t.ly Open in urlscan Pro
2606:4700:20::ac43:4b7a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mesdc-coers.info/
Effective URL:
https://t.ly/?error=DomainNotAllowed
Submission: On February 12 via api (February 12th 2024, 11:08:33 pm UTC) from US — Scanned from US

Summary HTTP 135 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 27 domains to perform 135 HTTP transactions. The main IP is 2606:4700:20::ac43:4b7a, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 140399.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 24th 2023. Valid for: a year.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	161.35.255.96 161.35.255.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 24	2606:4700:20:... 2606:4700:20::ac43:4b7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21d... 2600:9000:21dd:9c00:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
2 2	23.36.85.188 23.36.85.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2 15	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
2 2	54.156.224.85 54.156.224.85	14618 (AMAZON-AES) (AMAZON-AES)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1 1	23.43.85.205 23.43.85.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
9	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
8	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	18.235.199.121 18.235.199.121	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
135	24

1 161.35.255.96 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

mesdc-coers.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4b7a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:9c00:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.85.188 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-85-188.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.176.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.224.85 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-224-85.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.85.205 (Edison, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-205.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.199.121 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-199-121.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	526 KB
24	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 140399	1 MB
22	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 258	88 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 667 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3218 csm.us.criteo.net — Cisco Umbrella Rank: 3311	140 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649	73 KB
5	gstatic.com www.gstatic.com Failed	75 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	298 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 6649 yandex.ru — Cisco Umbrella Rank: 2082	3 KB
3	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 503 cm.creativecdn.com — Cisco Umbrella Rank: 2126	2 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3221 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6789 cat.va.us.criteo.com — Cisco Umbrella Rank: 3386	52 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	17 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1125	1 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12173	966 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 705	2 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1776	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1566	644 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3133	1 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6389	553 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333	643 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2759	930 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 6323	488 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 13014	641 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 4712	461 B
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 26268	5 KB
1	mesdc-coers.info 1 redirects mesdc-coers.info	521 B
135	27

	Domain	Requested by
24	t.ly	1 redirects t.ly
17	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
15	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
8	imageproxy.us.criteo.net	ads.us.criteo.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
6	www.google.com	t.ly tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	www.google.com googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	t.ly www.googletagmanager.com
3	csm.us.criteo.net	ads.us.criteo.com
3	cdnjs.cloudflare.com	t.ly ads.us.criteo.com
2	an.yandex.ru	1 redirects
2	rtb.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	px.owneriq.net	2 redirects
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	yandex.ru	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	a.rfihub.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	cat.va.us.criteo.com	ads.us.criteo.com
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	analytics.pangle-ads.com	1 redirects
1	cm.creativecdn.com	googleads.g.doubleclick.net
1	dsp.adkernel.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	mweb.ck.inmobi.com	1 redirects
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	r.wdfl.co	t.ly
1	mesdc-coers.info	1 redirects
135	37

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-24` - `2024-04-23`	a year	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-31` - `2024-05-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-22`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://t.ly/?error=DomainNotAllowed
Frame ID: 52456A106F0F862A2FD8270C7936A0B0
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Frame ID: 48B824B5F9F3B058B28C110ED9C7D7C2
Requests: 1 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: B050E77F16774D5A197F5433DD7C935A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&lmt=1707779297&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~9~17&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707779296573&bpp=13&bdt=548&idt=953&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6744669688766&frm=20&pv=2&ga_vid=2109314110.1707779297&ga_sid=1707779298&ga_hid=1437728584&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C44798934%2C95324581%2C31081006%2C95321958%2C95324155%2C95324160%2C95324264&oid=2&pvsid=597540171474220&tmod=233184854&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1000
Frame ID: 4529747E5DA111171FB92F899A94518E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD48111CCE515F7C31C17FF6EBE03356
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0568AB3EF9E7F43325F1F579F157AACD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3494E0DE3ED3FDF31D8618D79F1916C9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 974216E1BEEEA4CE939527F619E0D32A
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zcqk4QAJoAUIaClEAAYqd4DekjRpAdhkCjhAvw&u=%7CwGIXW%2Bf0KgHLoskK8ayEgvthG0m3XLapnIyf3j4IqBg%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqKm1slCvpf7kti9G_6O_UP6gkM4J9Yd3GFeneKuJNH0jCnCCLPe2dOugMJ5QYLrSUugN5SWl1D7LtGARY6-SyR-ACXD1Sf0gq7OSnLeyHgj07h2xMBySu2fdzzZDYsRxq1tmpb-UhJtRnrmaqvGwPbzpUTFN5MAMJ8GmBYKINNm-PVALnWfuo733O_ONbknP_RcMmN42fkhNYtNS1HF4mP3pxrmBNojv4xHNp4NAdBMUcbZRNivNTxfxj7CsljS987DABRwWIAdWz5lJxnAQAqYIcBiaaJUazLz0O31rV_KOPVzbG5oFVKIv2hJZumKhJzECRJm_GC6k_VQRzQ_B4aamFCkC7Oxb5fAbvCsq9_YDAgfzJw_Mo4QnPwiXzD1NmvTGUXnig9Afg15_aBcDk_r3kgBz7A2VaqL5jgdhUPrDQFsvOF2mbHSmkV6tmCmR8cdqH02RLcpBdTCKdCmUvS8Mo-QG7s19u6BACwqazzeDyZxOjPn19frw5kGfEIAKulP2yN-Z_MlxP1Z9X1mx0k3XcOLOyIKv7XqAYu5sG7K6jyuwBhozuxEPso07OwrGhQC8S5PS438KfVvzwaW3Vpn_2rinhHIi_Z4ff7jCMcLxJ0V8YU9Q7gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwjzh4aTKZYXAJsTSoPMP99SYsAacge-wXNL4t52dAcCNtwEQASAAYMkGggEXY2EtcHViLTU1NjE3NjM1ODEzMTQ0NDTIAQmoAwHIAwKqBNIBT9DdZ0-Y80JeWfB0PZB-yjK-g0k03GSXsmvsqkR3-oAVmWJqlAq3yiCIn5dZLnYoFxanIuHdxAkR67LfIgIkBqFdTdLXwo57Mgzxqcj0PYy2YzEUCyE0UNXbRhgcs8r3HDQAUcadLl9JMmAJ5wG6yrt-prIukGTGER5G13Y1dUPjfkrrpAUw_tUzhapgNDh7BEYTT3lwZIkKC3WNHeCqkUNuu0OfyOcdr8Whz-oXHlxvfUIe_AMMdRDUxazgXPF1UdvL25J2ZlBQQv8CF5dOvwWGgAbpz4D1oJKyj36gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAgAhIvf3BOljqjo_T9aaEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jBD2i1hurQ6s-h7aeYoG3jv5KDQ%26client%3Dca-pub-5561763581314444%26adurl%3D
Frame ID: D0D7B9E7BA418CB981A09EB6676D10DF
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B658021C143A27F798A499DFEF20B2A7
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Frame ID: 24A7C640382CB81B4643410A7370A76A
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4233484D4B1F6026DA8297D66F8B6C60
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: A285DD2578CA600850910CB8C94755BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

https://mesdc-coers.info/ HTTP 301
https://t.ly/?error=DomainNotAllowed Page URL

Detected technologies

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

135
Requests

89 %
HTTPS

58 %
IPv6

27
Domains

37
Subdomains

24
IPs

5
Countries

2482 kB
Transfer

6733 kB
Size

47
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mesdc-coers.info/ HTTP 301
https://t.ly/?error=DomainNotAllowed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 70

https://px.owneriq.net/ecmg?google_gid=CAESEAZa42TPHxGRx2xANDP-2f0&google_cver=1&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa%26google_cver%3d1%26google_gid%3dCAESEAZa42TPHxGRx2xANDP-2f0%26google_hm%3dUTc2MTA2NTY5OTEzNzI2Mjg1MzE%3d&uid=Q7610656991372628531&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa&google_cver=1&google_gid=CAESEAZa42TPHxGRx2xANDP-2f0&google_hm=UTc2MTA2NTY5OTEzNzI2Mjg1MzE=

Request Chain 71

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=1&google_push=AXcoOmTi_fILDr4iqkb_t3FtgD14WPLs2bjmvpTtuckCSgBhqTdJPSYKfhbq3u05HM_mXEiO65e-LH8oeChGX_ds6zxT7_485IctQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=M2QxNGU4YTYtZDZiNC00ZmFhLTg1ODgtZjEyMmQ0N2FhMDNj&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=1&google_push=AXcoOmTi_fILDr4iqkb_t3FtgD14WPLs2bjmvpTtuckCSgBhqTdJPSYKfhbq3u05HM_mXEiO65e-LH8oeChGX_ds6zxT7_485IctQg

Request Chain 73

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB8Gk5bmP_tLYKvEVJS52WQ&google_cver=1&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiCw5ue_SmKMEWK2- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiCw5ue_SmKMEWK2-

Request Chain 74

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEIAxesvED0a2UJsDp1nkfUQ&google_cver=1&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEIAxesvED0a2UJsDp1nkfUQ%26google_cver%3D1%26google_push%3DAXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A7409523822574671659&exchange=193&google_gid=CAESEIAxesvED0a2UJsDp1nkfUQ&google_cver=1&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0MDk1MjM4MjI1NzQ2NzE2NTk&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc

Request Chain 75

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1&google_push=AXcoOmShOziS1ZUK4xKlaAMWNqPNVWppVmi2Eg6WHrLfrMs5maW5KkgoyOriADMCo06EIjUTJ8YO492iGHhxCnPFfQ7-YGuzajLn6ZQ HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1&google_push=AXcoOmShOziS1ZUK4xKlaAMWNqPNVWppVmi2Eg6WHrLfrMs5maW5KkgoyOriADMCo06EIjUTJ8YO492iGHhxCnPFfQ7-YGuzajLn6ZQ&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=dCAIbDwON_lZdn46C2_ovKaIXTaiGIT548VhjxpOAww&pi=adx&pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1&google_push=AXcoOmShOziS1ZUK4xKlaAMWNqPNVWppVmi2Eg6WHrLfrMs5maW5KkgoyOriADMCo06EIjUTJ8YO492iGHhxCnPFfQ7-YGuzajLn6ZQ&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

Request Chain 76

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKluEGq5ZG6-1Nts7avbiPg&google_cver=1&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_UzDZ2O6HJPxVFRMrqvyeEFPozrzqFi7yIgFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_UzDZ2O6HJPxVFRMrqvyeEFPozrzqFi7yIgFA

Request Chain 117

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOsBs9WcWUJPBbuezVAArZg&google_cver=1&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_ORIA8GSlkjZhQZfNhTbRvcUSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_ORIA8GSlkjZhQZfNhTbRvcUSg

Request Chain 118

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOYi4vVWv5zXOJz7ZmfKCnw&google_cver=1&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUoQsoXFP3EyZWgKw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dkd_DFYNRTcGcgZL_IGpkA&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUoQsoXFP3EyZWgKw

Request Chain 119

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB8Gk5bmP_tLYKvEVJS52WQ&google_cver=1&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5BBrt3urc0fclM_Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5BBrt3urc0fclM_Ww

Request Chain 120

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEN1OaK6D_K4mK27k2_YEs7w&google_cver=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MHM9HJ5Nz5qTJmwE40VZGOKgTDb5k HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEN1OaK6D_K4mK27k2_YEs7w&google_cver=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MHM9HJ5Nz5qTJmwE40VZGOKgTDb5k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=ZaHmxiQuRkOuzQIQIIQIXw==&no_redirect=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MHM9HJ5Nz5qTJmwE40VZGOKgTDb5k

Request Chain 121

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGoTfou40J5mwaOE-_xAMmY&google_cver=1&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOqw3BjiWq3v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOqw3BjiWq3v&google_hm=Nzc0ODM1ODcwOTM1ODI1MDkwMw==

Request Chain 122

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEB93PAHkK30oCfSvzrCoOKY&google_cver=1&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pomKzrxD4SV-uxOWYFIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sleF3CBAy06SGnXSjBEJtQ&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pomKzrxD4SV-uxOWYFIw

Request Chain 123

https://an.yandex.ru/mapuid/google/CAESEKpyQxUtJxGc2EOu3TMb4rA?ext-param=AXcoOmQPle8Kxqf0aGBPNmtHKybSgdHVL6-YYGSyGuj83eCbmqmvp-KABN3z-nDG9N8hLe8khCvLfLuxpjQuDWJMnYr5mzvlQ6YFaYGB&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://yandex.ru/an/mapuid/google/CAESEKpyQxUtJxGc2EOu3TMb4rA?redir-setuniq=1&ext-param=AXcoOmQPle8Kxqf0aGBPNmtHKybSgdHVL6-YYGSyGuj83eCbmqmvp-KABN3z-nDG9N8hLe8khCvLfLuxpjQuDWJMnYr5mzvlQ6YFaYGB&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKpyQxUtJxGc2EOu3TMb4rA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

135 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
t.ly/
Redirect Chain

https://mesdc-coers.info/
https://t.ly/?error=DomainNotAllowed

63 KB
18 KB

522ms
182ms

Document
text/html

2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8b46ed25a0596c98b3ddfb1471339b5fa59ef27525da0493ead49e41bdfd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85487e175ad74295-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 23:08:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAqdBCbG%2BAea7QQNqL2HXvaeYoUDWgmoAFbcaodgfetXc563xqVRq2cfuHjfpmVf7KQNQRmrgsV3bTFjhbjeb8qMBD5Un7sRP9gaJWGci7V%2FZcHFZhuSJYjnCMhywp74z0o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-2
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 85487e13e82a6a56-EWR
content-length: 341
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 23:08:15 GMT
location: https://t.ly/?error=DomainNotAllowed
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbj3c2Xu6LZADfxq%2BpVPgMpHkApSyGAN0WfEUVTLVbeTvbzT9phLRAUJwDJsx%2FqKr7ejHxgTSSzbX8OnM5DaQtQ6X8w8b8OoqmLVVBTUKAu9CpoNMmamAbQ%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-CD-1
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 78ms
77ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c3b54b-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu7kISotfh%2FP%2FXplqi5X4YY4VOAwDY%2Fo4hz3cgdTyWXEZeSG%2FcT8PNSn42r9iMt8zCmI0pkpduDdvaFQv%2Fr5Ojkxr3DoQ4K3YiKi%2FadA1B34IfkQL8ph0P3K76Q6q4MEPQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85487e187c214295-EWR
expires: Wed, 14 Feb 2024 23:08:16 GMT

GET
H2 200 app.css
t.ly/css/ 298 KB
58 KB 88ms
87ms Stylesheet
text/css 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=52d4aa4592b527274d56

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b968fac7651c9b126181ccb783cb3e492e7b8b34d6ba3430bb8af5ba3e31ef9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1474
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: W/"65ca4a81-4a771"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHdiyxu5NhYUx0lmM3WEOqfxObLYt7aKoYnoTk6SNoNF90yZ%2BJE6n%2FBTjcoIni%2F15V2GEpenRf1cVJz1Np6gpbW3R%2Fnp5%2BGftMq0HSvJpA52ggFE9JXuG6bL1qVvHWr7j3Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e187c204295-EWR

GET
H2 200 tly-logo-sm.png
t.ly/img/ 4 KB
5 KB 71ms
45ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5621
cf-polished: origFmt=png, origSize=10096
content-disposition: inline; filename="tly-logo-sm.webp"
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
content-length: 4294
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-2770"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HfUu%2BCBzFjVEJoftagW%2FZSBgJf7SFa2X65aOoQ6KzpMfYPjavplIzyszewq96nTiJlM1bdL1wquGalesWvfrFaqHQ2QiTkZjQO7CIjL6dVmqlxmrSTTegVXwVfimrKUH1E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e190c994295-EWR

GET
H2 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
944 B 59ms
58ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c3b54b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbMTyS4B6P83%2BEFFBgM3%2BcHlerIsWVZQ7k5ufHNxoRHMwf1ZjpzMi%2BOMu25XEJkrdj8NddWcN5en354Ia0yc5zSnfa%2BQ3wp%2FMVAUZvNLCyQ1THPc0wzMBu6j9KDeDWY4cd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85487e188c2a4295-EWR
expires: Wed, 14 Feb 2024 23:08:16 GMT

GET
H2 200 link-shortener-extension-1.png
t.ly/img/marketing/ 46 KB
47 KB 102ms
101ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/marketing/link-shortener-extension-1.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

899a3571ca7553592fb4221f36b00d18bfb63639fcb24d7d44e74312089bb405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4244
cf-polished: origFmt=png, origSize=83142
content-disposition: inline; filename="link-shortener-extension-1.webp"
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
content-length: 47530
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: "65ca4a82-144c6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adaa1DYtn%2B%2BY6B71uCfbV5WR1DACwNkssvUR3yvFAU3DmdPaiC13sE3VQHm64ffzqtF%2B1rncw1la3WtErvZEekwMdW%2Fr3UEjC8LUd%2FhQXGGzcFefxusLX5ppnc5%2FlTz5yT8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e188c2b4295-EWR

GET
H2 200 chrome_64x64.png
t.ly/img/browser/ 2 KB
3 KB 62ms
61ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/chrome_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60de181a4b72ce251389d7f66b2243f52f1779c96b79f5288c2cdd34fcf8b48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6850
cf-polished: origFmt=png, origSize=2551
content-disposition: inline; filename="chrome_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 2212
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-9f7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw6DV3ISrcls7IYszPwL7jUyRxbZTpi3gi5ORT%2BKlIACG5H%2FRkuvALknjpLQtMW9vSSEcCsQF1GsK2AOji5KRPVAMri41xclhDR7iYpjPoMMCBP7V02f8hK%2Bj0lqq3%2F3Swk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e18ec7a4295-EWR

GET
H2 200 firefox_64x64.png
t.ly/img/browser/ 3 KB
3 KB 61ms
60ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/firefox_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4a27a54345888d41909cf83309a3bc6ec4d324ba7e29ae6d4754aa3dd8e31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
cf-polished: origFmt=png, origSize=3274
content-disposition: inline; filename="firefox_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 2998
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-cca"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQcHaq4PTYtGyFSqZPwDZpMx4v54RXScnyS82EVE%2FfPXVgytpuD4fOc1vyKFt9i6KhQ4Kjk6o9K38B%2FW8lo4llg%2BsZZPk7FxaYRzGXh%2BF2X%2BGHOMyBRnjPmJ9EfR6Ioq14o%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e18ec7b4295-EWR

GET
H2 200 opera_64x64.png
t.ly/img/browser/ 2 KB
2 KB 59ms
58ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/opera_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f71d6c6083aaa4869c68ec66708e5ed44807e623ab0c941bb1ed031bfe4a0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6467
cf-polished: origFmt=png, origSize=2376
content-disposition: inline; filename="opera_64x64.webp"
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
content-length: 1994
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-948"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UHsWlRbea0PpDZj2TfJ9fzXcTqjZ2HSLlknVGy6%2BlA6XZKdYDQyoIku5nbIHkGSvbBi66%2Bb9M4PXvZi0gQLvJ%2BLmjDtluWGebwhiiVSZ75P0QoPezjt3tHLYqmubUUIzsI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e18ec7d4295-EWR

GET
H2 200 edge_64x64.png
t.ly/img/browser/ 4 KB
4 KB 73ms
73ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/edge_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02465205a59729adf404a9d6311f5921f1f3c9a0d9a52836f7d3386612a6257a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5652
cf-polished: origFmt=png, origSize=6372
content-disposition: inline; filename="edge_64x64.webp"
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
content-length: 4130
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-18e4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FuKvvpz%2Fdq2SEj162aesIT0oQlEzRed3mMIXDx9vtCIPimT5FhfS5mwJ0AflIlmZzsx7mnsSZcKeH8%2B2mFW8GOn7QKlAr1LB3qC47ppEt3ADNFrKpeCL3oaOUlxYXxbbVk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e190c964295-EWR

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 249ms
57ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2078922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5sYv1AUDnNMRP3Et735okatDCTXzGT9W2oiPjgn3xtxY6pF4lCVYWzBMqIxJf0m9ojeb5WaXk6Ha3N0slXSzEn280Obt9BRnR976pS6JtjaYN0wYkiSuclT6mwV5OG%2FDOP1hZ%2B8sYZDAc%2FWeS4IZf4n"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85487e1a1f6e0fa5-EWR
expires: Sat, 01 Feb 2025 23:08:16 GMT

GET
H2 200 rw.js Show response
r.wdfl.co/ 17 KB
5 KB 277ms
51ms Script
text/javascript 2600:9000:21dd:9c00:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:9c00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 016a4d0001a23d3c0419a62ff60c6914a9040a5198ce746280038396080408f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:48:10 GMT
content-encoding: gzip
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
last-modified: Wed, 07 Feb 2024 10:47:56 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1207
x-amz-server-side-encryption: AES256
etag: W/"b5427c06c000b5f9113860df1c68b9fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: SOUkMS4NDEb7PmioUQ99VZDS44QqeyZZGXHuYutsCKH8mT_eiiTx1Q==

GET
H3 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 73ms
72ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4384
content-encoding: br
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: W/"65ca4a82-9807"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wObw16SxRMvX1hiC11azCl%2FqZ8eJ2OaiLdhoOkjdjnbqBijKH1thJZ3PO%2B5ZfFKVtQNE6Y20HooxQ11Csh6rqYLaoaQ1OjsBCeQqfaF7hgDqx0%2BjYYYUFoosW05dZ%2FLzQU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e1968610fa7-EWR

GET
H3 200 app.js Show response
t.ly/js/ 103 KB
26 KB 114ms
110ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=3799f29263fbb4722c58

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7692ab873d9e2081c3b9aeb15ee183a947f17b21df52051d9ba2b075a83d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2829
content-encoding: br
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: W/"65ca4a81-19d1b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IegO1ZnJz0n%2Fx85wNagN2dELCQzZaXUHbTzHr4ZuqIh3t%2B1h4lvY%2FpMAwGiWovULNnqR1eZf6d6Ui6DvKYVxhzVASbnAu9YV4Sfu6zq72oLRNu4PHrAFyMG2vG8ARCChhVM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e1968680fa7-EWR

GET
H3 200 vendor.js Show response
t.ly/js/ 2 MB
681 KB 167ms
163ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=427d9f3efa7f4eb70aa6

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18051deac73bbb541a212a3f53a313181263de428ef72381081890329384ec17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1820
cf-polished: origSize=2290196
content-encoding: br
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: W/"65ca4a82-22f214"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5DNNBVp163o73A6svIxTih%2BLl4DRVYleh%2FVskE%2BFU%2B0UbWqFhsUzBetKhjyt5T40lsZ8hQD9G35KqCFpI%2BYMDxQv3WLsWkRxGrs%2Bmd%2Fxm6HGm%2B2gfEL1v1AoUTm4Zy2crM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e19686a0fa7-EWR

GET
H3 200 manifest.js Show response
t.ly/js/ 4 KB
3 KB 63ms
59ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=e410484b3b1e4a7675cb

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf28578b804fa6335d963df340198380f48804b34df6cfd77245bc47ffbad13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4972
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: W/"65ca4a81-e35"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6udBiIwRXvz5MlI4Yp7ZlyNw9zn1qMi1xxL2kYGIUHL4ukS6kND4oW2EXbTiyogyFg6wU4qOekJSFlRolO%2FEq5xs20zcOry%2Byvl3HQARXBdpnsOaQKIYmLUXuc23LSG67k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e19686c0fa7-EWR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
52 KB 278ms
108ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

183626c4912419ce337e6b12e1e8b7a5a8a7d442edceac8a68347f7a2844ab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52454
x-xss-protection: 0
server: cafe
etag: 5851929661199646291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
52 KB 240ms
69ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29c485fb9c4fbb64524b4efa61ac4b612c4492f589ae2f86a225208e64ab1778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 247ms
77ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddb48907d464ab39366c47c086d4231f0d4a64e09346e2f4de2e7a6e5ca59736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79515
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 22:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 246ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3bd20d23289ad8836845947878c01d9ee7577a151edea0ce2136a26cad026f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 67ms
61ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/?error=DomainNotAllowed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2078922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFtd5sUtfxALmFnb5RtwLwPQ73SdqOT2v23BVDOw0b9nBEsQRbyf5zbey7bi41gfrkx1VZr9IywnGwEsTTGFcdkvgYtKeuYF8PxAx34eVZXGj7YUjaUkX4HFJHHAf0E3RTp%2BJca0DjOmvEmQBV6MXKsc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85487e1a9fef0fa5-EWR
expires: Sat, 01 Feb 2025 23:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 100ms
98ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2821e305feac1dbb16b399bc6a68a836ad26f9a95100dc85bbf312486048e531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd6b17631794efd2ff0e6adb136b4a14122a7ae1b92c1120bca3d8f22e59b2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79539
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 22:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 433ms
87ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 22:06:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Feb 2024 00:06:18 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/ 406 KB
138 KB 413ms
112ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6580ff4f48fe06800ba863309e11c303706b23876d9e043eedd0c24139a97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141172
x-xss-protection: 0
server: cafe
etag: 16404697383687295245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:08:16 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/ Frame 48B8 9 KB
5 KB 330ms
85ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 20:09:34 GMT
etag: 3890843268177463596
expires: Mon, 26 Feb 2024 20:09:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 2 KB
2 KB 302ms
91ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1707779296647&cv=11&fst=1707779296647&bg=ffffff&guid=ON&async=1&gtm=45be4270v888461834za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&pscdl=noapi&auid=1198292856.1707779297&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f29124dbf79e5adb90ab46ce6d2a48ff4302c736324323d681c86ae177dee82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
163 B 82ms
57ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4270v878425165za200&_p=1707779296477&gcd=13l3l3l3l1&npa=0&dma=0&cid=2109314110.1707779297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707779296&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1811
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 950.js Show response
t.ly/js/ 788 B
1 KB 61ms
61ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=de956b39a4455fcff160

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=e410484b3b1e4a7675cb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1122
content-encoding: br
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: W/"65ca4a82-314"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geBKMc6pNu9SLuDPtTKxzg8x2BKeLwkhI2FQYOfR7k6SmTdTygUlNPg4u9pbefkUriaS9mVfe12wEqn%2F%2FHd4bhAqyouFptjEszTfUFPIoT3xp38OuOPZbA7%2BqVJap2NrId0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e204eca0fa7-EWR

GET
H3 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
34 KB 352ms
351ms Font
text/plain 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/?error=DomainNotAllowed
Origin: https://t.ly
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8E919DFQNgMYP9ZRzECj6KW1xpFBI6Mgz3oixbvQUgrSEl4olbRBAiZALp5DxR2YM%2Ban27r4lGkZjRBH0gLG5Ebbc4sla2WtUGrW3AdbbiDf2yvgKY0mJpD9tgecdCp0jw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 85487e205ee40fa7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 33896

GET
H3 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 66ms
65ms Font
font/woff2 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=52d4aa4592b527274d56

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=52d4aa4592b527274d56
Origin: https://t.ly
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6008
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
content-length: 156496
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: "65ca4a82-26350"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vl1fpay50DXLuoRO%2BRjiPbJ3v0110Pzrfm%2FvP2pSV8p8gUQN09wZQ0hEuIGxag0raPmCo7uy8JjufYUKVHV0cpzIBU2e7qdW568blF%2Fp%2Fln8c%2BTnaTc9bilzw%2FhJsxZrd30%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e206ee50fa7-EWR

GET
H3 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
115 KB 186ms
185ms Font
font/woff2 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=52d4aa4592b527274d56

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=52d4aa4592b527274d56
Origin: https://t.ly
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3133
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
content-length: 117372
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: "65ca4a82-1ca7c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpEC1GH5aiIobWKgQjuTd%2BqxMZ1HPbpsaVUtiRWnOSexNyozNyFHJQ3ISOOKip5z4gvs8MJ1SQJXegmOj8vb8rdd2MjCHAEdRzCat2AwMDT2oQBfQsUc0JM7cCTCVBc46tU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e206ee70fa7-EWR

GET
H3 200 tly-logo-sm.png
t.ly/img/ 4 KB
5 KB 263ms
262ms Image
image/webp 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2556
cf-polished: origFmt=png, origSize=10096
content-disposition: inline; filename="tly-logo-sm.webp"
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
content-length: 4294
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: "65ca4a81-2770"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmCSOLQgYeMicnISMFwLyRb%2B2sG3vo%2Fa6u0Q0cQCrDwfV5mIxIYZWAW%2FoIjXi3snTmqlVlc2ls3s14ehe%2BpxmAXKTHYX%2Fq3B%2B06Tg523zXFmvq6h7xKuzEktHqVK3pdDDWM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85487e20ef4c0fa7-EWR

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
327 B 86ms
84ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1707779296647&cv=11&fst=1707778800000&bg=ffffff&guid=ON&async=1&gtm=45be4270v888461834za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_CNB7b1irjI9w3CoD1oNhTSlszB7IPw&random=4073071137&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame B050
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

118ms
116ms

Script
application/javascript

2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Protocol

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ad5a6389faef9063a8e3a5a29469301bc614ef63a92e55829c1dae1a0b31824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njFuyHek4S6L%2FoLHpzy6AzkkOVKcxeeMP9AMntf8W4BE7OGDCoEm50KCKi7v3%2BNlopG9cLO5peSsqfwtvlte0nCnuvmg6%2BGDOt%2FkuVgktMcbMw%2FRrfyFhcDuva4JPpDd7kE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85487e22c8ce0fa7-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7R2M7jNimDEvYRNuToGYz5ibSovYVOYEJsS7Vwmo6Zys4QgFTSspMnd1Jido3nAjtLJEoawJsb8PrQic%2B%2BeGe0mRdwN2FWhUdhbrj%2FW9t6chp7IaNBTir0D6dgP7EwXIB8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 85487e217fbf0fa7-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 178ms
177ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1437728584&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&ul=en-us&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1394941034&gjid=1390652840&cid=2109314110.1707779297&tid=UA-89207177-8&_gid=1039677036.1707779298&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=405095562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4529 308 KB
70 KB 555ms
553ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&lmt=1707779297&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~9~17&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707779296573&bpp=13&bdt=548&idt=953&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6744669688766&frm=20&pv=2&ga_vid=2109314110.1707779297&ga_sid=1707779298&ga_hid=1437728584&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C44798934%2C95324581%2C31081006%2C95321958%2C95324155%2C95324160%2C95324264&oid=2&pvsid=597540171474220&tmod=233184854&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b67b0c85c677869a066976691ef40e1a9e1e4afa9dce5f1dcc740d944af203e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71710
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 23:08:18 GMT
expires: Mon, 12 Feb 2024 23:08:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 198ms
193ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240208&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

241142da22347b2f233278486ef805818eb5442d14c597828bb7e33b752e9f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12149
x-xss-protection: 0

GET recaptcha__en.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 0
0

GET
H3 200 906.js Show response
t.ly/js/ 5 KB
2 KB 158ms
156ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/906.js?id=2f637571e7c6cda331fa

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=e410484b3b1e4a7675cb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e4a3beeb210daead88f32a58cb14a01dd71df05b75fdaff8a5927a9e34cb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405
content-encoding: br
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:41 GMT
server: cloudflare
etag: W/"65ca4a81-12df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUuEGeT4Mzvc3WwijtZ%2B%2F7Uk534Qp%2Beqe3xS6Ilstyi17rfvNPJH%2FwHoZe1P%2FOX89Wa47IH0NoNe6Q%2B5O5UNQotNjpXEIzYtrEs%2FCrqBbBlp2v3PfUrGTy%2Ff%2FpYmzWJIVhg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e22285d0fa7-EWR

GET
H3 200 166.js Show response
t.ly/js/ 3 KB
2 KB 169ms
168ms Script
application/javascript 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=e410484b3b1e4a7675cb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/?error=DomainNotAllowed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4806
content-encoding: br
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:42:42 GMT
server: cloudflare
etag: W/"65ca4a82-d91"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msyHJhlPFLcxX9UR0XQYyGxkiLfNR5LJ5swxt4KPviBHmogG0dT6JS0zVyPo6tMMEQPyvUKpA0H3DsqL3tDIap8Y33FzN3Yj3XCimYFuv2VhjuucEyQz4J0isgrkyE6drVw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85487e22285f0fa7-EWR

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
958 B 97ms
97ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=427d9f3efa7f4eb70aa6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17d34aa358e997642efccbeff4fc61952c1051070b3f020dd045a5a781f1fcea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 12 Feb 2024 23:08:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 303ms
65ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 23:08:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
338 B 339ms
105ms XHR
text/plain 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-89207177-8&cid=2109314110.1707779297&jid=1394941034&gjid=1390652840&_gid=1039677036.1707779298&_u=YADAAUAAAAAAACAAI~&z=831568992

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Feb 2024 23:08:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 85487e175ad74295 Show response
t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B050 0
613 B 77ms
72ms XHR
text/plain 2606:4700:20::ac43:4b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/b/jsd/r/85487e175ad74295

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcBCvG7xNlWkKFNfv2yWpuSZTqZG0AhdCAsPjoahTKbrhpvO7nZu1fIz8AZt8F22YPEzKebZPr1RBkUj0mvOLz84078sZEuz%2BrCRjTlasgYjaYJnMPvlKZWj3fEIyKKo5xI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85487e24baf60fa7-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD48 13 KB
5 KB 72ms
45ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 20:09:40 GMT
expires: Tue, 11 Feb 2025 20:09:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0568 829 B
559 B 94ms
73ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3448d680bc49811570a7db83e9e1791389d7b676d84da58b642f48d5a54eafcc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z4FueNkM-NIVT0v-mpdhLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z4FueNkM-NIVT0v-mpdhLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 23:08:18 GMT
expires: Mon, 12 Feb 2024 23:08:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/ 166 KB
56 KB 87ms
87ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/reactive_library_fy2021.js?bust=31081006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

902b82715554f532a7eb86a59a1d011d2fc9e1540408a4ff29ad0d4e9b10156b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57339
x-xss-protection: 0
server: cafe
etag: 5881420620987458593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:08:18 GMT

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 315ms
88ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8668d6a1b8fdf9b27bb8b765fac4c236c1857fecf0ea061fe5be02d88b14abe5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8KIVvjEmG5aODWFS1EQv-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-8KIVvjEmG5aODWFS1EQv-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6ORydXrWMTeNG9fxUTADaSSpc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/ 91 KB
32 KB 163ms
162ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/slotcar_library_fy2021.js?bust=31081006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e239b566289638f9a0d8e503c5b81fb134840a9961cd00402fdedca6fb733dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32248
x-xss-protection: 0
server: cafe
etag: 12123812772154136509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:08:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 111ms
109ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532561&hl=en&pvc=597540171474220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0568 0
0 80ms
70ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240208&jk=597540171474220&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD48 39 KB
15 KB 66ms
58ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 20:06:56 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Fetch
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 AGSKWxXr0TpiBXbhnTMoqfrJZWADhrE5RFKnZHjWHRDfMSRdAA5hZPwpBbuaLlEBz3qV-Ou9GUi4cYHH8ulj84Bs4Iare88fmXvZj_3uF8BneZTqXPr5-7DHuuELIOclK3zeW-1b5BXgrA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 76ms
75ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXr0TpiBXbhnTMoqfrJZWADhrE5RFKnZHjWHRDfMSRdAA5hZPwpBbuaLlEBz3qV-Ou9GUi4cYHH8ulj84Bs4Iare88fmXvZj_3uF8BneZTqXPr5-7DHuuELIOclK3zeW-1b5BXgrA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Nzc5Mjk4LDc5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxXelbhuuSGamfBQQn3Px5KWP-5Sw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ded390f58d9e5575857303e6ad52bb6b657ab429a7ff37cf9bf6ae62bf3d179

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lshZEyDd3Xl_BbYNvOni_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-lshZEyDd3Xl_BbYNvOni_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6ORydXrWMTmNF5eSIzADcPSkQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/ Frame 3494 9 KB
4 KB 45ms
43ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 22:12:19 GMT
etag: 3890843268177463596
expires: Mon, 26 Feb 2024 22:12:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/ Frame 9742 9 KB
4 KB 64ms
61ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_fy2021.js?bust=31081006

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 22:12:19 GMT
etag: 3890843268177463596
expires: Mon, 26 Feb 2024 22:12:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3494 5 KB
1 KB 503ms
188ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 23:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 22:21:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 23:08:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3494 205 B
651 B 449ms
153ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:25 GMT
x-content-type-options: nosniff
age: 341874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 00:10:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3494 604 B
696 B 484ms
189ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:19 GMT
x-content-type-options: nosniff
age: 341880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Feb 2025 00:10:19 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 3494 15 KB
6 KB 171ms
161ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6491
x-xss-protection: 0
server: cafe
etag: 466061988171370325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:00:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 3494 22 KB
9 KB 171ms
161ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:00:53 GMT

GET
H2 200 AGSKWxW0XfkhC8iWaUq1QwsOFEGCsOMDtzMUCFubvXC3oiNgak6erSuqAJLayhr9twnxKcAJHbvYTAQFQ-ynX4qk-L92KdcUUReCw8zNu4m4khcPjhj4MLpKPUSktTdBNVutqfLDnPrMsA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 172ms
172ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0XfkhC8iWaUq1QwsOFEGCsOMDtzMUCFubvXC3oiNgak6erSuqAJLayhr9twnxKcAJHbvYTAQFQ-ynX4qk-L92KdcUUReCw8zNu4m4khcPjhj4MLpKPUSktTdBNVutqfLDnPrMsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Nzc5Mjk4LDk4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCJNMFpnZGFtT05OcyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fe41706ad57ded462588d417f40359d9c10cf9775bf9bb227fb36ad62a0f310

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-95bqD0ULN_-zz-TO2H1mWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-95bqD0ULN_-zz-TO2H1mWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6OxydXrWMT2LD4KC8A73xJ5Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D0D7 162 KB
52 KB 529ms
131ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Zcqk4QAJoAUIaClEAAYqd4DekjRpAdhkCjhAvw&u=%7CwGIXW%2Bf0KgHLoskK8ayEgvthG0m3XLapnIyf3j4IqBg%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqKm1slCvpf7kti9G_6O_UP6gkM4J9Yd3GFeneKuJNH0jCnCCLPe2dOugMJ5QYLrSUugN5SWl1D7LtGARY6-SyR-ACXD1Sf0gq7OSnLeyHgj07h2xMBySu2fdzzZDYsRxq1tmpb-UhJtRnrmaqvGwPbzpUTFN5MAMJ8GmBYKINNm-PVALnWfuo733O_ONbknP_RcMmN42fkhNYtNS1HF4mP3pxrmBNojv4xHNp4NAdBMUcbZRNivNTxfxj7CsljS987DABRwWIAdWz5lJxnAQAqYIcBiaaJUazLz0O31rV_KOPVzbG5oFVKIv2hJZumKhJzECRJm_GC6k_VQRzQ_B4aamFCkC7Oxb5fAbvCsq9_YDAgfzJw_Mo4QnPwiXzD1NmvTGUXnig9Afg15_aBcDk_r3kgBz7A2VaqL5jgdhUPrDQFsvOF2mbHSmkV6tmCmR8cdqH02RLcpBdTCKdCmUvS8Mo-QG7s19u6BACwqazzeDyZxOjPn19frw5kGfEIAKulP2yN-Z_MlxP1Z9X1mx0k3XcOLOyIKv7XqAYu5sG7K6jyuwBhozuxEPso07OwrGhQC8S5PS438KfVvzwaW3Vpn_2rinhHIi_Z4ff7jCMcLxJ0V8YU9Q7gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwjzh4aTKZYXAJsTSoPMP99SYsAacge-wXNL4t52dAcCNtwEQASAAYMkGggEXY2EtcHViLTU1NjE3NjM1ODEzMTQ0NDTIAQmoAwHIAwKqBNIBT9DdZ0-Y80JeWfB0PZB-yjK-g0k03GSXsmvsqkR3-oAVmWJqlAq3yiCIn5dZLnYoFxanIuHdxAkR67LfIgIkBqFdTdLXwo57Mgzxqcj0PYy2YzEUCyE0UNXbRhgcs8r3HDQAUcadLl9JMmAJ5wG6yrt-prIukGTGER5G13Y1dUPjfkrrpAUw_tUzhapgNDh7BEYTT3lwZIkKC3WNHeCqkUNuu0OfyOcdr8Whz-oXHlxvfUIe_AMMdRDUxazgXPF1UdvL25J2ZlBQQv8CF5dOvwWGgAbpz4D1oJKyj36gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAgAhIvf3BOljqjo_T9aaEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jBD2i1hurQ6s-h7aeYoG3jv5KDQ%26client%3Dca-pub-5561763581314444%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2f3c93ca4d23de2cc7ed054561bb60bdb860b2fa422f98b5174bc4d2384e71c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 23:08:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Y7Fmgj2ZSZ-XjjOg32wcqRUeMw1kAlkAEYyQjt2Bid7d3AlhoGWKswuSNeYuioP861oKXRJtyYGNB_l7dhoJdzDqicYhR1obikueMj3hdvvXZMGTBc_FFKR0S1R3PV3flgLCZULNNv56930EIPIUP_SR7bcRcrHBvLEwghazte0NXenMExC0ty0e0VPOD3fiBGro605ngdn3wK_IkLs5yoMbVxdtmeuxKigVcBc1USLXgpgpar1uUQOcddGgw7cLZzIMDQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39769100
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 9742 3 KB
1 KB 129ms
128ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B658 1 KB
643 B 139ms
138ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 00:18:12 GMT
etag: 48472445140208031
expires: Tue, 13 Feb 2024 00:18:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 9742 20 KB
8 KB 135ms
135ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9742 0
0 272ms
268ms Image
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQz-1Cy9MADV7BblorrcpUPatc-Zr_TUqgsLfHUKcRQQ1LFRiPh5lw7avvwKWrHIv70lvBbvwFJ1RXEsmI9e_Wt5eSpsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9742 203 KB
61 KB 138ms
135ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:11:38 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD48 0
10 B 225ms
214ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qBmxEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B658
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEAZa42TPHxGRx2xANDP-2f0&google_cver=1&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0ro...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa&google_cver=1&googl...

170 B
188 B

149ms
149ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa&google_cver=1&google_gid=CAESEAZa42TPHxGRx2xANDP-2f0&google_hm=UTc2MTA2NTY5OTEzNzI2Mjg1MzE=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 12 Feb 2024 23:08:19 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSQoGqNTmMQusWMP3E67f1UxyvTrOeDBI4s6Ymi8SZwJcxDBz5gUQqhsCBaUX0roG6Wh2U3BT11Tr5-u7BFs1O5FptO_aVa&google_cver=1&google_gid=CAESEAZa42TPHxGRx2xANDP-2f0&google_hm=UTc2MTA2NTY5OTEzNzI2Mjg1MzE=
Content-Type: text/html
Cache-Control: max-age=12919
Connection: keep-alive
Content-Length: 154

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B658
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=M2QxNGU4YTYtZDZiNC00ZmFhLTg1ODgtZjEyMmQ0N2FhMDNj&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=1&google_push=AXcoOmTi...

170 B
232 B

80ms
74ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=M2QxNGU4YTYtZDZiNC00ZmFhLTg1ODgtZjEyMmQ0N2FhMDNj&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=1&google_push=AXcoOmTi_fILDr4iqkb_t3FtgD14WPLs2bjmvpTtuckCSgBhqTdJPSYKfhbq3u05HM_mXEiO65e-LH8oeChGX_ds6zxT7_485IctQg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=M2QxNGU4YTYtZDZiNC00ZmFhLTg1ODgtZjEyMmQ0N2FhMDNj&google_gid=CAESEHA2zfiD7-EuGFRQzyjWtwM&google_cver=1&google_push=AXcoOmTi_fILDr4iqkb_t3FtgD14WPLs2bjmvpTtuckCSgBhqTdJPSYKfhbq3u05HM_mXEiO65e-LH8oeChGX_ds6zxT7_485IctQg
date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame B658 43 B
641 B 1163ms
409ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEEpDDpzipjGFNSR4eBsj0EA&google_cver=1&google_push=AXcoOmRm0XPxUvQhavuYZR3JF3d3Dg401wKNvFonSURI_tmxtWKrazJ8A4lNSZ2k4Z0a2ljKiYEQzJSvUltQGwlr6FP7kKpdvqzwYA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 23:08:20 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B658
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB8Gk5bmP_tLYKvEVJS52WQ&google_cver=1&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiCw...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiC...

170 B
329 B

84ms
55ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiCw5ue_SmKMEWK2-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmQjgTZuUBF7ZhpqCFTdub_qqkigtAV30bRAlZIJkB0gOPReDzjxeSCb4u0hy6wFudYVqgw3hAeca2FqiCw5ue_SmKMEWK2-
Date: Mon, 12 Feb 2024 23:08:19 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B658
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEIAxesvED0a2UJsDp1nkfUQ&google_cver=1&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDx...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEIAxesvED0a2UJsDp1nkfUQ%26google_cver%3D1%26google_push%3DAXcoOmSHnF2ZFu4j60kUE3...
https://rtb2-useast.e-volution.ai/sync?adkuid=A7409523822574671659&exchange=193&google_gid=CAESEIAxesvED0a2UJsDp1nkfUQ&google_cver=1&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9j...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0MDk1MjM4MjI1NzQ2NzE2NTk&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeD...

170 B
188 B

185ms
184ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0MDk1MjM4MjI1NzQ2NzE2NTk&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0MDk1MjM4MjI1NzQ2NzE2NTk&google_push=AXcoOmSHnF2ZFu4j60kUE36kNOQ8_-jC80HTWUmA0EHACAuPbV9jK_kVyBc117tGH0W4CTaO2NgwUeDxKRTzty1MZrXF0yWLiAuZAVc
Date: Mon, 12 Feb 2024 23:08:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame B658
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1&google_push=AXcoOmShOziS1ZUK4xKlaAMWNqPNVWppVmi2Eg6WHrLfrMs5maW5KkgoyOriADMCo06EIjUTJ8YO492iGHhxCnPFf...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1&google_push=AXcoOmShOziS1ZUK4xKlaAMWNqPNVWppVmi2Eg6WHrLfrMs5maW5KkgoyOriADMCo06EIjUTJ8YO492iGHhxCnPFf...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=dCAIbDwON_lZdn46C2_ovKaIXTaiGIT548VhjxpOAww&pi=adx&pi=adxab&google_gid=CAESEAp5P-OEDkyrq-VftCJl-Ps&google_cver=1...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

42 B
261 B

309ms
102ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT, Mon, 12 Feb 2024 23:08:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B658
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKluEGq5ZG6-1Nts7avbiPg&google_cver=1&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_UzDZ2O6HJPxVFRMrqvyeEFPozrzqFi7yIgFA

170 B
232 B

87ms
83ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_UzDZ2O6HJPxVFRMrqvyeEFPozrzqFi7yIgFA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 56834a59
date: Mon, 12 Feb 2024 23:08:19 GMT
x-bytefaas-request-id: 2024021223081952788FC0C2170D70509F
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24021223081952788FC0C2170D70509F-3E6E4C363677ECE9-00
x-cache: TCP_MISS from a23-62-227-13.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024021223081952788FC0C2170D70509F
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR0bMI4SuIYgLADQBqnL7xS4fJHli2RRwsYZA5DWw5JXYtGmGHmN9o_k9S1Z5_UzDZ2O6HJPxVFRMrqvyeEFPozrzqFi7yIgFA
x-bytefaas-execution-duration: 4.26
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0153403b1bd4abbc120d99af2790bccd82de8deb31800b5e32167e640185b345298baf9e5a441d7f66e26644dea7760f4dbdba73ac5947297c8811eea31d5324311a8e98e98f2adf783efd5887299838d1e657dd9bd425172b7744128b118bfb07
x-origin-response-time: 22,23.62.227.13
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 12 Feb 2024 23:08:19 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B658 0
139 B 442ms
88ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbQJZf51J0MnyqJblni56jxQC9J_--5Ulg2kRRu9xTv-7UYY-mPIxH-jvaWWR1d3Nd57tRvonm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 164ms
163ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4270v878425165za200&_p=1707779296477&gcd=13l3l3l3l1&npa=0&dma=0&cid=2109314110.1707779297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1707779296&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=scroll&epn.percent_scrolled=90&_et=55&tfd=4196
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9742 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b18cfd66b681256e7795c4c4d8489c7085487ea1a52ef8e3cccd4d0c6606e5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9742 0
19 B 99ms
98ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7TEK4aTKZYXAJsTSoPMP99SYsAacge-wXNL4t52dAcCNtwEQASAAYMkGggEXY2EtcHViLTU1NjE3NjM1ODEzMTQ0NDTIAQmoAwHIAwKqBM8BT9DdZ0-Y80JeWfB0PZB-yjK-g0k03GSXsmvsqkR3-oAVmWJqlAq3yiCIn5dZLnYoFxanIuHdxAkR67LfIgIkBqFdTdLXwo57Mgzxqcj0PYy2YzEUCyE0UNXbRhgcs8r3HDQAUcadLl9JMmAJ5wG6yrt-prIukGTGER5G13Y1dUPjfkrrpAUw_tUzhapgNDh7BEYTT3lwZIkKC3WNHeCqkUNuu0OfyOcdr8XjzcqF2OGEB8v1w9eATPdwdKPIVd9tlUA4oRu_2E58Wn7Gg66pgAbpz4D1oJKyj36gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAgAhIvf3BOljqjo_T9aaEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NTYxNzYzNTgxMzE0NDQ0GAA&sigh=qFuq2BQWXPs&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_8iNG-dRoyoj95TUl3sBO3JVSmOdfNFK5hm4bqbew5FTJWCwlwzPxD63wbv29a0S_zYn6Av8sThgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Feb 2024 23:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 9742 0
126 B 666ms
131ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=ktSPGc36RO0HfOIinRcCAAAARIIwFz9RmNFa3z3uEOCkymVTiON4epdEgbjzAAASAAAKCkFRVUJDZ0VCQ2c&wp=Zcqk4QAJoAUIaClEAAYqd4DekjRpAdhkCjhAvw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 171911
server: Kestrel
content-length: 0

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame 24A7 9 KB
4 KB 117ms
74ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 00:02:20 GMT

GET
H2 200 3a1e077ebed95294cc74869881d96a5a.js Show response
www.gstatic.com/mysidia/ Frame 24A7 148 KB
54 KB 118ms
76ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3a1e077ebed95294cc74869881d96a5a.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f931aba8b199cabe0fd05e3d5726b11979430b5364d5af4fc5e8c8ab8aea6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55373
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 00:07:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 24A7 21 KB
1 KB 122ms
80ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 23:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 22:17:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 23:08:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 24A7 2 KB
822 B 126ms
104ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 24A7 23 KB
9 KB 128ms
105ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 24A7 3 KB
1 KB 129ms
107ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 24A7 20 KB
8 KB 128ms
107ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:50:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 24A7 0
0 153ms
132ms Image
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaNraWZ80MgnOQRyVwlaGuLMqBymj18WxbWbTqsaWz1rWelYrno396MQjfhkrhn7yLRvbrTwxH1xqsN4l5WBZdSQRtSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 24A7 203 KB
61 KB 128ms
106ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:11:38 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 24A7 37 KB
15 KB 113ms
75ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 16:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 11 May 2024 16:09:18 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D0D7 2 KB
1 KB 477ms
134ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zcqk4QAJoAUIaClEAAYqd4DekjRpAdhkCjhAvw&u=%7CwGIXW%2Bf0KgHLoskK8ayEgvthG0m3XLapnIyf3j4IqBg%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqKm1slCvpf7kti9G_6O_UP6gkM4J9Yd3GFeneKuJNH0jCnCCLPe2dOugMJ5QYLrSUugN5SWl1D7LtGARY6-SyR-ACXD1Sf0gq7OSnLeyHgj07h2xMBySu2fdzzZDYsRxq1tmpb-UhJtRnrmaqvGwPbzpUTFN5MAMJ8GmBYKINNm-PVALnWfuo733O_ONbknP_RcMmN42fkhNYtNS1HF4mP3pxrmBNojv4xHNp4NAdBMUcbZRNivNTxfxj7CsljS987DABRwWIAdWz5lJxnAQAqYIcBiaaJUazLz0O31rV_KOPVzbG5oFVKIv2hJZumKhJzECRJm_GC6k_VQRzQ_B4aamFCkC7Oxb5fAbvCsq9_YDAgfzJw_Mo4QnPwiXzD1NmvTGUXnig9Afg15_aBcDk_r3kgBz7A2VaqL5jgdhUPrDQFsvOF2mbHSmkV6tmCmR8cdqH02RLcpBdTCKdCmUvS8Mo-QG7s19u6BACwqazzeDyZxOjPn19frw5kGfEIAKulP2yN-Z_MlxP1Z9X1mx0k3XcOLOyIKv7XqAYu5sG7K6jyuwBhozuxEPso07OwrGhQC8S5PS438KfVvzwaW3Vpn_2rinhHIi_Z4ff7jCMcLxJ0V8YU9Q7gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwjzh4aTKZYXAJsTSoPMP99SYsAacge-wXNL4t52dAcCNtwEQASAAYMkGggEXY2EtcHViLTU1NjE3NjM1ODEzMTQ0NDTIAQmoAwHIAwKqBNIBT9DdZ0-Y80JeWfB0PZB-yjK-g0k03GSXsmvsqkR3-oAVmWJqlAq3yiCIn5dZLnYoFxanIuHdxAkR67LfIgIkBqFdTdLXwo57Mgzxqcj0PYy2YzEUCyE0UNXbRhgcs8r3HDQAUcadLl9JMmAJ5wG6yrt-prIukGTGER5G13Y1dUPjfkrrpAUw_tUzhapgNDh7BEYTT3lwZIkKC3WNHeCqkUNuu0OfyOcdr8Whz-oXHlxvfUIe_AMMdRDUxazgXPF1UdvL25J2ZlBQQv8CF5dOvwWGgAbpz4D1oJKyj36gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAgAhIvf3BOljqjo_T9aaEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jBD2i1hurQ6s-h7aeYoG3jv5KDQ%26client%3Dca-pub-5561763581314444%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D0D7 2 KB
1 KB 455ms
111ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D0D7 308 B
637 B 443ms
100ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D0D7 293 B
621 B 453ms
110ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D0D7 43 B
348 B 513ms
171ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=bNkFIyZUAvNZrbCOwRmI4zyY8sZakSJWWhgmWy_85iiNujIKJN84JtcvRtKU6AZfNt5hrFjd8nixCULI6vfKiDmJE7zK5mI24a-FsldNTS2YoNFstwPKJD9uoFtdKbZz1qIePGpH5fWDT6Z9ZiAxTkonpHSGdedvX6cgi9D2zLEZqnx5-16rQ3N2h7U0KqXuz2VcqcqP1L9J909851GN3n1nYevYL3vb_dVDVt9P9tzRIx0ENhlPZ1I63arh5nDc8fxpMWbRtcexzaHJEywqrnM6kQa70cBxPV0K8fmVQtBePC8InuZsJJxgx_c8CUuG75ZiXe5jFz2o-0shc1GS9AMokiCaZ2GlDX7SxnpHF3_TPSpPpbj4_8fysPKMCWVn58dRRFdaGYRG9krrGp1tToH_CIMJDvb7yWQGhTGMWe1G6GjkrM75uSHBDZVK-eK0eyvViA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2941118
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D0D7 12 KB
5 KB 85ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6532276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP2XhnYpPygAvAGHzVM0OzNS4eKdTRho9bZrDUkGJ2zKEqhqht%2BGtVC7RXJcMzs7IvYbNXKICCHWYbNBr2kSnrOPRynZLfylHAE3lNOjC35PrcDGePKBM%2BITg0DPsNphFQjqt0NQSVu%2F4aeeux5ASZoJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85487e2f0ce81791-EWR
expires: Sat, 01 Feb 2025 23:08:19 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D0D7 12 KB
6 KB 418ms
130ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 5 KB
5 KB 486ms
90ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=104797&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F104797%2F5027704%2F2be7ba77ad5e434b86bb265163c5d3ea_logo_n_vertical.png&v=3&w=196&rid=4&s=3UPdit74AYMNV1PmucLah6Te

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

50af7ea39fc1fe9f6587a6541fdb96a5bf63bc07f12b98054dd426bed22ddb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5242
expires: Mon, 06 Jan 2025 05:13:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 10 KB
10 KB 531ms
135ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2F539dd542b8b2ebb98427724824395ecf1702462763.rng.jpg&v=3&w=400&rid=4&s=125yBsMK2SiGy7x-pVmqYvgO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e7d38b3818205b83c7761097d80cc869aa8bbb898b4a7ba04241fd2ff4829f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 10534
expires: Mon, 12 Feb 2024 23:51:28 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 18 KB
18 KB 493ms
98ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2Ff7d4e840f50cd5b54bdfbbcf093529371702465834.rng.png&v=3&w=400&rid=4&s=mJsp9CD_T8KKCro4fk9aQDfe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1f5314ccd9159d10554b16f54c16f866414b7d46b884ae8287472ee43cb7ba56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 18212
expires: Mon, 12 Feb 2024 23:53:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 20 KB
21 KB 477ms
82ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2F315a51e4a66257f526ccff6bdf55bfb01696510410.rng.jpg&v=3&w=400&rid=4&s=TGoeDRKAOFkFE0f2E23OPVjZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

da2276da720e6e208adbf57b8941ff5f2874ae40c3bdd26d492f36a2591a7d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 20976
expires: Mon, 12 Feb 2024 23:18:40 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 12 KB
12 KB 516ms
121ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2Fb3ba455977cedfa57479dbacecd590cd1696504146.rng.jpg&v=3&w=400&rid=4&s=sMMIS9kCYlmJaAm6kEGXbAxB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

53daaf434105ebfecdb2c902b9937c082433d8397b1b57c99b0bfafd8ec56db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 11828
expires: Mon, 12 Feb 2024 23:09:44 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 23 KB
23 KB 481ms
98ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2Fa76a5e363c1639737a38c2afb5fe16671696509669.rng.jpg&v=3&w=400&rid=4&s=xbUvwO6x_8b0nCNUon6ijXbD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

60f5bcf8f0bffe739ba3718b2e9d9faa28302a036756b4468211a511fbbce35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 23722
expires: Mon, 12 Feb 2024 23:52:16 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 5 KB
5 KB 64ms
63ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2Fd2c2ff3708c541573257594a3789adcd1696508878.rng.jpg&v=3&w=400&rid=4&s=L7AQ5A3mURYwKtwZa-CxG_SO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5d97a4458ec8ee836d704e6040b8ec0a2861d0d7b494f138f3bb91937ae02c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 5352
expires: Mon, 12 Feb 2024 23:35:15 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D0D7 13 KB
13 KB 56ms
55ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=104797&q=80&r=2&u=https%3A%2F%2Fi.gstatvb.com%2F67a51bbf581526e58a0743cab36caacc1696508836.rng.jpg&v=3&w=400&rid=4&s=iXaPz71ZPhx6Xz2YaY7Di2GT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0facf18571b33d5d83fc785cbb6691ea10e3d5d544a52647fe901423e4ef5d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 13408
expires: Mon, 12 Feb 2024 23:27:03 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D0D7 0
128 B 468ms
60ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=Y7Fmgj2ZSZ-XjjOg32wcqRUeMw1kAlkAEYyQjt2Bid7d3AlhoGWKswuSNeYuioP861oKXRJtyYGNB_l7dhoJdzDqicYhR1obikueMj3hdvvXZMGTBc_FFKR0S1R3PV3flgLCZULNNv56930EIPIUP_SR7bcRcrHBvLEwghazte0NXenMExC0ty0e0VPOD3fiBGro605ngdn3wK_IkLs5yoMbVxdtmeuxKigVcBc1USLXgpgpar1uUQOcddGgw7cLZzIMDQ&sds=2&rev=90562.7&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D0D7 2 KB
1 KB 238ms
236ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D0D7 2 KB
1 KB 214ms
213ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240208&jk=597540171474220&bg=!s7ClsP_NAAaxkZ3akZE7ADQBe5WfOGiS9e4M9g4IQMZr1KhzOrpQLziJ4bYiI_k5WgzI24oj7tUfgM2xPqPAiYwsCMIhAgAAAcRSAAAABmgBBwoAZHDkXoPUNN-UfJ5cYzjVjbLBQgVcVSi_F0V47Fzn9B-WLtk9zG6Ff4kmjBvrmF8-HJrHahFVR4yunMsE8d86pMvuw2t63FvQpQsmbc9lif7nZJwECZQGoZ73mcCl1ZNjn2JhGJSZAq9LE6nUNe2vavHEY0vMua55l0AH_49Q9ju-YDg_KUY8vDuQSfPZHae8dLRDBB4IlC36fFKaXSQVgVOFBmPtK-1croB5KuFYHkva9AvZrOAWfEmnfwHYE-q1XayCLjbAH7SalwQr_5pKY1KvFJsxUJhRVYuUF8Cs8Uu6-Xk8O3XOpOR9PNT_WJTMzzJ-oDgZHhviYxSDEtS9Hin4dNCAeGXwv50r0vUag2feSABOV4uNc86cJgKIGXYxu72UwDc6S41H79LZiH8CXTHDwKw2UvjgBuOXy0Ben4Leu_0OFfR54aBOPYvzYNQ8Dmplg3-xNv5fcoCX4EM641DHXUJ-odAcFBXoG7T0PZGETzxWBBDhRm80ZRNDYhJDWvFoM3_9SkJmtaWrCPgphH9JK0muZAJdmA4EpCHdQ1Hs0P4TUT9u42YUILBADBFQztlJ4735zTlbechw8Dh6FhcSLclp8eigETKD4NLKZfYz_MqcuEAruPrrG1A6S_6jIMKJVM_c7fVL5hCfcCuEwXTSBL5HyGAd-A07D0fc-Htl1vGeBALmF9CgB9cH0SLvcRUWEFkRtVKMLJbt0p9dyeFt5XOCeLlB-fcB-TjbJq2UJxuz9QudkN0RXne1im-mVrf_ojwBbLzp-a9bKp33-rYbsxGj1ImY4GV22CTxyevNq71qUbatb1l96izAJs1hk5r8ScPKxqCKKmUrViOGEI-B5tLWnQnzah11A21Xl4YnqrJx2rdH5bgAKBnLJOIJlJYRpGFwB70LbtsGnVQyPYbFMW-E9FqouYftbmMBoC0qHlzeQJaq8vnGxz2W3VcJ9mTKu4Uy7ExSExaNTBoNzaNWHGlsJYMeOmvhSXMYKvcih4-O8NDDrLtHT71f98IMn7YVzVXSI_Xd6Kkb0LwmdL1OPa7ULoI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4233 1 KB
643 B 171ms
164ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 00:18:12 GMT
etag: 48472445140208031
expires: Tue, 13 Feb 2024 00:18:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dmsans-400.css
static.criteo.net/design/googlefont/dmsans/ Frame D0D7 696 B
670 B 163ms
135ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8c99c2c7448d0fe3fd96224986fe8c1d1f3fcd7388aa49c57337e52fc8e9a7bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 13:58:26 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ed82-2b8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H3 200 _ Show response
fundingchoicesmessages.google.com/f/AGSKWxWZNd-NNxHQN_ErgXyiqUQLJPd5ush0u-uD1p3-IYWdSzFkZ1KSubb-YB-mEmBUnU-6o1Z4sGNK4GzkpUJ6f19G3VpcLGwzOjz7qlIgIrRWmQ0XbiyfCsDl6qjgH0yBw9-GMazTixgEqhaYEcOokE-76ocmq... 54 B
110 B 197ms
196ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZNd-NNxHQN_ErgXyiqUQLJPd5ush0u-uD1p3-IYWdSzFkZ1KSubb-YB-mEmBUnU-6o1Z4sGNK4GzkpUJ6f19G3VpcLGwzOjz7qlIgIrRWmQ0XbiyfCsDl6qjgH0yBw9-GMazTixgEqhaYEcOokE-76ocmq_pq0L872mdVMFgX3c-v6HOYCAUcCUst/_?impr?pageid=/framead_/punder.php/AdS/RAD./ad_video.htm

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzzD3gj5Xl_LdwGs7PHMTHg16ATNA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d51bac63edaf1de00978a8ceef1bd4ceacb9c5381aefee6fcab4745c238f301a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qQdtV9OxCaZB68tgUfIDyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qQdtV9OxCaZB68tgUfIDyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OxydXrWMT-NFx6hozADP1Stg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 166ms
165ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23848a0b9266d5f7b94855fe4f8b6b8720dd52ae46f47073d29be7db670d1ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24347
x-xss-protection: 0
server: cafe
etag: 6128443742786676413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:17:17 GMT

POST
H3 204 AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 581ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2k_It7s4JwTSdrNxQ1-Y_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2k_It7s4JwTSdrNxQ1-Y_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZtAx4XbTxkBAuUY_A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmsans-400-latin.woff2
static.criteo.net/design/googlefont/dmsans/ Frame D0D7 18 KB
18 KB 521ms
117ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/dmsans/dmsans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 13:58:26 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ed82-46b0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:08:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOsBs9WcWUJPBbuezVAArZg&google_cver=1&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_ORIA8GSlkjZhQZfNhTbRvcUSg

170 B
188 B

75ms
75ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_ORIA8GSlkjZhQZfNhTbRvcUSg

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Feb 2024 23:08:20 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A465D014049C435AAAAD0E9B756F6C2D Ref B: PHL30EDGE0413 Ref C: 2024-02-12T23:08:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ3USCXCL0PPU4VOLjgmPMPdc7EfeP5_zQa574_eR4vAmLSKgxk7jeNhw1ATNvbM8XwlzTW_ORIA8GSlkjZhQZfNhTbRvcUSg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRN1qQ7zoj3MRgp+JEKw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOYi4vVWv5zXOJz7ZmfKCnw&google_cver=1&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUo...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dkd_DFYNRTcGcgZL_IGpkA&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUoQsoXFP3EyZWgKw

170 B
188 B

67ms
66ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dkd_DFYNRTcGcgZL_IGpkA&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUoQsoXFP3EyZWgKw

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Feb 2024 23:08:20 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dkd_DFYNRTcGcgZL_IGpkA&google_push=AXcoOmS91b0AeFqnekOy4lbDS2P4mPTbPzOMrvSbIa49q9nqgyO56cNCt3Oic7HrlEYsjr-xeQVUeGA8K42lpEUoQsoXFP3EyZWgKw
x-host: tde-deliveryengine-production-7fbb6d4658-2kxqr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB8Gk5bmP_tLYKvEVJS52WQ&google_cver=1&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5B...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5...

170 B
188 B

78ms
77ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5BBrt3urc0fclM_Ww

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=W45WcUWlXGB1iKlmKpgh5c5CYB8&google_push=AXcoOmS9Uz81mnPeu95LYOhSG0EI9xj4YuOCN3uG6StWXbF9h6eWvd_E3IvssVRs-S_eHWKdlrg_4_-jaGbHs5BBrt3urc0fclM_Ww
Date: Mon, 12 Feb 2024 23:08:20 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEN1OaK6D_K4mK27k2_YEs7w&google_cver=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MH...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEN1OaK6D_K4mK27k2_YEs7w&google_cver=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBW...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=ZaHmxiQuRkOuzQIQIIQIXw==&no_redirect=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0c...

170 B
188 B

59ms
58ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=ZaHmxiQuRkOuzQIQIIQIXw==&no_redirect=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MHM9HJ5Nz5qTJmwE40VZGOKgTDb5k

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=ZaHmxiQuRkOuzQIQIIQIXw==&no_redirect=1&google_push=AXcoOmS5-EpuXdFHRRh9ySY9li0rJnumdOYerjDS-vIfRMmLQ6kd0cwGukMYl4e7GIxpBWbMd5MHM9HJ5Nz5qTJmwE40VZGOKgTDb5k
date: Mon, 12 Feb 2024 23:08:20 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGoTfou40J5mwaOE-_xAMmY&google_cver=1&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOq...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOqw3BjiWq3v&google_hm=Nzc0ODM...

170 B
188 B

91ms
91ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOqw3BjiWq3v&google_hm=Nzc0ODM1ODcwOTM1ODI1MDkwMw==

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQVRhoC-LtIpeWqfgzcuvB7GVtOVusMvgfcqw0leHzhiAat8YRE87U8fTJ_0k-5CikV09VApmqYoVUYjwmWCK2zfOqw3BjiWq3v&google_hm=Nzc0ODM1ODcwOTM1ODI1MDkwMw==
Date: Mon, 12 Feb 2024 23:08:20 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4233
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEB93PAHkK30oCfSvzrCoOKY&google_cver=1&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pom...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sleF3CBAy06SGnXSjBEJtQ&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pomKzrxD4SV-u...

170 B
188 B

86ms
86ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sleF3CBAy06SGnXSjBEJtQ&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pomKzrxD4SV-uxOWYFIw

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=sleF3CBAy06SGnXSjBEJtQ&google_push=AXcoOmQ8_y8uthOpdrZYL-GGzB9hJI3kxfK2JeCObL-k10OuWw0Vwd9Vt_xo10cxFAt2rXWI0D02ZaLAxWb8pomKzrxD4SV-uxOWYFIw
Date: Mon, 12 Feb 2024 23:08:20 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 4233
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEKpyQxUtJxGc2EOu3TMb4rA?ext-param=AXcoOmQPle8Kxqf0aGBPNmtHKybSgdHVL6-YYGSyGuj83eCbmqmvp-KABN3z-nDG9N8hLe8khCvLfLuxpjQuDWJMnYr5mzvlQ6YFaYGB&partner-tag=yandex_...
https://yandex.ru/an/mapuid/google/CAESEKpyQxUtJxGc2EOu3TMb4rA?redir-setuniq=1&ext-param=AXcoOmQPle8Kxqf0aGBPNmtHKybSgdHVL6-YYGSyGuj83eCbmqmvp-KABN3z-nDG9N8hLe8khCvLfLuxpjQuDWJMnYr5mzvlQ6YFaYGB&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKpyQxUtJxGc2EOu3TMb4rA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
169 B

164ms
163ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech http://an.yandex.ru; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform=
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 27 Jan 2025 23:08:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4233 0
12 B 197ms
194ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjC1Op0OU8cK31MSUmAuc-WGw2ox4OmjP5QKbmEPQrORYc01g5h7baGPjQs56RBDJnKmv4-tC2oQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame A285 51 KB
20 KB 188ms
187ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:05:59 GMT

POST
H3 204 AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 357ms
89ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xGQpdU-uCmHwAwAZ0-43Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xGQpdU-uCmHwAwAZ0-43Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZvAiy1rnzECAARJGRU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 342ms
81ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wUncSbD08DEHwdVTRmBQjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-wUncSbD08DEHwdVTRmBQjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZvAhitfnjACAAOKGT4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t.ly
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 348ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5r6qFvsAQoSnVccx8KCvHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5r6qFvsAQoSnVccx8KCvHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZvAj8WLnzECAAUvGQ4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWBkwMFE83EY3xMXq0YzqtR4Ro27SXGUU_4SmBJjduaTy5pG2kAyEw4go9pH5JkCOI6ri50H7AhLfMFsV09RrFS_jbgrKIGBKdHXsNVC7ARh51LEH6b7w4Ot8iXx-YQZKyDP27uFw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 250ms
250ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBkwMFE83EY3xMXq0YzqtR4Ro27SXGUU_4SmBJjduaTy5pG2kAyEw4go9pH5JkCOI6ri50H7AhLfMFsV09RrFS_jbgrKIGBKdHXsNVC7ARh51LEH6b7w4Ot8iXx-YQZKyDP27uFw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Nzc5MzAwLDE4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0dc5ef5693cc3e165be711493a1710b782187af0f7336045290eeffc8d06b90

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ht72FFSpemGpPBMivnJ3xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ht72FFSpemGpPBMivnJ3xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6OJydXrWMTuHHnYCEA6mtKnQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9742 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLbMelu7fiFbohBV82ePWPJzKX_QtLk6pPhnX4o7eX0jcviTRaZWmDVqQ5MBKIJueiJygxkQYliAqo5fe3oYhFNQEbMk1v0bYp1RIU7fpC_N_BD9va9-j07hr1lzZLSFaqVWlaZA4&sig=Cg0ArKJSzMsbPNZjqmBWEAE&id=lidar2&mcvt=1020&p=0,0,124,1005&mtos=250,922,1020,1020,1020&tos=250,672,98,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=371209900&rst=1707779298839&rpt=566&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVUNaXC6FApW2XjfxxZjgqohOp2OJvXQpUe1k5mTSiz9maQSm9QIzpHm2QLwjpVtjA6SZ9qwNjEJekBcv8XvyXkMm2qg38KGdeUzZ1QIrjrTYi_xsFzyABotelJI1RHsod6WgmOpg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 81ms
80ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUNaXC6FApW2XjfxxZjgqohOp2OJvXQpUe1k5mTSiz9maQSm9QIzpHm2QLwjpVtjA6SZ9qwNjEJekBcv8XvyXkMm2qg38KGdeUzZ1QIrjrTYi_xsFzyABotelJI1RHsod6WgmOpg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7YJIqmLcXwwaNqMe9v9cvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7YJIqmLcXwwaNqMe9v9cvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZvAjzeH3zMCAAg5GYY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t.ly
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 80ms
79ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc0VCQNFMD5ngS7P5La6NybjGiNoMng6UfKzSWHLTm5zxwQojACO_xVJ54xPkU0HLcdtUKODISYqKj42IKjxHSGK0K9ZyxcQ5HCdWgf25Mt0aRRJJ09FN9coz2uYZy_jVATMoYvA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EMapQjCaXL2LKUYICPo2Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:08:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-EMapQjCaXL2LKUYICPo2Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XA8OblqHZvAjDmz3zICAAVXGK8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t.ly
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D0D7 0
127 B 115ms
115ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 23:08:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 72ms
72ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4270v878425165za200&_p=1707779296477&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=2109314110.1707779297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEII&sid=1707779296&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Ferror%3DDomainNotAllowed&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&_s=3&tfd=9199
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://t.ly/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:08:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D0D7 0
127 B 78ms
76ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 23:08:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__en.js

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.ly/	1970-01-20 18:43:08	Name: XSRF-TOKEN Value: eyJpdiI6IlVIdlBoeHJaY2JsZ0Z0bGo2dkpPVVE9PSIsInZhbHVlIjoibGNjQ29Gb1RBVUJVTEZGNFZGOThxMzg2Qmp2QWYxTXpyRTBZdWY4VzhxZWt1RWFtWSs5ZjdWRndoNDdPWVIyZHVySjdVNmlrRkU5OU12S2hlSTVsK0JoZlZZOUtpTUxaL09tVHg5clVFbFZod3JyQ2VpQW50MnBtQnFiQmEwVEMiLCJtYWMiOiI5MzJjZjQzMWYwYTM3NjY4OGZlZTg0ZDk2ZjRmYTAwYzMzMDMyYjY0NzEzOTM0OTk3YjVmNjJjMGZlNjIyNjNlIiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 18:43:08	Name: tly_session Value: eyJpdiI6IlBJanNUT1YrWHJqZCsxbGhTZ3E5S0E9PSIsInZhbHVlIjoiL2RtdEd1K2Ewd1h0SDF0K2NZTkRFNDhmZk1tdkl4L095a1hvVE9EckJjbTVqRkRUR2dESkhaWHhDckVSMVVEN3ZFSmtmcWRscWhWSDdsaVlUSnIzOGxtbFlGRXZZTy9DK09MM2E5SmtHVGFzbnFsVHBoaEJ0VDcrSExZQlRobVciLCJtYWMiOiIwYTAyYmMxM2ZmOWM2MWZkZmUzZjZlODIxZmZiOWJiYTk3YjYyODdiYTJlYjQ1MGNkZmY5MjMwOWEwZmIzMWIyIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-20 20:32:35	Name: _gcl_au Value: 1.1.1198292856.1707779297
t.ly/	1970-01-20 18:33:04	Name: userTimezone Value: Pacific/Honolulu
.t.ly/	1970-01-21 03:58:59	Name: _ga Value: GA1.2.2109314110.1707779297
.t.ly/	1970-01-20 18:24:25	Name: _gid Value: GA1.2.1039677036.1707779298
.t.ly/	1970-01-20 18:22:59	Name: _gat_gtag_UA_89207177_8 Value: 1
.t.ly/	1970-01-21 03:08:35	Name: cf_clearance Value: 0_Fct5WVyxXqVpcu9.qeYBZ599.C2pzwDGvW4IPAy9o-1707779298-1-AVHFU6a/yKJakDoqO+BgFbt/2d9dY82RJ8h1rlscR4AXKSDzR1GvRb9yvDLClLLHrWBuVg/EuC7+ccArxzLfO1s=
.doubleclick.net/	1970-01-21 03:58:59	Name: IDE Value: AHWqTUm2TIst1ri8QogkQ143xLQ3YFoFe8G1huCtI4-njrMoxxVoWMRfwYsEYsmo_xY
.t.ly/	1970-01-21 03:44:35	Name: __gads Value: ID=a3635d4f8a6c2afc:T=1707779297:RT=1707779297:S=ALNI_MZJ9tUxYWyqzPmxOSqRtxB276r-_A
.t.ly/	1970-01-21 03:44:35	Name: __gpi Value: UID=00000dc262a42b57:T=1707779297:RT=1707779297:S=ALNI_MbVHjXXPxBshK8BRFFOaIBl-QNr6w
.t.ly/	1970-01-20 22:42:11	Name: __eoi Value: ID=b7d4315b51005379:T=1707779297:RT=1707779297:S=AA-Afja04Dlg2leMZ6oXZcjjOb3C
sync.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id Value: s%3A0-5b8e5671-45a5-5c60-7588-a9662a9821e5.yA%2FuoNcEqTuEmCScX5%2Bh1WmklUmlJRdYuzHlhbdC0%2F0
.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id Value: s%3A0-5b8e5671-45a5-5c60-7588-a9662a9821e5.yA%2FuoNcEqTuEmCScX5%2Bh1WmklUmlJRdYuzHlhbdC0%2F0
sync.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id-v2 Value: s%3AW45WcUWlXGB1iKlmKpgh5c5CYB8.bPeuKrxnwxc3yfdNPXxLOHnYEDHCY7UB9qbGOrwUCzk
.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id-v2 Value: s%3AW45WcUWlXGB1iKlmKpgh5c5CYB8.bPeuKrxnwxc3yfdNPXxLOHnYEDHCY7UB9qbGOrwUCzk
sync.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id-v3 Value: s%3AAQAKII1_eTaKKSJyOI8W7L-72_vnwH2WhShEcfTiNGO5mxEREAEYAyDjyaquBjABOgRZmQvUQgQwZxBH.GncXWRrTF0xjDAzFojNO5b%2B4uiYfR1UH1qeKfvcUt6I
.srv.stackadapt.com/	1970-01-21 03:08:35	Name: sa-user-id-v3 Value: s%3AAQAKII1_eTaKKSJyOI8W7L-72_vnwH2WhShEcfTiNGO5mxEREAEYAyDjyaquBjABOgRZmQvUQgQwZxBH.GncXWRrTF0xjDAzFojNO5b%2B4uiYfR1UH1qeKfvcUt6I
.owneriq.net/	1970-01-21 03:58:59	Name: si Value: Q7610656991372628531P
.owneriq.net/	1970-01-20 18:37:23	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 18:37:23	Name: gguuid Value: 1
.inmobi.com/	1970-01-20 20:32:35	Name: idsp_c Value: 3d14e8a6-d6b4-4faa-8588-f122d47aa03c
.t.ly/	1970-01-21 03:58:59	Name: _ga_W1D48QS4F7 Value: GS1.1.1707779296.1.0.1707779299.0.0.0
.adkernel.com/	1970-01-20 19:06:11	Name: ADKUID Value: A7409523822574671659
.e-volution.ai/	1970-01-20 18:43:08	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 19:06:11	Name: ADKUID Value: A7409523822574671659
.creativecdn.com/	1970-01-21 03:08:35	Name: g Value: b6hPFZM0scWOj4yACoV1_1707779300104
.creativecdn.com/	1970-01-21 03:08:35	Name: ts Value: 1707779300
.send.microad.jp/	1970-01-20 20:32:35	Name: TR Value: 298077c6308473f5ec95a3445a344ac927c34b854dfb892e
.t.ly/	1970-01-21 03:08:35	Name: FCNEC Value: %5B%5B%22AKsRol-ab3jKvK2WbTyBWKVtX4IavPaeNym2ksp0hy9OGNLy9n96b0AuMMupe11EZtHOpvZunYSSozVqyyVaCgzxhk9Bzse27Wt14eG61yedbsNmo8Rzk3Q_IehTo8TdXPLO2_0BOVZA4td3dWbSWET5-1XAA6RbBA%3D%3D%22%5D%5D
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjc3sTA2tTA3sASSRqYGlgbGQnyGur6-riVO5s4u7iXGxgDWbeO6JQAAAA
.rfihub.com/	1970-01-21 03:44:35	Name: rud Value: H4sIAAAAAAAA_-MSNjc3sTA2tTA3sASSRqYGlgbGQnyGur6-riVO5s4u7iXGxgDWbeO6JQAAAA
.rfihub.com/	1970-01-21 03:44:35	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dc8PScsvNTHwMs0tT_R31Y2vcPTNjQziNTQ3MDc3tzQ2MDA1MnvFiMI3BwDfzlAQPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dc8PScsvNTHwMs0tT_R31Y2vcPTNjQQAYfRiax4AAAA
beacon.lynx.cognitivlabs.com/	1970-01-21 03:10:01	Name: UID Value: dc8557b2-4020-4ecb-921a-75d28c1109b5
beacon.lynx.cognitivlabs.com/	1970-01-21 03:10:01	Name: ss Value: ZSBHyet3zEjq2xO8ObuVL%2BSOnlaX0WC%2B2UGJSmQBgMgkn3pM9t%2FE7gmeEae83PA8CpMdLpFr8e2pYyeuBUK0xg%3D%3D
.mfadsrvr.com/	1970-01-21 03:58:59	Name: tuuid Value: 65a1e6c6-242e-4643-aecd-02102084085f
.mfadsrvr.com/	1970-01-21 03:58:59	Name: c Value: 1707779300
.mfadsrvr.com/	1970-01-21 03:58:59	Name: tuuid_lu Value: 1707779300
.travelaudience.com/	1970-01-21 03:50:20	Name: _tracker Value: %7B%22UUID%22%3A%2276477F0C-560D-4537-0672-064BFC81A990%22%7D
.linkedin.com/	1970-01-21 03:08:35	Name: bcookie Value: "v=2&030ff846-18e1-4e7f-8dfe-3a41ee047d46"
.linkedin.com/	1970-01-20 18:24:25	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3315:u=1:x=1:i=1707779300:t=1707865700:v=2:sig=AQHsITQGfkBkZt1_Rs2qbqZwOPndnjDW"
.mfadsrvr.com/	1970-01-21 03:58:59	Name: ssh Value: !google,1707779300
.yandex.ru/	1970-01-21 03:58:59	Name: yuidss Value: 9696299871707779300
.yandex.ru/	1970-01-21 03:58:59	Name: i Value: cxjQRhSlecdeQlO0biG2RJjQZhaUKeXrHr9gzIwjm/G4te7TrBoXvBQSHlMHSjgkGBOmgfP1J+VYvDRRpviT+slKvkQ=
.yandex.ru/	1970-01-21 03:58:59	Name: yandexuid Value: 9237099641707779302
.yandex.ru/	1970-01-21 03:08:35	Name: yashr Value: 1489008231707779302

79 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t.ly/?error=DomainNotAllowed Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
ads.travelaudience.com
ads.us.criteo.com
aid.send.microad.jp
an.yandex.ru
analytics.pangle-ads.com
beacon.lynx.cognitivlabs.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.creativecdn.com
cm.g.doubleclick.net
creativecdn.com
csm.us.criteo.net
dsp.adkernel.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
mesdc-coers.info
mweb.ck.inmobi.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px.owneriq.net
r.wdfl.co
rtb.mfadsrvr.com
rtb.va.us.criteo.com
rtb2-useast.e-volution.ai
static.criteo.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.ly
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
yandex.ru
www.gstatic.com
142.250.176.194
161.35.255.96
174.137.133.49
18.235.199.121
185.184.10.30
185.184.8.90
199.38.167.131
20.253.86.149
202.233.84.1
23.36.85.188
23.43.85.205
2600:9000:21dd:9c00:1b:348c:b140:93a1
2606:4700:20::ac43:4b7a
2606:4700::6811:190e
2607:f8b0:4004:c09::9a
2607:f8b0:4006:809::200e
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:824::200e
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:1ec:21::14
2a02:6b8::90
2a02:6b8:a::a
35.190.0.66
35.207.24.140
54.156.224.85
74.119.119.147
016a4d0001a23d3c0419a62ff60c6914a9040a5198ce746280038396080408f2
02465205a59729adf404a9d6311f5921f1f3c9a0d9a52836f7d3386612a6257a
07b18cfd66b681256e7795c4c4d8489c7085487ea1a52ef8e3cccd4d0c6606e5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0facf18571b33d5d83fc785cbb6691ea10e3d5d544a52647fe901423e4ef5d0d
128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae
17d34aa358e997642efccbeff4fc61952c1051070b3f020dd045a5a781f1fcea
18051deac73bbb541a212a3f53a313181263de428ef72381081890329384ec17
183626c4912419ce337e6b12e1e8b7a5a8a7d442edceac8a68347f7a2844ab9b
1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04
1f5314ccd9159d10554b16f54c16f866414b7d46b884ae8287472ee43cb7ba56
23848a0b9266d5f7b94855fe4f8b6b8720dd52ae46f47073d29be7db670d1ace
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
241142da22347b2f233278486ef805818eb5442d14c597828bb7e33b752e9f2a
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2821e305feac1dbb16b399bc6a68a836ad26f9a95100dc85bbf312486048e531
29c485fb9c4fbb64524b4efa61ac4b612c4492f589ae2f86a225208e64ab1778
2f3c93ca4d23de2cc7ed054561bb60bdb860b2fa422f98b5174bc4d2384e71c5
300cadd148f06970f206c9d5ea7839e7b24f8ed2026549a4c7a130fc940a163d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3448d680bc49811570a7db83e9e1791389d7b676d84da58b642f48d5a54eafcc
3a7692ab873d9e2081c3b9aeb15ee183a947f17b21df52051d9ba2b075a83d93
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3ded390f58d9e5575857303e6ad52bb6b657ab429a7ff37cf9bf6ae62bf3d179
3fe41706ad57ded462588d417f40359d9c10cf9775bf9bb227fb36ad62a0f310
419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4a27a54345888d41909cf83309a3bc6ec4d324ba7e29ae6d4754aa3dd8e31a
50af7ea39fc1fe9f6587a6541fdb96a5bf63bc07f12b98054dd426bed22ddb4b
53daaf434105ebfecdb2c902b9937c082433d8397b1b57c99b0bfafd8ec56db8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d97a4458ec8ee836d704e6040b8ec0a2861d0d7b494f138f3bb91937ae02c3c
5f71d6c6083aaa4869c68ec66708e5ed44807e623ab0c941bb1ed031bfe4a0ac
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60de181a4b72ce251389d7f66b2243f52f1779c96b79f5288c2cdd34fcf8b48c
60f5bcf8f0bffe739ba3718b2e9d9faa28302a036756b4468211a511fbbce35f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ad5a6389faef9063a8e3a5a29469301bc614ef63a92e55829c1dae1a0b31824
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c6580ff4f48fe06800ba863309e11c303706b23876d9e043eedd0c24139a97c
7f29124dbf79e5adb90ab46ce6d2a48ff4302c736324323d681c86ae177dee82
8668d6a1b8fdf9b27bb8b765fac4c236c1857fecf0ea061fe5be02d88b14abe5
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
87e4a3beeb210daead88f32a58cb14a01dd71df05b75fdaff8a5927a9e34cb04
899a3571ca7553592fb4221f36b00d18bfb63639fcb24d7d44e74312089bb405
8b67b0c85c677869a066976691ef40e1a9e1e4afa9dce5f1dcc740d944af203e
8c99c2c7448d0fe3fd96224986fe8c1d1f3fcd7388aa49c57337e52fc8e9a7bd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
902b82715554f532a7eb86a59a1d011d2fc9e1540408a4ff29ad0d4e9b10156b
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a0dc5ef5693cc3e165be711493a1710b782187af0f7336045290eeffc8d06b90
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab8b46ed25a0596c98b3ddfb1471339b5fa59ef27525da0493ead49e41bdfd6a
b0f931aba8b199cabe0fd05e3d5726b11979430b5364d5af4fc5e8c8ab8aea6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b968fac7651c9b126181ccb783cb3e492e7b8b34d6ba3430bb8af5ba3e31ef9c
c3bd20d23289ad8836845947878c01d9ee7577a151edea0ce2136a26cad026f4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6b17631794efd2ff0e6adb136b4a14122a7ae1b92c1120bca3d8f22e59b2a3
cf28578b804fa6335d963df340198380f48804b34df6cfd77245bc47ffbad13f
d51bac63edaf1de00978a8ceef1bd4ceacb9c5381aefee6fcab4745c238f301a
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
da2276da720e6e208adbf57b8941ff5f2874ae40c3bdd26d492f36a2591a7d84
ddb48907d464ab39366c47c086d4231f0d4a64e09346e2f4de2e7a6e5ca59736
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e239b566289638f9a0d8e503c5b81fb134840a9961cd00402fdedca6fb733dd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d38b3818205b83c7761097d80cc869aa8bbb898b4a7ba04241fd2ff4829f82
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

t.ly Open in urlscan Pro 2606:4700:20::ac43:4b7a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

89 %HTTPS

58 %IPv6

27 Domains

37 Subdomains

24 IPs

5 Countries

2482 kBTransfer

6733 kBSize

47 Cookies

4 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t.ly Open in urlscan Pro
2606:4700:20::ac43:4b7a Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

89 %
HTTPS

58 %
IPv6

27
Domains

37
Subdomains

24
IPs

5
Countries

2482 kB
Transfer

6733 kB
Size

47
Cookies

135 HTTP transactions
2 data transactions