t.ly Open in urlscan Pro
2606:4700:10::6814:685 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Effective URL:
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe...
Submission Tags: falconsandbox
Submission: On October 17 via api (October 17th 2024, 2:00:02 pm UTC) from US — Scanned from US

Summary HTTP 121 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 12 domains to perform 121 HTTP transactions. The main IP is 2606:4700:10::6814:685, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 43201.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 50	2606:4700:10:... 2606:4700:10::6814:685	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:27c... 2600:9000:27c8:1a00:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:400d:c03::61	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2607:f8b0:400... 2607:f8b0:400d:c09::8a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::9d	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4004:c17::68	15169 (GOOGLE) (GOOGLE)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2607:f8b0:400... 2607:f8b0:4004:c19::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::63	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:400d:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c03::8b	15169 (GOOGLE) (GOOGLE)
121	19

50 2606:4700:10::6814:685 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:27c8:1a00:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c09::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c09::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::9d (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c09::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c03::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	t.ly 2 redirects t.ly — Cisco Umbrella Rank: 43201 blog.t.ly	3 MB
18	google.com www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	74 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	378 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	5 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 c.clarity.ms — Cisco Umbrella Rank: 1236 r.clarity.ms — Cisco Umbrella Rank: 6682	30 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	360 KB
2	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 23281	5 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	6 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	gstatic.com www.gstatic.com	216 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	774 B
121	12

	Domain	Requested by
41	t.ly	2 redirects t.ly static.cloudflareinsights.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com
9	blog.t.ly
8	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	www.googletagmanager.com	t.ly www.googletagmanager.com
6	www.google.com	t.ly www.gstatic.com tpc.googlesyndication.com
4	www.clarity.ms	t.ly www.clarity.ms
3	r.clarity.ms	www.clarity.ms
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	td.doubleclick.net	www.googletagmanager.com
2	r.wdfl.co	t.ly
2	cdnjs.cloudflare.com	t.ly
2	static.cloudflareinsights.com	t.ly
1	www.gstatic.com	www.google.com
1	c.bing.com	1 redirects
121	18

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
t.ly WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Frame ID: 8AE3FA55356BADB5598E5BA2C30F8AC6
Requests: 109 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1729173597296&cv=11&fst=1729173597296&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4252FD00E8013073EDB1EF35B1CCC868
Requests: 1 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 8DC8482FCDB899562E5F73939333C1C3
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1729173598948&cv=11&fst=1729173598948&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A33B081CFCAC268343776B4BA4979B6F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=p9mpvv8e0n7
Frame ID: 07EBB6AE53DD73DEB3C10AA7E7443A22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: AA3783CFDF6900D99E333B271723F4D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729173598&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173599251&bpp=11&bdt=421&idt=491&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7513571289287&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=518
Frame ID: D2D990F2C3C03BE31EE8E14441C52C9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1729173598&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173599262&bpp=2&bdt=433&idt=518&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7513571289287&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=523
Frame ID: 873CE3B589E82C8C74ECDA42C8B9E861
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 8A32A2F39FFFDACC7870D976F9EF1215
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BA850DF0283C9CA3DD560B9A65D809F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: EDC8721341D1F4BBEF19AEC3C3DEEC07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1729173598&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173600527&bpp=1&bdt=1698&idt=-M&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32111f684828fc4a%3AT%3D1729173599%3ART%3D1729173599%3AS%3DALNI_MbT44wJj5hFKvb0Dg7jflJOUI6KZg&gpic=UID%3D00000f2b0a8ad8be%3AT%3D1729173599%3ART%3D1729173599%3AS%3DALNI_Ma9FUT-Uf3hFn1RKopWh6AZhhWTbA&eo_id_str=ID%3D60208ab598d1c9dd%3AT%3D1729173599%3ART%3D1729173599%3AS%3DAA-Afja38LRhHctpezwU91eLdvWq&prev_fmts=0x0%2C1110x280&nras=2&correlator=7513571289287&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=155
Frame ID: 3F860961208F644CF8B85A29EDA0F967
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 1FCE510DF3713B75DB6253F878592E93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 933E77AD0323E0A1D753995FB6CDA4C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 HTTP 302
https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 Page URL
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad797... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

121
Requests

94 %
HTTPS

89 %
IPv6

12
Domains

18
Subdomains

19
IPs

1
Countries

4309 kB
Transfer

11291 kB
Size

50
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 HTTP 302
https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 Page URL
https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16 HTTP 302
https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Request Chain 26

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

Request Chain 28

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&RedC=c.clarity.ms&MXFR=191C66B2582F6CE319AF73A95C2F62FB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&MUID=1B01F66426F86ACB0975E37F279A6B28

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

expired Show response
t.ly/
Redirect Chain

https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

57 KB
17 KB

215ms
215ms

Document
text/html

2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b1639ce60b06b7d660160ae35716bf314aedc593795494384dd14853acaeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8d40cfe40dd143d7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Oct 2024 13:59:57 GMT
last-modified: Thu, 17 Oct 2024 13:59:56 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8d40cfe31ca743d7-EWR
content-type: text/html; charset=UTF-8
date: Thu, 17 Oct 2024 13:59:56 GMT
location: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 302
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670ce4f9-302c"
x-content-type-options: nosniff
cf-ray: 8d40cfe56f8643d7-EWR
expires: Sat, 19 Oct 2024 13:59:57 GMT
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 09:31:37 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 app.css
t.ly/css/ 298 KB
56 KB 40ms
39ms Stylesheet
text/css 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Requested by

Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-4a7b8"
age: 601738
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:48:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/css
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe56f8843d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 41ms
40ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 70173
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe59fd943d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
889 B 13ms
13ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670ce4f9-4d7"
x-content-type-options: nosniff
cf-ray: 8d40cfe58fd143d7-EWR
expires: Sat, 19 Oct 2024 13:59:57 GMT
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 09:31:37 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 50ms
26ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d40cfe5b9af8cb3-EWR
access-control-allow-origin: *
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 61971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijjvQf0YG1yseJNxPiEeyhhCss3ZgrmSiM8kJXstVRUEFnbmHkGe3aHmSm4DoAhJwlD4kSay2YzUJZSNp912hAz1Z5JgWBBRM2xGkoxlCYHQs1ot%2BMD4%2BA6nxHkoeywvWo9dtJ23pabMyNKJpWOt15sZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 13:59:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d40cfe5adff436f-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 173ms
15ms Script
text/javascript 2600:9000:27c8:1a00:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:27c8:1a00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cf44196b8bbed1c33b699bcfbd553e0dad9f6fa3b25b6258ea3e1ee106b0c4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"3919065c5c40a36127c87e06bcb72dfc"
age: 142
via: 1.1 345356dcab95fbdac024c4e78e835342.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: HrsGmhFY0FxMVN3o-M8KeIqqFq0uKDpO8FGI3b2TsVpuURo5_cDFEw==
date: Thu, 17 Oct 2024 13:57:36 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 12:57:34 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H3 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 28ms
26ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-9807"
age: 55236
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 22:39:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe6085643d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 vendor.js Show response
t.ly/js/ 2 MB
709 KB 40ms
39ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-23b8e0"
age: 601761
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe6185843d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 29ms
27ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=00f1298909f629264cba

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-e54"
age: 601761
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe6185943d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 app.js Show response
t.ly/js/ 114 KB
29 KB 32ms
31ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=03f77feb04025d212abd

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-1c608"
age: 601761
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe6185a43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 80ms
34ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a38ecd230dede3f4e8ae666bd202a787e25427b45d69c26f8d20640e339d014c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77104
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 118ms
74ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6131b62c458b50acc8942cdedce31d35e3d46e8c5952580632229be4380f4cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92386
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 dq2387w4bl Show response
www.clarity.ms/tag/ 689 B
1 KB 158ms
18ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dq2387w4bl
Requested by: Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4af8a22a7cc316e8daf0a776cd86e6092635f841e902833a8c1bb056805e165c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/x-javascript
x-azure-ref: 20241017T135957Z-15f78cf59bdxztgp0hbfnunyag00000003mg0000000105nr

GET
H3 403 favicon-32x32.png
t.ly/ 10 KB
8 KB 23ms
23ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b120ae49909227cd31e1868fd9c748b2519dfade3bc1ea4c38cf64ef96f0b59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: jw4c3HOlL/m7cYIpj3Eu3iOsNogY0szVI7u5NEKsKF+/rTtehaj6KFGnHH5wicm2SztjjVTtOJlMOQ07dzT5myu3eUCYDrA0GvR/YzeD+YVG5RRrM8SC7WKLaoom66HW8/1I6neuLE5u4W1yFuI6Rg==$4/D/wM82QFEvw4ThnEff2g==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cfe6186143d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 403 favicon.ico
t.ly/ 10 KB
8 KB 42ms
42ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e43b82b7c678be1b92f178c055fe8689b5bb458505cc92db449055b1e5fe3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: URwJO4SKR2c8X6zgYU7XbJYS9Nj6rGcD8TNMsN+kfNNPn8Q3ehSTlLW5Pf4KebxAi2+m75jz7vJ12wWi/i/SHuXvHgK6RLyL2zWZvOm0R95YfiT8201y86W+m0zmN+7f0Ha5HsVGhywV18OU+YElqQ==$j5ycDde0APWIKVJUF6oSiA==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cfe6489743d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 403 favicon-16x16.png
t.ly/ 10 KB
8 KB 22ms
21ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-16x16.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1538dd21c509295eae484b7c7a8ebd47d8e32a517ad74ada0c6d114f1d3fbc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7nb0wJr+DqIcqHO4eNXAakbiuuYdu2ftmeYlYOpYEYDDJN0Ihpd/V0u9afuBwOFQ8S7o2X0gcAm/tmzKv3f5pQEsc9OPsJdz1Cn5w4DtyQQnm8DyISeyFn5UHe0HbPBYFfaXYenGer1Qfi61aKYrbA==$dDiiQJoc6I27Eptq98oKNQ==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cfe688f743d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 29ms
29ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b323be9298d102b4888c2ae497f43e61737c3f7b99fa64bec04edc3aa27d3e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105252
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 37ms
36ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

104d983b697f544adef34629db25a09fbfd6565e407ee3f75345f6ebe15fff36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92348
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
21ms Script
text/javascript 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 4661
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 14:42:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:42:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 5 KB
2 KB 80ms
33ms Script
text/javascript 2607:f8b0:400d:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1729173597296&cv=11&fst=1729173597296&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8570b3d7d6f494d80b478bf6fd78dad31ac5a3e3a696c3ebd0c8656fe511a3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2356
date: Thu, 17 Oct 2024 13:59:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10875945736
td.doubleclick.net/td/rul/ Frame 4252 0
0 70ms
40ms Document
text/html 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10875945736?random=1729173597296&cv=11&fst=1729173597296&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 483.js Show response
t.ly/js/ 782 B
897 B 27ms
27ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/483.js?id=adb5c22e402946b6624d

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b7b04238f46a45514f72255ac74aace7eb979a492c73eebed8c7d138bbede3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-30e"
age: 601758
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe83b1e43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 26ms
26ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 70173
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe84b2443d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
33 KB 79ms
79ms Font
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
x-content-type-options: nosniff
cf-ray: 8d40cfe85b3943d7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 33896
date: Thu, 17 Oct 2024 13:59:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 8DC8
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

29ms
29ms

Script
application/javascript

2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Protocol

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641b88648bee0a17f3da782b2c9cf78f448043aead61154f24af1b9a24b398f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8d40cfe92c3d43d7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
x-content-type-options: nosniff
cf-ray: 8d40cfe8dbc243d7-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.48/ 64 KB
27 KB 34ms
34ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.48/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dq2387w4bl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

x-azure-ref: 20241017T135957Z-15f78cf59bdxztgp0hbfnunyag00000003mg0000000105pq
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCEE2357C4857E"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 691f3615-501e-0016-1925-20d80c000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 20:44:34 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&RedC=c.clarity.ms&MXFR=191C66B2582F6CE319AF73A95C2F62FB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&MUID=1B01F66426F86ACB0975E37F279A6B28

42 B
466 B

20ms
20ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&MUID=1B01F66426F86ACB0975E37F279A6B28
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E0651F78464C4C9C8C84580342AD199A&MUID=1B01F66426F86ACB0975E37F279A6B28
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EBABBA944DF341F89EA04903B9C7B519 Ref B: EWR30EDGE1112 Ref C: 2024-10-17T13:59:57Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 17 Oct 2024 13:59:57 GMT
x-powered-by: ASP.NET

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 24ms
23ms Fetch
text/plain 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4ag0v878425165za200&_p=1729173597130&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=306857539.1729173598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729173597&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dt=T.LY%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1013
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 rum Show response
t.ly/cdn-cgi/ 0
152 B 16ms
15ms XHR
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d40cfe92c3443d7-EWR
access-control-allow-origin: https://t.ly
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 62ms
29ms Image
image/gif 2607:f8b0:4004:c17::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1729173597296&cv=11&fst=1729170000000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfBGvNsaIB56VkXF4JnoPF4GOI2cIRxg&random=3520835753&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 13:59:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 22ms
21ms XHR
text/plain 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2031349836&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ul=en-us&de=UTF-8&dt=T.LY%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1421316981&gjid=1399288573&cid=306857539.1729173598&tid=UA-89207177-8&_gid=453292855.1729173598&_r=1&gtm=457e4ag0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836705&jsscut=1&z=779525259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 37ms
36ms Font
font/woff2 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status: HIT
etag: "12cea601-26350"
age: 601737
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cfe96c8843d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 156496
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 Shrink-Your-QR-Codes-with-T.LY_.jpg
blog.t.ly/wp-content/uploads/2024/10/ 57 KB
57 KB 128ms
34ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/10/Shrink-Your-QR-Codes-with-T.LY_.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd97811cbe52f1de7e6087ec73feeec9b13eb5d412c17759f5115f3a99e05d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66fedde6-e4a8"
age: 1515
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=58536
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2024 18:09:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfea3d9f43d7-EWR
accept-ranges: bytes
content-length: 58528
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 8d40cfe40dd143d7 Show response
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8DC8 0
712 B 26ms
21ms XHR
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/8d40cfe40dd143d7

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8d40cfea7dde43d7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
268 B 136ms
49ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://t.ly
Date: Thu, 17 Oct 2024 13:59:57 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 How-to-Share-Spotify-Links-with-QR-Codes.jpg
blog.t.ly/wp-content/uploads/2024/09/ 114 KB
114 KB 27ms
27ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/09/How-to-Share-Spotify-Links-with-QR-Codes.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4a129ca2d27cbb6191b941ba6a41a9023bb9ba40af2494dd3235f8abd1bdeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66f198ac-1c758"
age: 477
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=116568
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Mon, 23 Sep 2024 16:34:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2543d7-EWR
accept-ranges: bytes
content-length: 116560
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 How-to-Fix-ERR_QUIC_PROTOCOL_ERROR.jpg
blog.t.ly/wp-content/uploads/2024/09/ 79 KB
80 KB 26ms
25ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/09/How-to-Fix-ERR_QUIC_PROTOCOL_ERROR.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167165316033763b6b85dd958824f5f0f8039e55a63542c841c2e74eb56cc303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66d5ddef-13d5a"
age: 6589
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=81242
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Mon, 02 Sep 2024 15:46:55 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2743d7-EWR
accept-ranges: bytes
content-length: 81234
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 How-to-Shorten-Spotify-Links.jpg
blog.t.ly/wp-content/uploads/2024/08/ 279 KB
279 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/08/How-to-Shorten-Spotify-Links.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d66f6f2ab1e7231f101097e36d6afb87a09ce3985a9f7cbb01680b4f3833c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66d0bf71-4bef8"
age: 5190
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=311032
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Thu, 29 Aug 2024 18:35:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2943d7-EWR
accept-ranges: bytes
content-length: 285517
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Top-Extensions-scaled.jpg
blog.t.ly/wp-content/uploads/2024/08/ 92 KB
92 KB 34ms
34ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/08/Top-Extensions-scaled.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d5474282b44cb650fb0e25b3e1cc644ea729975d43e4905c92c551aabb4c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66c644bb-16e8d"
age: 4836
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=93837
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Wed, 21 Aug 2024 19:49:15 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2a43d7-EWR
accept-ranges: bytes
content-length: 93829
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Dynamic-Links-Deprecation.webp
blog.t.ly/wp-content/uploads/2024/07/ 106 KB
106 KB 53ms
53ms Image
image/webp 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/07/Dynamic-Links-Deprecation.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3980a7d85fca01aaf5136552044deffb0aac0ba54018dd7912bed9fe1de88d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-cache-status: HIT
etag: "669e5afc-1a704"
age: 4836
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/webp
last-modified: Mon, 22 Jul 2024 13:13:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2b43d7-EWR
accept-ranges: bytes
content-length: 108292
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 The-End-of-Google-URL-Shortener.jpg
blog.t.ly/wp-content/uploads/2024/07/ 95 KB
95 KB 28ms
28ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/07/The-End-of-Google-URL-Shortener.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4c3ede18f4dd950f02c5c0aabd56468434958064f953042fe56ee52dee18e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "669a6e46-17cb8"
age: 4002
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=97464
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Fri, 19 Jul 2024 13:46:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2d43d7-EWR
accept-ranges: bytes
content-length: 97456
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Worlds-Shortest-URL-Shortener.jpg
blog.t.ly/wp-content/uploads/2024/07/ 71 KB
71 KB 60ms
60ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/07/Worlds-Shortest-URL-Shortener.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280254e83401b92793d3d3fb5de27cb4da58917e7805864627c116a815ccd3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "66880c1b-11c89"
age: 4002
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=72841
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Fri, 05 Jul 2024 15:07:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2e43d7-EWR
accept-ranges: bytes
content-length: 72833
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Understanding-HTTP-Status-Codes.jpg
blog.t.ly/wp-content/uploads/2024/07/ 100 KB
100 KB 62ms
61ms Image
image/jpeg 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2024/07/Understanding-HTTP-Status-Codes.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c3271d0b05f0cb01cf596885eb5f3d5d72d228977a36d342a7248ac632c606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri
etag: "668416d9-18e4b"
age: 4002
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=101963
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: image/jpeg
last-modified: Tue, 02 Jul 2024 15:03:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8d40cfeaae2f43d7-EWR
accept-ranges: bytes
content-length: 101955
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Primary Request / Show response
t.ly/ 63 KB
18 KB 167ms
167ms Document
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Requested by

Host: t.ly
URL: https://t.ly/js/483.js?id=adb5c22e402946b6624d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b854351dca32fe2771b3f972fb9d3f33bbda1113512885d662029f7c1a1955

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 8d40cfef9bda43d7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Oct 2024 13:59:58 GMT
last-modified: Thu, 17 Oct 2024 13:59:58 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

POST collect
www.google-analytics.com/g/ 0
0

POST collect
r.clarity.ms/ 0
0

POST rum
t.ly/cdn-cgi/ 0
0

GET
H3 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
0 14ms
14ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670ce4f9-302c"
x-content-type-options: nosniff
cf-ray: 8d40cfe56f8643d7-EWR
expires: Sat, 19 Oct 2024 13:59:57 GMT
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 09:31:37 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 app.css
t.ly/css/ 298 KB
56 KB 46ms
45ms Stylesheet
text/css 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-4a7b8"
age: 601739
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:48:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: text/css
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff0bd0b43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 34ms
33ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 70174
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff0bd0f43d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
0 13ms
13ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670ce4f9-4d7"
x-content-type-options: nosniff
cf-ray: 8d40cfe58fd143d7-EWR
expires: Sat, 19 Oct 2024 13:59:57 GMT
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 09:31:37 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 50ms
26ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d40cfe5b9af8cb3-EWR
access-control-allow-origin: *
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
0 35ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 61971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijjvQf0YG1yseJNxPiEeyhhCss3ZgrmSiM8kJXstVRUEFnbmHkGe3aHmSm4DoAhJwlD4kSay2YzUJZSNp912hAz1Z5JgWBBRM2xGkoxlCYHQs1ot%2BMD4%2BA6nxHkoeywvWo9dtJ23pabMyNKJpWOt15sZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 13:59:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d40cfe5adff436f-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H3 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
0 79ms
79ms Font
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Requested by

Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
x-content-type-options: nosniff
cf-ray: 8d40cfe85b3943d7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 33896
date: Thu, 17 Oct 2024 13:59:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
0 173ms
15ms Script
text/javascript 2600:9000:27c8:1a00:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:27c8:1a00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cf44196b8bbed1c33b699bcfbd553e0dad9f6fa3b25b6258ea3e1ee106b0c4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"3919065c5c40a36127c87e06bcb72dfc"
age: 142
via: 1.1 345356dcab95fbdac024c4e78e835342.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: HrsGmhFY0FxMVN3o-M8KeIqqFq0uKDpO8FGI3b2TsVpuURo5_cDFEw==
date: Thu, 17 Oct 2024 13:57:36 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 12:57:34 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H3 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 29ms
28ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-9807"
age: 55237
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 22:39:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff13daa43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 vendor.js Show response
t.ly/js/ 2 MB
709 KB 30ms
29ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-23b8e0"
age: 601762
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff13dac43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 29ms
27ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=00f1298909f629264cba

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-e54"
age: 601762
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff13dad43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 app.js Show response
t.ly/js/ 114 KB
29 KB 27ms
25ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=03f77feb04025d212abd

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-1c608"
age: 601762
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff13dae43d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 173 KB
53 KB 140ms
106ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f93b4cae6b5724b3f07383ab9efc35fe316e92a2502bf77c2a1ff9a9983ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 464773689112889742
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 13:59:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54044
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
0 80ms
34ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a38ecd230dede3f4e8ae666bd202a787e25427b45d69c26f8d20640e339d014c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77104
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
0 118ms
74ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6131b62c458b50acc8942cdedce31d35e3d46e8c5952580632229be4380f4cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92386
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 dq2387w4bl Show response
www.clarity.ms/tag/ 552 B
807 B 190ms
189ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dq2387w4bl
Requested by: Host: t.ly
URL: https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 98a0df8aef29be459ffb4afef2f81f4f39f4747de5def9a6a781da5add508abf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 552
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: application/x-javascript
x-azure-ref: 20241017T135958Z-15f78cf59bdxztgp0hbfnunyag00000003mg0000000105ug

GET
H3 403 favicon-32x32.png
t.ly/ 11 KB
9 KB 23ms
22ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac44b615047465fa27e9959ed7c7dbb5ef85652a0d452ef40e8e94a67d371de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: lN9tFogtIU449S381BuFQilUuDrapZoWdfVHNCD+PmMH3G9qxeASv/DOLEpIgD1+uJ5DDMwGObhgxqVYhIRWdfX4ynENGUXW2W1uJuj3QorAGSaLpzPV5d/omyxAMT6AyktJgJiUka2KyjVNfO71EA==$/qLTzIKZAu3bv7kK/QNgcg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cff16e0a43d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 5 KB
2 KB 36ms
35ms Script
text/javascript 2607:f8b0:400d:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1729173598948&cv=11&fst=1729173598948&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32abbebc3909ad732bef7e8b0b6d3c820df958a76d0d12c62b60c72cc02ff881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2402
date: Thu, 17 Oct 2024 13:59:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10875945736
td.doubleclick.net/td/rul/ Frame A33B 0
0 44ms
43ms Document
text/html 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10875945736?random=1729173598948&cv=11&fst=1729173598948&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
0 29ms
29ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b323be9298d102b4888c2ae497f43e61737c3f7b99fa64bec04edc3aa27d3e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 17 Oct 2024 13:59:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105252
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 74ms
21ms Script
text/javascript 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 4661
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 14:42:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 12:42:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 22ms
21ms Image
image/gif 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1157844425&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ul=en-us&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=306857539.1729173598&tid=UA-89207177-8&_gid=453292855.1729173598&gtm=457e4ag0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836705&jsscut=1&z=798205092

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

age: 13347
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 10:17:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 22ms
22ms Fetch
text/plain 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4ag0v878425165za200&_p=1729173598919&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=306857539.1729173598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729173597&sct=1&seg=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dr=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&tfd=355
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/plain
server: Golfe2

GET
H3 403 favicon.ico
t.ly/ 11 KB
9 KB 24ms
23ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac931aca066c9d139f950efa8decefdf71d1d9d47b9a00a57d3afe366df8532d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: WoMbN9/X8vzKNd1mKqfzhBh9sBLH+G6btgb1cZMvkOvNTLyCA9PMltPW9UB3sWdLKylzYs+ZBIvaVB1P8Mto00p7c9nZ5ExnXs5m8Nriej1G5YA0/eP72t2hDjr5fwp2VWmNJZFzkab+j2X5k9E9hg==$KNfLe1QcqXg2vaKCNXoF3Q==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cff1deb843d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 27ms
27ms Image
image/gif 2607:f8b0:4004:c17::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1729173598948&cv=11&fst=1729170000000&bg=ffffff&guid=ON&async=1&gtm=45be4ag0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=981048029.1729173597&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfXxCH7Vs6rg6yDkqfC_pm1peHoWjmbe97j0a6OaSP11wBHrpK&random=407585501&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 17 Oct 2024 13:59:59 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 403 favicon-16x16.png
t.ly/ 11 KB
9 KB 25ms
25ms Other
text/html 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/favicon-16x16.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b870a3fd0762868cdc208eefad1c45fa9bb4e1f7efa519020b6af060dcd875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-content-options: nosniff
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: zrvYcOtjizm2egILoZZbW7mcDGA1IbUl0Xpt8JAERtOw49I5llHBCx0l3fKXR7bAtGZkNS/tHClpU/8J4bfuOcJCuOvyaoJPQOC8JKYdjo8JG/wNo4YYm+p7aAnVbHakpzyO5aN5U8dlNFy8FjjDxA==$+CDTgB+ZKtzPvrUIjirsUQ==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d40cff20ef043d7-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 950.js Show response
t.ly/js/ 788 B
899 B 30ms
29ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=de956b39a4455fcff160

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-314"
age: 601740
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff27f8443d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 26ms
26ms Image
image/png 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 70175
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:30:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff27f8543d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 38ms
38ms Font
font/woff2 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status: HIT
etag: "12cea601-26350"
age: 601739
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff2afdd43d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 156496
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
115 KB 46ms
45ms Font
font/woff2 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=0865437f8e4ad9ea935b

Response headers

cf-cache-status: HIT
etag: "12cea601-1ca7c"
age: 601739
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff2afe543d7-EWR
x-whom: tly-app
accept-ranges: bytes
content-length: 117372
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

POST
H3 204 rum Show response
t.ly/cdn-cgi/ 0
152 B 14ms
13ms XHR
text/plain 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d40cff338c443d7-EWR
access-control-allow-origin: https://t.ly
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 89 KB
31 KB 132ms
103ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58ad0e7bf565848ecc0c8dd1790e310ad4a68de62f941fc75a1ff04e7e96fe43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 4967201819638464335
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 13:59:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 31863
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 422 KB
141 KB 146ms
118ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c67d969388a0c4c982b4ebc03b2208ddfdc2022f535a7467a84ac15fea107f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 18279224062339569482
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 13:59:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 143845
x-xss-protection: 0
server: cafe

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.48/ 64 KB
0 34ms
34ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.48/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dq2387w4bl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

x-azure-ref: 20241017T135957Z-15f78cf59bdxztgp0hbfnunyag00000003mg0000000105pq
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCEE2357C4857E"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 691f3615-501e-0016-1925-20d80c000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 17 Oct 2024 13:59:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 20:44:34 GMT

GET
H3 200 906.js Show response
t.ly/js/ 5 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/906.js?id=afc5f18fec7e06d6bf2c

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-12e5"
age: 601739
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff3790543d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 166.js Show response
t.ly/js/ 3 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700:10::6814:685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=00f1298909f629264cba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:685 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/?ref=expired&url=https://t.ly/expired?url=https://t.ly/kod8u&t=44c7e837ad7975f417a3243330ce0b4fe7f5ee16

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-d91"
age: 601739
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 14:50:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform, no-store
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 8d40cff3790843d7-EWR
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
995 B 31ms
30ms Script
text/javascript 2607:f8b0:4004:c17::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=6fbd2b425824b998f084

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1135e9f913fd6a6884b40ee14d6a0cf7c9ab9e63096ca2f907a5819a5a2fe0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 13:59:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 17 Oct 2024 13:59:59 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 35ms
17ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 403
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 13:53:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:53:16 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
268 B 76ms
72ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://t.ly
Date: Thu, 17 Oct 2024 13:59:59 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 07EB 0
0 61ms
36ms Document
text/html 2607:f8b0:4004:c17::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=p9mpvv8e0n7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v_WKagCgMeqyicxQgVvvjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v_WKagCgMeqyicxQgVvvjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 154ms
152ms Fetch
text/html 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame AA37 0
0 66ms
22ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 85145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 14:20:54 GMT
etag: 13108003645644964576
expires: Wed, 30 Oct 2024 14:20:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D2D9 0
0 583ms
554ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729173598&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.20295&aiapmi=0.24446&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173599251&bpp=11&bdt=421&idt=491&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7513571289287&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=518

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46656
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 14:00:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 53ms
52ms XHR
application/json 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9504db5c13b32504ab3b8c15b15cf941c9c2d226f88088cc2e04f5443d874859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13006
date: Thu, 17 Oct 2024 13:59:59 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 873C 0
0 205ms
193ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1729173598&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173599262&bpp=2&bdt=433&idt=518&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7513571289287&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=523

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 53ms
15ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 13:59:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 13:59:59 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 8A32 0
0 42ms
15ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:18:22 GMT
expires: Thu, 17 Oct 2024 14:08:22 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9BA8 0
0 35ms
34ms Document
text/html 2607:f8b0:4004:c17::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f6ygf5ujtVE9hqc7tCOi7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f6ygf5ujtVE9hqc7tCOi7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:59 GMT
expires: Thu, 17 Oct 2024 13:59:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame EDC8 0
0 32ms
31ms Document
text/html 2607:f8b0:4004:c17::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3ivctEtRpLdZ6Is7sn2CSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3ivctEtRpLdZ6Is7sn2CSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 13:59:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 172 KB
58 KB 115ms
114ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

490db94a3604eaab0a17c37ef7c992a078b39803c3f262a8ade44123cab5c609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 3503825752094226713
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 14:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 59152
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 207ms
42ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9a1e77ca37574aae21636fc9ba50b06b9d2cdf9158a3a401497a482e9d4db69

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FXDV8MTiKt0KbCCEp0ADyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NKQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcDzYcGQHm8CKQ1emMSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoYmuoZmMYXGAAAv0pPrw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FXDV8MTiKt0KbCCEp0ADyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 289ms
289ms Image
image/gif 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=95342160&hl=en&pvc=2980815132386443

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 17 Oct 2024 14:00:00 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
268 B 25ms
23ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.48/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://t.ly/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://t.ly
Date: Thu, 17 Oct 2024 14:00:00 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 75ms
73ms Fetch
text/html 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 78ms
34ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tigQgnxnBAI.es5.O/am=DAY/d=1/rs=AJlcJMwQU0k26YJiVZG7ihW_YVMu0YEohw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t4-9lstQKzkykSFsez1zOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH48GGIzvYBBa8-XaVScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmuoZmMcXGAAAEpUwJw"
content-security-policy: script-src 'report-sample' 'nonce-t4-9lstQKzkykSFsez1zOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXB3o8MW-HzGdl3hVB6X7vrRoPvkXMNAto-fwGnvP4Bd4lWrlN1AH6vOKQ0Los0f3eXxG9nSncKrF36TbKgHuSUIzreL0F882wnJzqyrlPHBk4IxQfV3Obhr18edS9vH8HDVm1s7Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
44ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXB3o8MW-HzGdl3hVB6X7vrRoPvkXMNAto-fwGnvP4Bd4lWrlN1AH6vOKQ0Los0f3eXxG9nSncKrF36TbKgHuSUIzreL0F882wnJzqyrlPHBk4IxQfV3Obhr18edS9vH8HDVm1s7Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTczNjAwLDY3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsInRpZ1FnbnhuQkFJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73e201077f25966675ddde096b0f5e7f853b7c3d8a8aac284de91e59960b75ef

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zA2Mc7Gj2rE8-afXT2Yy6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NWQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcDzYcGQHm0DD9dvnmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMTOMLDADKN0_h"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zA2Mc7Gj2rE8-afXT2Yy6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3F86 0
0 194ms
192ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=2749334364&pi=t.aa~a.1108360850~rp.3&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1729173598&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729173600527&bpp=1&bdt=1698&idt=-M&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32111f684828fc4a%3AT%3D1729173599%3ART%3D1729173599%3AS%3DALNI_MbT44wJj5hFKvb0Dg7jflJOUI6KZg&gpic=UID%3D00000f2b0a8ad8be%3AT%3D1729173599%3ART%3D1729173599%3AS%3DALNI_Ma9FUT-Uf3hFn1RKopWh6AZhhWTbA&eo_id_str=ID%3D60208ab598d1c9dd%3AT%3D1729173599%3ART%3D1729173599%3AS%3DAA-Afja38LRhHctpezwU91eLdvWq&prev_fmts=0x0%2C1110x280&nras=2&correlator=7513571289287&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95341937%2C95344189%2C95344791%2C31087608&oid=2&pvsid=2980815132386443&tmod=1556637380&uas=0&nvt=1&ref=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 14:00:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 1FCE 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 85145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 14:20:54 GMT
etag: 13108003645644964576
expires: Wed, 30 Oct 2024 14:20:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame 933E 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 85145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 14:20:54 GMT
etag: 13108003645644964576
expires: Wed, 30 Oct 2024 14:20:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 AGSKWxXIOPT4kQUFPPDZXHPIwUY17s30KDug_qoXUFobBjQl2oxw76BUHQQng952QMNiVuXkKd5pTDvC1Z134tdd59qD42Cal21Kv3qzU0JpeyQsfY8Ve-Lio66_64yZOxWaKhVw1ya8Zg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 78ms
75ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXIOPT4kQUFPPDZXHPIwUY17s30KDug_qoXUFobBjQl2oxw76BUHQQng952QMNiVuXkKd5pTDvC1Z134tdd59qD42Cal21Kv3qzU0JpeyQsfY8Ve-Lio66_64yZOxWaKhVw1ya8Zg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTczNjAwLDc0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCJ0aWdRZ254bkJBSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90939fec9e7bb5658c21d4fae26eea1ca83ef7527c57727b2cb0d2d55981a941

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLZvi8v58nqTa0oADdHSmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XA82HBkB5vAjcfX_jMpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJrqGZjGFxgAAG-BS2U"
content-security-policy: script-src 'report-sample' 'nonce-uLZvi8v58nqTa0oADdHSmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 26ms
25ms Fetch
text/plain 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4ag0v878425165za200&_p=1729173598919&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=306857539.1729173598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1729173597&sct=1&seg=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dr=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=scroll&epn.percent_scrolled=90&_et=21&tfd=2113
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 show Show response
fundingchoicesmessages.google.com/f/AGSKWxX3pVur04tVx-T5M5A8kXCi7LzkKnRVYD5I6g1HRlxgXC4TaAHrgPPR8axaMxTTiWqO5gDiWLHCLy6DdrlbXiTv8TUjOtHxYx09ko0XoFxdaRMD-xb8jXvA9LwZYSzpz2b8JepTXyCjdBMw9JObmZVcpmqXK... 54 B
109 B 34ms
34ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3pVur04tVx-T5M5A8kXCi7LzkKnRVYD5I6g1HRlxgXC4TaAHrgPPR8axaMxTTiWqO5gDiWLHCLy6DdrlbXiTv8TUjOtHxYx09ko0XoFxdaRMD-xb8jXvA9LwZYSzpz2b8JepTXyCjdBMw9JObmZVcpmqXKENC0e1VS1DAXdGmDpuLxmxprXVGYeVr/__550x150./OAS/show?/ico-ad-/modules_ads./ads600-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.tigQgnxnBAI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwZLgkJBbRYluKqOcFul5L53UaCsg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c82cdc6863a2fe1dcc4dc711d5b8966479a4576e36d25e017e3c0652e33678ea

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-unKpOWHRsB5KvO5aF4BI3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNCQYjhx6zbTBSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcDzccGQHm8CCa9uuMCppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoYmuoZmMYXGAAAyw5P4Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-unKpOWHRsB5KvO5aF4BI3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 243 KB
76 KB 17ms
16ms Script
text/javascript 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e267aae381fb53cc12f08c4a3e159362833dbb06dde256946c014916e040c3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 9884473526552927528
age: 168
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 14:57:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 17 Oct 2024 13:57:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 77589
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
32ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YLi8RNiy6pvRtE8Cp7ddRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBD60NFxlVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgaGpnoG5vEFBgDrsi-c"
content-security-policy: script-src 'report-sample' 'nonce-YLi8RNiy6pvRtE8Cp7ddRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
32ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bf0lNm3Dhv5Hog5teSsggg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBBY0v3zBqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDAD5IS_L"
content-security-policy: script-src 'report-sample' 'nonce-bf0lNm3Dhv5Hog5teSsggg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
60ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K3EaJtYIqhIop-oezz-Lkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBF68evSDUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmuoZmMcXGAAAJw8wcw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K3EaJtYIqhIop-oezz-Lkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
61ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D-GtdxAUpOeYVYWMB5_dtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBD5Mv_2LUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmuoZmMcXGAAAE0IwKg"
content-security-policy: script-src 'report-sample' 'nonce-D-GtdxAUpOeYVYWMB5_dtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVvX5Za3fC2RKqqqrpuQ7Ra_Ph21-tvs_Q4gs_BvBgcJrqoo6ejWWWq5ijImHy-HCKYgQFq4fVpxultFqJt-_zs-bkBcbV2Pzo-XRzXeDu7G5vIgijBB8iWXzorqwBBOMIlhpevcg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 41ms
41ms Script
application/javascript 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvX5Za3fC2RKqqqrpuQ7Ra_Ph21-tvs_Q4gs_BvBgcJrqoo6ejWWWq5ijImHy-HCKYgQFq4fVpxultFqJt-_zs-bkBcbV2Pzo-XRzXeDu7G5vIgijBB8iWXzorqwBBOMIlhpevcg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5MTczNjAxLDQ3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsInRpZ1FnbnhuQkFJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27b415575dac12dd9e7a1199810bba82d5c31c90855f07ed1580060cea7eccc2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-E9OdXkvdjoYgJpCemioy0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNaQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUHYkOFS6z2QOxYdInVE4hVey6xGgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1gYgvt10hfUxEAvxcDzccGQHm8CPue0fGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMTOMLDADQ_U_y"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-E9OdXkvdjoYgJpCemioy0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUYC4fseIEhDPTaHuCzF2BOHJ-5hsc2EO2Jdtz-X0iNfZ_N4fHw-7BAHxZ_M1J-R9aqiYlXbg8LXUk3nQjmV9yoJRWqYxQ_C_FT2qhBRa__SwiXnBA88xdxWtAk4miDjb7gjr4_BQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
33ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYC4fseIEhDPTaHuCzF2BOHJ-5hsc2EO2Jdtz-X0iNfZ_N4fHw-7BAHxZ_M1J-R9aqiYlXbg8LXUk3nQjmV9yoJRWqYxQ_C_FT2qhBRa__SwiXnBA88xdxWtAk4miDjb7gjr4_BQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2k0xEoAGLlLt3pvq2KEnyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBDZcfdvEpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDAD0oC_A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2k0xEoAGLlLt3pvq2KEnyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
62ms XHR
text/html 2607:f8b0:400d:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSu_zHW6ItFgWDal2_1rlEUpKVrlpdUjSN0o0ouZIzMvv5JwWG-ypHFGGb_sZ79V4mOrtz3N6kVG1o_6gFB9p3sCiikH0Z5Q8sFTI3mXyzlhngjp0sVgwPnbC6Ju23PsML1nYlGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SWlpXq-3_GwDwO0MwbkF8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 14:00:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiH4-GGIzvYBDo2b5_ApOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MTfUMzOMLDADUji9Q"
content-security-policy: script-src 'report-sample' 'nonce-SWlpXq-3_GwDwO0MwbkF8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4ag0v878425165za200&_p=1729173597130&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=306857539.1729173598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1729173597&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dt=T.LY%20URL%20Shortener&en=scroll&epn.percent_scrolled=90&_et=20&tfd=2230

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4ag0v878425165za200&_p=1729173597130&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=306857539.1729173598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=3&sid=1729173597&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Fexpired%3Furl%3Dhttps%3A%2F%2Ft.ly%2Fkod8u%26t%3D44c7e837ad7975f417a3243330ce0b4fe7f5ee16&dt=T.LY%20URL%20Shortener&en=user_engagement&_et=1192&tfd=2230

Domain: r.clarity.ms
URL: https://r.clarity.ms/collect

Domain: t.ly
URL: https://t.ly/cdn-cgi/rum?

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=2980815132386443&bg=!KyilKGfNAAaUWUsktFk7ADQBe5WfOGXC6yhkbKGaJ0IMZOvlZ9cPQ-4qXvMlmmFDxhVMf6cMW2jE3MQya77-E8Us0KJRAgAAAEVSAAAABGgBB34ANvFX8WkmjImFenQt3U2qGEuc4VTEcowEMxw6kA6MiRR04iWOgbklsOKJwC6TBRhJgfpPcgfghpkCgLOlzXy98hthLTM9z-GJZEBxuwwTLOTdxubYKZJIUYFFziP3GzJAPAKcptdBK4slmTaQmwSLfwAfqIpUiU-Ok8R1YbPQp13Mmd6Ci6dwRRybVacPJjkZU8pV3MwuICSwgCCvdsEmPugrFTWKDlTsI29fQ7xddRDAeBzIUPwOlVzC4XMljXoGmLkVi61Do7x7tDEgJT93ww1KYovFm8adDdjMZZK_rBbdUUrIeJzKFCOESNWDCJOtKLr4gX4mHKKTV0XNEHeMnUSwlMZHeiRzDbLimncjhjjU6LEcTcMqgUfXFtbhxYGRKQ5f2_Xkihj_f0mAk1elHzEYZMYPtF5-WfLahmKs5A1sokxcE3v45ZwXGanbMKheAJ7HifpvdYirHHUm_yOcu5PwIh0dpBrpKKeiny6QQCtxzx4XxjXbVfejTS-hekJqV-NPzn5boU6x_068d3LSPWzCFavEcZYUalpaxClLV3IhTzi44H7VsNsdXgIyXOyl0CjJwQHBPX2X7-ZNPslLtKnGy-02qFYMrIMf-nILS6WEx2BntVqkuLHD4YRDPDjttDS-4dm6UsF0cTG66_kk5tmTVv209Qox6V9naA0SVBnFhLRojEQdN7nJL5Ja8K6UHGkEJxL9BlHpyGdD2ItLrSFQqFjGMK6Vt3L8IYpkfKZRgKRnAyRQxZTKnVrm10nHU2w3QbKzueyeq4t4T47-Sd8TIFZAc1iB6cRYHHbbRGR0ItiDu5OIPTvcUI15E2wP2nrqKSbRYtkik_za_rA2FHUK_9qJNHIetIcwOm3T4hdQLe5x5qN5mekX_QEUsHAYgiBoAB1SJxbwbquSUu7Z6p_ECA2vKxOhhcc

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 04:38:45	Name: _GRECAPTCHA Value: 09AGteOyoQZdUZzVkOxCTVnawLyRD6v9TFwoYCawHpS73NGzmjbxHGUgM349QBMPTZNWwvKsx-_TjakWivuk5EWkc
www.clarity.ms/	1970-01-21 09:05:09	Name: CLID Value: 76cf74b238d1467980b953bd074e250a.20241017.20251017
.t.ly/	1970-01-21 02:29:09	Name: _gcl_au Value: 1.1.981048029.1729173597
t.ly/	1970-01-21 00:29:38	Name: userTimezone Value: Pacific/Honolulu
.t.ly/	1970-01-21 00:20:59	Name: _gid Value: GA1.2.453292855.1729173598
.t.ly/	1970-01-21 00:19:33	Name: _gat_gtag_UA_89207177_8 Value: 1
.t.ly/	1970-01-21 09:05:09	Name: _clck Value: tw0seq%7C2%7Cfq3%7C0%7C1751
.bing.com/	1970-01-21 09:41:09	Name: MUID Value: 1B01F66426F86ACB0975E37F279A6B28
.c.bing.com/	1970-01-21 00:29:38	Name: MR Value: 0
.c.bing.com/	1970-01-21 09:41:09	Name: SRM_B Value: 1B01F66426F86ACB0975E37F279A6B28
.t.ly/	1970-01-21 09:05:09	Name: cf_clearance Value: h34QuSt8cKS.hZIMPVV__O5D8xxzUpgjydKO7rbSUDg-1729173597-1.2.1.1-K1o46DfgS9tfeNQ5aqyu1JzA2KrFjdzMgKJSwc6B_AxybKig3srihTHvRwWZnkY8D78U3UrYDbq4jPPvTzaJIQvO9Ain0cOFn0In6AulpAGkkzBOcQsbbSLggys4eFZJ5qVpwfu72cJWaG2PqzXl75Z74tD0QQ_JMbZDvMa9RceBAiBPPPXkzL00jyYLh2VmF53bYoQGbTwGmiInl__CIPz6xALGyBaDDw_szN73KE8nvDSDPm7qKdFvBJICG.BVj_ZIbQgPQ3bxwfDyi_phT.iVXMuB5EizRKAB6lbPPZncZURHscbhYFyAq_ZGe02tMyrWFmyySVH3I_Q8Gbg1hr40aRFpyh.Hpz54Y7bEHDTkLoQV9FA.v7c5vKM0roKy
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 09:41:09	Name: MUID Value: 1B01F66426F86ACB0975E37F279A6B28
.c.clarity.ms/	1970-01-21 00:29:38	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:19:34	Name: ANONCHK Value: 0
.t.ly/	1970-01-21 00:39:43	Name: XSRF-TOKEN Value: eyJpdiI6ImszUWFvOHZjaG84Q2VUSy9Fa0NhSVE9PSIsInZhbHVlIjoieWx1ZkllNXdUVWIvRmdPdFhoVHB0NWVBcmNTZlBObmczaGVDRnYzNlU2TGxETUluNzBsQ2pubUZnaXgwelhFZ1Z4T24yNmpHa1VUTXV2Q1A4bkFZenBjUk1oVm00T3kxWm9zYkxReUZMUW8rcnFPM1VhekJTWFcxWWRiNmRvWTMiLCJtYWMiOiJjNjhhYzAyNTVlMmNjMmViYjgxMTQ5YWY2YTllOTU4ODJiMmY2OWZlNGEzMjRmZDkzNTM3MjkyZjAzZjBiZTQxIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-21 00:39:43	Name: tly_session Value: eyJpdiI6IlRjclBjQzd6bG4vVVJNclpVck1UclE9PSIsInZhbHVlIjoid05kSG1wczZNK2EzWkQ1dTE1ci9LTlZZQ0NNcGFpcDhndmlIRkg5VER2RVRyWk1NQzdKeDZKZmhEODNRbC9PTkd6dE9uUzJ6Z0xCMUQya1FhZitpK0Q3QXJmYnM4TzBSWkxpTU9Bd2U2bExpQjlQMkd3ZGNCLzdvWFc3YnNFUzYiLCJtYWMiOiIzNWZiNDBlZDBjMmZjNjg5OWUzMzVkODg0N2E1ZDdkYTQ2MWMzMGM2ZmE4Nzc4YjFkYWM0YTdjYzNjZjQ2MjA2IiwidGFnIjoiIn0%3D
.t.ly/	1970-01-21 09:55:33	Name: _ga Value: GA1.2.306857539.1729173598
.doubleclick.net/	1970-01-21 09:55:33	Name: IDE Value: AHWqTUl8qO2fNf-RTp3MyoDxunGdyb0fc5-Qw9n8qnoSUGCPCM9tssVZ8amu6Na4
.t.ly/	1970-01-21 00:20:59	Name: _clsk Value: 3np8wx%7C1729173599463%7C2%7C1%7Cr.clarity.ms%2Fcollect
.t.ly/	1970-01-21 09:41:09	Name: __gads Value: ID=32111f684828fc4a:T=1729173599:RT=1729173599:S=ALNI_MbT44wJj5hFKvb0Dg7jflJOUI6KZg
.t.ly/	1970-01-21 09:41:09	Name: __gpi Value: UID=00000f2b0a8ad8be:T=1729173599:RT=1729173599:S=ALNI_Ma9FUT-Uf3hFn1RKopWh6AZhhWTbA
.t.ly/	1970-01-21 04:38:45	Name: __eoi Value: ID=60208ab598d1c9dd:T=1729173599:RT=1729173599:S=AA-Afja38LRhHctpezwU91eLdvWq
.mxptint.net/	1970-01-21 09:55:33	Name: mxpim Value: R33646_11D8B3920_3D564E6B.1.67111860
.adsrvr.org/	1970-01-21 09:05:09	Name: TDID Value: 5274fc5b-f658-4f3f-9509-de7675fef7be
.adsrvr.org/	1970-01-21 09:05:09	Name: TDCPM Value: CAEYBTgBQgQiAggB
.linkedin.com/	1970-01-21 09:05:09	Name: bcookie Value: "v=2&39798a32-e67b-49c0-8aa3-a2724a694287"
.linkedin.com/	1970-01-21 00:21:00	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=3045:u=1:x=1:i=1729173600:t=1729260000:v=2:sig=AQFWnG0hK7II9_JFRcjbNuWQS5ajSgus"
.zemanta.com/	1970-01-21 09:05:09	Name: zuid Value: VeXatA7L34KhNllhPleW
beacon.lynx.cognitivlabs.com/	1970-01-21 09:05:09	Name: UID Value: a9c0bedf-f0f2-40a2-aa3c-32707767d5c6
beacon.lynx.cognitivlabs.com/	1970-01-21 09:05:09	Name: ss Value: tgzhhdnTlJ7sLxEf3f9fRpqnFkvZPnXHmxRZLs4a6DMeK9L%2BMkElxFEujyNLtjRE7SZRXZr7%2BMfFpi0ShB43TA%3D%3D
.t.ly/	1970-01-21 09:55:33	Name: _ga_W1D48QS4F7 Value: GS1.1.1729173597.1.1.1729173600.0.0.0
.adkernel.com/	1970-01-21 00:39:43	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-21 01:02:45	Name: ADKUID Value: A5545090878402857254
.simpli.fi/	1970-01-21 09:06:36	Name: suid Value: BE93F639CA6440618B83F30BDA0D996B
.quantserve.com/	1970-01-21 09:49:48	Name: mc Value: 67111860-e70d7-1764c-a37d0
.quantserve.com/	1970-01-21 02:29:09	Name: sp Value: CggI2WUSAxDWDQ==
.tribalfusion.com/	1970-01-21 02:29:09	Name: ANON_ID Value: afnoeUmge0mousnG8wPVWCsHY60dUJvW4GfIGsc8
.media.net/	1970-01-21 09:05:09	Name: visitor-id Value: 3721752010813328000V10
.creativecdn.com/	1970-01-21 09:05:09	Name: g Value: bF7Vj5Xu7xPkRYve2SHW_1729173600993
.creativecdn.com/	1970-01-21 09:05:09	Name: ts Value: 1729173600
.yandex.ru/	1970-01-21 09:55:33	Name: i Value: GvVe4V/+6vV9bXrDLnjzmbYvFjO2L+SL+wrlf3QpfaM43ZZoaBGn9n9I7IcMw4Ooaar5Vh0PY+BZgY/XECuKFCMWJ0Y=
.yandex.ru/	1970-01-21 09:55:33	Name: yandexuid Value: 6372171571729173601
.yandex.ru/	1970-01-21 09:05:09	Name: yashr Value: 1650443281729173601
.yandex.ru/	1970-01-21 09:55:33	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI5IiwgIk5vdD1BP0JyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjkiKgI/MDoHIkxpbnV4ImDhsMS4Bg==
.media.net/	1970-01-21 00:29:38	Name: data-exp Value: setstatuscode~~1
.t.ly/	1970-01-21 09:05:09	Name: FCNEC Value: %5B%5B%22AKsRol8Kvl1VPNDlLDluV1CS9qYjuLj4KX0QqhPmGBeBxr_35eFvTHUkuGDCWt-9xSsZnfIwpDwmbgvTY75rZkqAyyyLbZUdhueX2fGij9NdRk55qMq5jhOFIQ78TTTP-j31aSZQjpcq9kbBcnH-4PdMuRxxcUPSWw%3D%3D%22%5D%5D
.tapad.com/	1970-01-21 01:45:57	Name: TapAd_TS Value: 1729173601574
.tapad.com/	1970-01-21 01:45:57	Name: TapAd_DID Value: 3c6b4b92-23a2-4fdd-a3bc-23030ebd1e51
.media.net/	1970-01-21 00:39:43	Name: data-g Value: CAESEGdh9UxNg2Zqyw74MurMwKU~~6

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.ly/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t.ly/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.t.ly
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.clarity.ms
r.wdfl.co
static.cloudflareinsights.com
t.ly
td.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
r.clarity.ms
t.ly
www.google-analytics.com
20.110.205.119
20.119.174.243
2600:9000:27c8:1a00:1b:348c:b140:93a1
2606:4700:10::6814:685
2606:4700::6810:4f49
2606:4700::6811:190e
2607:f8b0:4004:c17::63
2607:f8b0:4004:c17::68
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1f::5e
2607:f8b0:4004:c1f::9d
2607:f8b0:400d:c03::61
2607:f8b0:400d:c03::8b
2607:f8b0:400d:c09::8a
2607:f8b0:400d:c09::9c
2607:f8b0:400d:c09::9d
2620:1ec:29:1::40
2620:1ec:c11::237
0bd3fdd08c19665b8a63ed97726c84a042ae33a2d35bb8d5ebc3fd4b5ce22f6b
104d983b697f544adef34629db25a09fbfd6565e407ee3f75345f6ebe15fff36
1135e9f913fd6a6884b40ee14d6a0cf7c9ab9e63096ca2f907a5819a5a2fe0f6
1201b28bec9bba640760127d3f944ea285e1228d44b27cbcf61f67a24aae87c1
1538dd21c509295eae484b7c7a8ebd47d8e32a517ad74ada0c6d114f1d3fbc4f
167165316033763b6b85dd958824f5f0f8039e55a63542c841c2e74eb56cc303
23b870a3fd0762868cdc208eefad1c45fa9bb4e1f7efa519020b6af060dcd875
23d5474282b44cb650fb0e25b3e1cc644ea729975d43e4905c92c551aabb4c27
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b415575dac12dd9e7a1199810bba82d5c31c90855f07ed1580060cea7eccc2
280254e83401b92793d3d3fb5de27cb4da58917e7805864627c116a815ccd3b0
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
31f93b4cae6b5724b3f07383ab9efc35fe316e92a2502bf77c2a1ff9a9983ca0
32abbebc3909ad732bef7e8b0b6d3c820df958a76d0d12c62b60c72cc02ff881
33b1639ce60b06b7d660160ae35716bf314aedc593795494384dd14853acaeb4
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
3980a7d85fca01aaf5136552044deffb0aac0ba54018dd7912bed9fe1de88d08
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3ac44b615047465fa27e9959ed7c7dbb5ef85652a0d452ef40e8e94a67d371de
3cf44196b8bbed1c33b699bcfbd553e0dad9f6fa3b25b6258ea3e1ee106b0c4d
46b854351dca32fe2771b3f972fb9d3f33bbda1113512885d662029f7c1a1955
490db94a3604eaab0a17c37ef7c992a078b39803c3f262a8ade44123cab5c609
4af8a22a7cc316e8daf0a776cd86e6092635f841e902833a8c1bb056805e165c
4e43b82b7c678be1b92f178c055fe8689b5bb458505cc92db449055b1e5fe3e4
58ad0e7bf565848ecc0c8dd1790e310ad4a68de62f941fc75a1ff04e7e96fe43
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
6131b62c458b50acc8942cdedce31d35e3d46e8c5952580632229be4380f4cbd
641b88648bee0a17f3da782b2c9cf78f448043aead61154f24af1b9a24b398f4
67c3271d0b05f0cb01cf596885eb5f3d5d72d228977a36d342a7248ac632c606
6b7b04238f46a45514f72255ac74aace7eb979a492c73eebed8c7d138bbede3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73e201077f25966675ddde096b0f5e7f853b7c3d8a8aac284de91e59960b75ef
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b323be9298d102b4888c2ae497f43e61737c3f7b99fa64bec04edc3aa27d3e7
7f4c3ede18f4dd950f02c5c0aabd56468434958064f953042fe56ee52dee18e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8570b3d7d6f494d80b478bf6fd78dad31ac5a3e3a696c3ebd0c8656fe511a3c2
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ac11cd8a1fe4f62dd57f5e7704b41f1ec83d9542676dd02b85fb94e05d11a78
8bd97811cbe52f1de7e6087ec73feeec9b13eb5d412c17759f5115f3a99e05d4
90939fec9e7bb5658c21d4fae26eea1ca83ef7527c57727b2cb0d2d55981a941
9504db5c13b32504ab3b8c15b15cf941c9c2d226f88088cc2e04f5443d874859
98a0df8aef29be459ffb4afef2f81f4f39f4747de5def9a6a781da5add508abf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f4a129ca2d27cbb6191b941ba6a41a9023bb9ba40af2494dd3235f8abd1bdeb
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a38ecd230dede3f4e8ae666bd202a787e25427b45d69c26f8d20640e339d014c
a84d408c2657036f0ee7568d1c7006a11be7ec436ad79144cee10e8c79e06fa6
ac931aca066c9d139f950efa8decefdf71d1d9d47b9a00a57d3afe366df8532d
b120ae49909227cd31e1868fd9c748b2519dfade3bc1ea4c38cf64ef96f0b59b
b9a1e77ca37574aae21636fc9ba50b06b9d2cdf9158a3a401497a482e9d4db69
c82cdc6863a2fe1dcc4dc711d5b8966479a4576e36d25e017e3c0652e33678ea
c8c67d969388a0c4c982b4ebc03b2208ddfdc2022f535a7467a84ac15fea107f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d8455d3b1f528471878a24a04aca8ec275f4049bf37ccf0e1b579a73bc8b6a0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e267aae381fb53cc12f08c4a3e159362833dbb06dde256946c014916e040c3ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d66f6f2ab1e7231f101097e36d6afb87a09ce3985a9f7cbb01680b4f3833c3
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

t.ly Open in urlscan Pro 2606:4700:10::6814:685 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

94 %HTTPS

89 %IPv6

12 Domains

18 Subdomains

19 IPs

1 Countries

4309 kBTransfer

11291 kBSize

50 Cookies

4 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

t.ly Open in urlscan Pro
2606:4700:10::6814:685 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

94 %
HTTPS

89 %
IPv6

12
Domains

18
Subdomains

19
IPs

1
Countries

4309 kB
Transfer

11291 kB
Size

50
Cookies

121 HTTP transactions
2 data transactions