshor.by%2FC5UI&dt=%D8%B4%D8%B1%D9%83%D8%A9%20%D8%B4%D9%8A%D8%B1%D8%AA%D9%88%D8%A8%20%7C%20%D9%85%D9%88%D8%B2%D8%B9%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%E2%9C%85&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNHC2KBE6F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 143ms
51ms Ping
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BNHC2KBE6F&cid=1525248026.1692682629&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNHC2KBE6F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 161ms
66ms Image
image/gif 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BNHC2KBE6F&cid=1525248026.1692682629&gtm=45je38l0&aip=1&z=422743407

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 61ms
60ms XHR
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1953496915&t=pageview&_s=1&dl=https%3A%2F%2Fshor.by%2FC5UI&ul=en-us&de=UTF-8&dt=%D8%B4%D8%B1%D9%83%D8%A9%20%D8%B4%D9%8A%D8%B1%D8%AA%D9%88%D8%A8%20%7C%20%D9%85%D9%88%D8%B2%D8%B9%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%E2%9C%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1833110875&gjid=1040618770&cid=1525248026.1692682629&tid=UA-118091080-2&_gid=1522908132.1692682629&_r=1&gtm=457e38l0&jsscut=1&z=1824113670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shor.by/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 59ms
52ms XHR
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-118091080-2&cid=1525248026.1692682629&jid=1833110875&gjid=1040618770&_gid=1522908132.1692682629&_u=YADAAUAAAAAAACAAI~&z=837892549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shor.by/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Aug 2023 05:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shor.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 162ms
64ms Image
image/gif 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118091080-2&cid=1525248026.1692682629&jid=1833110875&_u=YADAAUAAAAAAACAAI~&z=1423261878

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 65ms
62ms Image
image/gif 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118091080-2&cid=1525248026.1692682629&jid=1833110875&_u=YADAAUAAAAAAACAAI~&z=1423261878

Requested by

Host: shor.by
URL: https://shor.by/C5UI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 05:37:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 QmJL01Yr.json Show response
cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/ 162 B
635 B 85ms
32ms Fetch
application/json 104.26.1.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/QmJL01Yr.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f479a8bad000086f91eef9b37e758d4c756ef706db4859ebc695e8080fd0d482

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:37:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 11:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149876
etag: W/"a2-60125d65d733a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMWr4Y06s4n9eVsyooWAJkmDdU2xjz7fwa4YSv2OZdCEfd1%2BNZPlEwSZdzLfno0ie8tOqz4Iuh%2B7vYcI15GQOJOnlBi1FTmpSn7z9HsgpCp55dYwWOoTc5P4GIh4saVEdy7a"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 7fa8c3231f6e3a02-YYZ

GET
H2 200 ip Show response
directory.cookieyes.com/api/v1/ 110 B
263 B 362ms
114ms Fetch
text/html 52.210.141.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/api/v1/ip
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ecdaa7c2162075b48febf128/banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.141.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-141-128.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 5e28d47b0a962395dbb81b561e7d43014ab98079c1d4244178a11c53b5b2dd36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shor.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 05:37:09 GMT
x-powered-by: Express
content-length: 110
etag: W/"6e-/toJTjXoy4zLTwguLiHnaqzcFas"
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 14:12:49	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.shor.by/	1970-01-20 23:41:09	Name: _scid Value: 0a9e4ef0-d478-4b2b-bef2-2305fe37b996
.shor.by/	1970-01-20 23:41:09	Name: _scid_r Value: 0a9e4ef0-d478-4b2b-bef2-2305fe37b996
.shor.by/	1970-01-20 23:47:22	Name: _ga_BNHC2KBE6F Value: GS1.1.1692682629.1.0.1692682629.60.0.0
.shor.by/	1970-01-20 23:47:22	Name: _ga Value: GA1.2.1525248026.1692682629
.shor.by/	1970-01-20 14:12:49	Name: _gid Value: GA1.2.1522908132.1692682629
.shor.by/	1970-01-20 14:11:22	Name: _gat_gtag_UA_118091080_2 Value: 1
.snapchat.com/	1970-01-20 23:32:58	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwRHAIAgEwIqYASQE042HUIXF5+u+NmPsXAhqySYrgNCP0Qavermtoo4Yf+JTPdR1nqv8A2wT/W1AAAAA
.tapad.com/	1970-01-20 15:37:46	Name: TapAd_TS Value: 1692682629348
.tapad.com/	1970-01-20 15:37:46	Name: TapAd_DID Value: 9de0a335-9c49-4917-9f60-4d76c7a390a3
.tapad.com/	1970-01-20 15:37:46	Name: TapAd_3WAY_SYNCS Value:
.shor.by/	1970-01-20 23:41:09	Name: _sctr Value: 1%7C1692601200000
.shor.by/	1970-01-20 22:56:58	Name: cookieyes-consent Value: consentid:ZlEzOThUUkhsSTdkZ2Q0Z3ZRbFd3QlNuZHNmOVkyRkE,consent:yes,action:no,necessary:yes,functional:yes,analytics:yes,performance:yes,advertisement:yes,other:yes

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pps.whatsapp.net/v/t61.24694-24/359789724_614001767522572_3154548119013933223_n.jpg?ccb=11-4&oh=01_AdTeZHKnwo6agQYcADyo5V1wtudjQVIAECc6nTrTzIDnjw&oe=64DD4CE3 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn-cookieyes.com
cdn.filestackcontent.com
directory.cookieyes.com
fonts.googleapis.com
fonts.gstatic.com
log.cookieyes.com
pixel.tapad.com
pps.whatsapp.net
sc-static.net
shor.by
stats.g.doubleclick.net
tr.snapchat.com
use.fontawesome.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
104.26.1.70
138.197.149.119
142.251.111.155
151.101.2.133
172.217.13.110
172.217.13.131
172.217.13.138
172.217.13.142
172.217.13.163
172.217.13.168
172.217.13.196
172.64.103.11
3.160.6.245
31.13.71.49
34.111.113.62
35.190.43.134
52.210.141.128
0d6609f354b1a32d12ec6e0caf10d12ff318fb72fafbcad46d792a858189e985
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
2a03b80d7c6d4268fe0c78df625dbdd82275dd43dfccc85385e51f814e797683
2b8ee016fa5cc52c44cc00324c50034292116dc80132b0b8723ca6af6307b2b6
34ac10f4a0dbf69e5be7b836c5c38f2221ed2b01e8a77e227f259e997aa5d95e
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3828ece504abc86b598817af863f95e3e8f200c55dc6f4a602e5a91bd7dd77c8
38f95e772504acdbcb15d8bb66a1e72ada826996ec565a29c5f6b430a13e2216
4102c38d98a36e201e5515c1cb65809424c8ebefff8ac6c6f9044b3ba33ca8a4
443d96969afeea3d4bf03338d9a0d094b7217a5bb0173f29764210b4b14a83ad
4d37fd4fa6c0db58ee58d1fa67d0e2402883274b42938e745a799756a5cf3b53
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e28d47b0a962395dbb81b561e7d43014ab98079c1d4244178a11c53b5b2dd36
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
70d4fb7f6749fc8817c681bcb2c58871df540704d99071f366c7164950d089aa
79636a42cf64329a9f4b155353c9155a566026cee7cb3c51bd7c6ad209d44530
7d8148bc7c98f5d76d4b189524ebd596b85b072277826c495934fc9fefcbe338
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8c0bc2bb37b31f1491d0c02adf4438a9219b11f966bc819449463c3dc7bf2785
8e9b483c39b80b502cdf876220035f603e1eac56d819d8efd818979d8a2fd481
9bbc72b85f6ec39248c2ba66f1a806edb205aa8394b852f1c1267fe7fa140b25
a7deee9d8b4bf9f6f80f0959b47c1757d0bcabc5839cc98be9b58f291e0bc515
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df72f41295f1b07e9da6e440bfa2e3dd7ccc855fb9dae32e24917faa1f9f143f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f479a8bad000086f91eef9b37e758d4c756ef706db4859ebc695e8080fd0d482

shor.by Open in urlscan Pro 138.197.149.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

0 %IPv6

16 Domains

18 Subdomains

16 IPs

4 Countries

1030 kBTransfer

1804 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

shor.by Open in urlscan Pro
138.197.149.119 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

1030 kB
Transfer

1804 kB
Size

13
Cookies

36 HTTP transactions
0 data transactions