urlscan.io logo urlscan.io
SecurityTrails logo

t.ly Open in urlscan Pro
104.20.6.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://servv-cusserv.blogspot.sn/
Effective URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Submission: On December 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 73 HTTP transactions. The main IP is 104.20.6.133, located in and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 33922.
TLS certificate: Issued by WE1 on November 30th 2024. Valid for: 3 months.
This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)
servv-cusserv.blogspot.sn
servv-cusserv.blogspot.com
2    2607:f8b0:4006:81d::2009 (United States)

ASN15169 (GOOGLE, US)
www.blogger.com
21    104.20.6.133 (None, )

ASN13335 (CLOUDFLARENET, US)
t.ly
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2840:c600:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)
r.wdfl.co
9    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pagead2.googlesyndication.com
ep1.adtrafficquality.google
5    2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    142.250.65.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net
www.google.com
6    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
3    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
9    142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net
fundingchoicesmessages.google.com
1    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
21 t.ly
t.ly — Cisco Umbrella Rank: 33922
767 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
75 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
341 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
371 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12722
59 KB
2 blogspot.com
servv-cusserv.blogspot.com
3 KB
1 gstatic.com
www.gstatic.com
216 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 20355
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 blogspot.sn
servv-cusserv.blogspot.sn
510 B
73 14
Domain Requested by
21 t.ly 2 redirects t.ly
static.cloudflareinsights.com
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 pagead2.googlesyndication.com t.ly
pagead2.googlesyndication.com
6 googleads.g.doubleclick.net www.googletagmanager.com
pagead2.googlesyndication.com
6 www.google.com t.ly
www.googletagmanager.com
ep2.adtrafficquality.google
www.gstatic.com
5 www.googletagmanager.com t.ly
www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.blogger.com servv-cusserv.blogspot.com
2 servv-cusserv.blogspot.com
1 www.gstatic.com www.google.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 td.doubleclick.net www.googletagmanager.com
1 r.wdfl.co t.ly
1 cdnjs.cloudflare.com t.ly
1 static.cloudflareinsights.com t.ly
1 servv-cusserv.blogspot.sn 1 redirects
73 17

This site contains links to these domains. Also see Links.

Domain
chromewebstore.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.blogger.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
t.ly
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-30		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Frame ID: 8661B7B6AF74224DD89E815E2CDE8DA1
Requests: 61 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 81CCF61D8F4B6E86E8315895BDC8BE15
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1734015274845&cv=11&fst=1734015274845&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&npa=0&pscdl=noapi&auid=788828460.1734015275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 9602EFD2DA8AB7611FA38C9F5F396DF6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Ft.ly
Frame ID: 363D263A53A9D4150F94E569F6BBD0FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Frame ID: 94134CCF943FEC87A0F196116BF97CFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734015273&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734015274596&bpp=11&bdt=558&idt=318&shv=r20241210&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5342880753321&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089326%2C31089330%2C31089339%2C95333412%2C95347445%2C31088249%2C95345966&oid=2&pvsid=2670319576248196&tmod=1704341616&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 346FB00289D69DBB5CBE5922D897381A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1734015273&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734015274607&bpp=3&bdt=569&idt=397&shv=r20241210&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5342880753321&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089326%2C31089330%2C31089339%2C95333412%2C95347445%2C31088249%2C95345966&oid=2&pvsid=2670319576248196&tmod=1704341616&uas=0&nvt=1&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=408
Frame ID: 1C235FBD0E7D20FAC8E23C2F21227AC5
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C7D153341A773C861C61D91F5A238C4C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35DF384991F93F7F5C9437EE083A65A5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=790549t8mywg
Frame ID: 64C89A2F0130F405883ACB87F8AF0825
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Frame ID: D71C8B26707CDFB2055D2DB6C32DF32A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Frame ID: 792D25AE88B88660623B33B56280856E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: A181A93B196D2ABE9A3AA654204CD659
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

World's Shortest URL Shortener | T.LY

Page URL History Show full URLs

  1. http://servv-cusserv.blogspot.sn/ HTTP 307
    https://servv-cusserv.blogspot.sn/ HTTP 302
    https://servv-cusserv.blogspot.com/ Page URL
  2. https://t.ly/mppcD HTTP 302
    https://t.ly/?ref=expired&url=https://t.ly/mppcD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

73
Requests

97 %
HTTPS

59 %
IPv6

14
Domains

17
Subdomains

18
IPs

2
Countries

1893 kB
Transfer

5116 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://servv-cusserv.blogspot.sn/ HTTP 307
    https://servv-cusserv.blogspot.sn/ HTTP 302
    https://servv-cusserv.blogspot.com/ Page URL
  2. https://t.ly/mppcD HTTP 302
    https://t.ly/?ref=expired&url=https://t.ly/mppcD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://servv-cusserv.blogspot.sn/ HTTP 307
  • https://servv-cusserv.blogspot.sn/ HTTP 302
  • https://servv-cusserv.blogspot.com/
Request Chain 23
  • https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
servv-cusserv.blogspot.com/
Redirect Chain
  • http://servv-cusserv.blogspot.sn/
  • https://servv-cusserv.blogspot.sn/
  • https://servv-cusserv.blogspot.com/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servv-cusserv.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a26d79abf9d49d4ba2bca17de805e95ff171f2fe0612ff12a3c5c3b3f8da866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
2399
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 14:54:33 GMT
etag
W/"0d51e6487dde91545e15bdea2a86e8c4e81c502163adccd62e83ec794ec3ad6c"
expires
Thu, 12 Dec 2024 14:54:33 GMT
last-modified
Sun, 01 Sep 2024 03:15:49 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
198
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 14:54:32 GMT
expires
Thu, 12 Dec 2024 14:54:32 GMT
location
https://servv-cusserv.blogspot.com/
server
GSE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: servv-cusserv.blogspot.com
URL: https://servv-cusserv.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://servv-cusserv.blogspot.com/

Response headers

content-encoding
gzip
age
586428
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 20:00:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 20:00:45 GMT
last-modified
Thu, 05 Dec 2024 13:54:43 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
7756
x-xss-protection
0
server
sffe
3704019819-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3704019819-widgets.js
Requested by
Host: servv-cusserv.blogspot.com
URL: https://servv-cusserv.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://servv-cusserv.blogspot.com/

Response headers

content-encoding
gzip
age
558924
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 03:39:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 03:39:09 GMT
last-modified
Thu, 05 Dec 2024 21:52:28 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
51878
x-xss-protection
0
server
sffe
Primary Request /
t.ly/
Redirect Chain
  • https://t.ly/mppcD
  • https://t.ly/?ref=expired&url=https://t.ly/mppcD
75 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bee01bca47034d845eb445e497b77babc0c8f84634ee157eac159501e163aec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://servv-cusserv.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8f0e8ce5d97c2589-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 14:54:34 GMT
last-modified
Thu, 12 Dec 2024 14:54:33 GMT
priority
u=0,i
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
200
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8f0e8ce43f692589-MIA
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 14:54:33 GMT
location
https://t.ly/?ref=expired&url=https://t.ly/mppcD
priority
u=0,i
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS" cfExtPri
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
302
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block
favicon.ico
servv-cusserv.blogspot.com/ 		4 KB
506 B 		Other
General
Check archive.org
Download Go to
Full URL
https://servv-cusserv.blogspot.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://servv-cusserv.blogspot.com/

Response headers

cache-control
private, max-age=86400
content-encoding
gzip
etag
W/"0d51e6487dde91545e15bdea2a86e8c4e81c502163adccd62e83ec794ec3ad6c"
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:54:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
date
Thu, 12 Dec 2024 14:54:33 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Sun, 01 Sep 2024 03:15:49 GMT
server
GSE
rocket-loader.min.js
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-302c"
x-content-type-options
nosniff
cf-ray
8f0e8ce6dae42589-MIA
expires
Sat, 14 Dec 2024 14:54:34 GMT
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
app.css
t.ly/css/ 		298 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t.ly/css/app.css?id=e2a7b0dc179ebee6ccb5
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311644d85911c5abe8a711f061699e36759b12135cffb789e00b66d758e080bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-4a94d"
age
57452
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 22:57:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
text/css
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce6dae72589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
62134
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce72b562589-MIA
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
email-decode.min.js
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-4d7"
x-content-type-options
nosniff
cf-ray
8f0e8ce70b282589-MIA
expires
Sat, 14 Dec 2024 14:54:34 GMT
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f0e8ce7aa5f09a2-MIA
access-control-allow-origin
*
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
61120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VDd7d7evkh2tr6cnUkE7d2YhCON%2BYZATL%2FC6vJEnhNT0V5E7xaBwA7%2Fq3G7b9L088bv5X9Q5HAtADhqyKNWkhEfdBag5NQJezCrnV67D1mvvQdpJUvszgHlp1FScTBRSHIucgql"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 14:54:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=4,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f0e8ce76e3967bc-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2
Requested by
Host: t.ly
URL: https://t.ly/?ref=expired&url=https://t.ly/mppcD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
x-content-type-options
nosniff
cf-ray
8f0e8ce7cc282589-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
33896
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
font/woff2
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285
Requested by
Host: t.ly
URL: https://t.ly/css/app.css?id=e2a7b0dc179ebee6ccb5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/css/app.css?id=e2a7b0dc179ebee6ccb5

Response headers

cf-cache-status
HIT
etag
"12cea601-26350"
age
61870
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce7cc2b2589-MIA
x-whom
tly-app
accept-ranges
bytes
content-length
156496
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc
Requested by
Host: t.ly
URL: https://t.ly/css/app.css?id=e2a7b0dc179ebee6ccb5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/css/app.css?id=e2a7b0dc179ebee6ccb5

Response headers

cf-cache-status
HIT
etag
"12cea601-1ca7c"
age
61870
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
font/woff2
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce7cc2d2589-MIA
x-whom
tly-app
accept-ranges
bytes
content-length
117372
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
rw.js
r.wdfl.co/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2840:c600:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d25206852365841987ab30352033a712b2631c9ad3eea806d7c90afb9b10a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"227356a2f2ef64a6486b0b35c2882617"
age
1318
via
1.1 3d51d72e2d6c0f3bdc1eee797b793c6c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
iId5o8P1BMdndnfKeIS3asLYvfAa97TJ6FsSKMnVk-viSmtpZjGFZg==
date
Thu, 12 Dec 2024 14:32:37 GMT
content-type
text/javascript
last-modified
Wed, 11 Dec 2024 08:31:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P7
x-amz-server-side-encryption
AES256
sweetalert.min.js
t.ly/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-9807"
age
62134
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce82c872589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
app.js
t.ly/js/ 		946 KB
287 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/js/app.js?id=f9c21abe115282a3761a
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b69305e0b2e78c97a40cb5797bb27a65f2a4af637996ef91d7282d2c08c6b86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-ec7d9"
age
62134
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce82c892589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		178 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
f28b02a1dce147e28478354053bf881fefe1bfab2e11348d146e43a204f46105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

content-encoding
br
etag
2416170324189854600
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54642
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7bcab36ba05720607f044d5208eb3324b38a6a08cfcd0b042b5aeb36c839a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78398
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38853b3f3958f8f31c54c0ff436b537a81a4e99f557a532e37d4d01ae0f17b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 12 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96241
x-xss-protection
0
server
Google Tag Manager
favicon-32x32.png
t.ly/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://t.ly/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eac2071342d4c4c1d29fc07f20585b6f9213256fda27667c9d9b383856ff3e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

cf-cache-status
HIT
etag
"12cea601-5ac"
age
61979
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce8fdce2589-MIA
x-whom
tly-app
accept-ranges
bytes
content-length
1452
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
9950.js
t.ly/js/ 		740 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/js/9950.js?id=3fd808fe8e73d7122f13
Requested by
Host: t.ly
URL: https://t.ly/js/app.js?id=f9c21abe115282a3761a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300ad308802c0f4cc8844639b0ee28ce4318c39fa5c66f4f9e94d04ed53cbe96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-2e4"
age
61978
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce9ef532589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
tly-logo-sm.png
t.ly/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ly/img/tly-logo-sm.png
Requested by
Host: t.ly
URL: https://t.ly/js/app.js?id=f9c21abe115282a3761a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

cf-cache-status
HIT
etag
"12cea601-2770"
age
62134
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8ce9ef572589-MIA
x-whom
tly-app
accept-ranges
bytes
content-length
10096
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
truncated
/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
main.js
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 81CC
Redirect Chain
  • https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbadf458f6e1454e4905142cbd0e1bec4a775d99b962255ce174f7051754e51a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8f0e8cea88372589-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
x-content-type-options
nosniff
cf-ray
8f0e8cea3fb82589-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
t.ly/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://t.ly/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-3c2e"
age
62128
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
image/x-icon
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8cea3fc22589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
4bc74ff6ae76fe9ae8183d503a7a5d6ab29dfc6a69213f8c6f396ad19fd8e2d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
303489076153356626
age
52153
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 00:25:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 00:25:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31903
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
a7caa8b02e080b62bab75ae53181045399f5fdc5e4ebcf824b34c22bbd17cf25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
11344910565997262481
age
29187
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 06:48:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 06:48:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147561
x-xss-protection
0
server
cafe
rum
t.ly/cdn-cgi/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ly/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8f0e8cea68082589-MIA
access-control-allow-origin
https://t.ly
date
Thu, 12 Dec 2024 14:54:34 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
8567.js
t.ly/js/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/js/8567.js?id=ff27d36c69a89659efd0
Requested by
Host: t.ly
URL: https://t.ly/js/app.js?id=f9c21abe115282a3761a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b94592605f1089faea93aa97881bec5852187782d9226c2a6a6758c67040a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-27165"
age
5664
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 04:10:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8cea781b2589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
1166.js
t.ly/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ly/js/1166.js?id=19bfd34c537a6d4aa0c4
Requested by
Host: t.ly
URL: https://t.ly/js/app.js?id=f9c21abe115282a3761a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb72efb1dbe2b505518ae93c7ee33765323617ed040c136f91291fd51b47efc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/?ref=expired&url=https://t.ly/mppcD

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12cea601-4b67"
age
61978
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 21:38:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000, no-transform, no-store
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray
8f0e8cea781e2589-MIA
x-whom
tly-app
x-xss-protection
1; mode=block
server
cloudflare
x-do-orig-status
200
js
www.googletagmanager.com/gtag/ 		312 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c&gtm=457e4cb0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e6e3936ed46cae6b235b4535b7cc50c6bcd96efb3a9173a146343cc08b4c18e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107443
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c&gtm=457e4cb0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7652ce0c420cc0bf9471532f793aa7af0b8d13df27572bad4e27bf6eda4c16e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 12 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96310
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
age
3476
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 15:56:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 13:56:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
8f0e8ce5d97c2589
t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 81CC 		0
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/8f0e8ce5d97c2589
Requested by
Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.6.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-ray
8f0e8ceb8a002589-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Thu, 12 Dec 2024 14:54:34 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
api.js
www.google.com/recaptcha/ 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Requested by
Host: t.ly
URL: https://t.ly/js/8567.js?id=ff27d36c69a89659efd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
ESF /
Resource Hash
77175e810f3939f6d0c4eb844fbe5cb3e8510b2c9f974a2c0199699551e6d889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:54:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 12 Dec 2024 14:54:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=servv-cusserv.blogspot.com&dl=https%3A%2F%2Ft.ly%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2055059511.1734015275&auid=788828460.1734015275&navt=n&npa=0&gtm=45be4cb0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734015274858&tfd=1292&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1734015274845&cv=11&fst=1734015274845&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&npa=0&pscdl=noapi&auid=788828460.1734015275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
8dbe465e70b981c4e37aa83ee9765b950a3857f65a94e45f5c6f7b632efb95d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2303
date
Thu, 12 Dec 2024 14:54:35 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10875945736
td.doubleclick.net/td/rul/ Frame 9602 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10875945736?random=1734015274845&cv=11&fst=1734015274845&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&npa=0&pscdl=noapi&auid=788828460.1734015275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 363D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Ft.ly
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
534318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Dec 2024 10:29:17 GMT
expires
Sat, 06 Dec 2025 10:29:17 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/ Frame 9413 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
32779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 05:48:16 GMT
etag
17661348622971093804
expires
Thu, 26 Dec 2024 05:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 346F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734015273&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734015274596&bpp=11&bdt=558&idt=318&shv=r20241210&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5342880753321&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089326%2C31089330%2C31089339%2C95333412%2C95347445%2C31088249%2C95345966&oid=2&pvsid=2670319576248196&tmod=1704341616&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
102866
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:35 GMT
expires
Thu, 12 Dec 2024 14:54:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241210&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
6c99fd20028c5c00fd7d9c295e91da1b2bef9814cd6039f49f4901e8ce8ebee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13118
date
Thu, 12 Dec 2024 14:54:35 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4cb0v878425165za200&_p=1734015274374&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1761229235.1734015275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1734015274&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&dr=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&dt=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1434
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c&gtm=457e4cb0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:35 GMT
content-type
text/plain
server
Golfe2
ads
googleads.g.doubleclick.net/pagead/ Frame 1C23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1734015273&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734015274607&bpp=3&bdt=569&idt=397&shv=r20241210&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5342880753321&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089326%2C31089330%2C31089339%2C95333412%2C95347445%2C31088249%2C95345966&oid=2&pvsid=2670319576248196&tmod=1704341616&uas=0&nvt=1&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=408
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44163
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:35 GMT
expires
Thu, 12 Dec 2024 14:54:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://t.ly/

Response headers
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1108411676&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&dr=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&ul=en-us&de=UTF-8&dt=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1912229893&gjid=1079459047&cid=1761229235.1734015275&tid=UA-89207177-8&_gid=807715395.1734015275&_r=1&gtm=457e4cb0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&jsscut=1&z=843116617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:35 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		547 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t.ly
Referer
https://t.ly/

Response headers

content-encoding
gzip
age
2047
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 14:20:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:20:28 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220753
x-xss-protection
0
server
sffe
/
www.google.com/pagead/1p-user-list/10875945736/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10875945736/?random=1734015274845&cv=11&fst=1734012000000&bg=ffffff&guid=ON&async=1&gtm=45be4cb0v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&ref=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&hn=www.googleadservices.com&frm=0&tiba=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&npa=0&pscdl=noapi&auid=788828460.1734015275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dGjlcPnNQyutcoEruvEyQLF0bIScaag&random=4033645989&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 14:54:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:54:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:35 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C7D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:28:39 GMT
expires
Thu, 12 Dec 2024 15:18:39 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 35DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yWpdHqzS-x41yEp15bKRcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yWpdHqzS-x41yEp15bKRcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:35 GMT
expires
Thu, 12 Dec 2024 14:54:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 64C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=790549t8mywg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4WQ6-vzT7wZXPye_udfhTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4WQ6-vzT7wZXPye_udfhTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
229cf352675733310370228fe56ec6daa939ff27db0fb2d549c2115408874956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
4781336244493941692
age
29229
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 06:47:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 06:47:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60482
x-xss-protection
0
server
cafe
ca-pub-5561763581314444
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e355f28e2d8050f6d7822387787fb0faeb38839d8621e9370fa0a4e10a5e826c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JudfeQCyxxxGTDeHjA3g4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTNsebT611sAjvuzJNQ0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0MrDUMzCOLzAGACuCQgQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JudfeQCyxxxGTDeHjA3g4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=95348653&hl=en&pvc=2670319576248196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 14:54:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://t.ly/

Response headers
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aFqC1fGqY4z_Lw4Xr3i8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdjzafXu9gEDkyav5dRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6BmYxxcYAAAU9Ssr"
content-security-policy
script-src 'report-sample' 'nonce-aFqC1fGqY4z_Lw4Xr3i8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUUKHdUcm-zeWrDH6AX4Curo3IctAJbyey6fjSM-XOzfAi5wJWvnFoQAq3Cl_bo2SZFuGGWf6eP7gfCQumwwbrwWzYKrVR8oUkUbz4aI_oRtP4GBjBgRo5Xas9IDkIMWdXiKMi81Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUUKHdUcm-zeWrDH6AX4Curo3IctAJbyey6fjSM-XOzfAi5wJWvnFoQAq3Cl_bo2SZFuGGWf6eP7gfCQumwwbrwWzYKrVR8oUkUbz4aI_oRtP4GBjBgRo5Xas9IDkIMWdXiKMi81Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDE1Mjc2LDI1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sMCwxMF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c50688d168ae48d6741afe23d58571b3ae67bdd6a00346c5b4ff9da699de5da
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zaqzPhlbNEgcjLBThg7RJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTDsebT611sAi_6mqczKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhlY6hkYxxcYAwBqOkJK"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zaqzPhlbNEgcjLBThg7RJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/ Frame D71C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
32779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 05:48:16 GMT
etag
17661348622971093804
expires
Thu, 26 Dec 2024 05:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/ Frame 792D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241210/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
32779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 05:48:16 GMT
etag
17661348622971093804
expires
Thu, 26 Dec 2024 05:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je4cb0v878425165za200&_p=1734015274374&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1761229235.1734015275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEII&_s=2&sid=1734015274&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2FmppcD&dr=https%3A%2F%2Fservv-cusserv.blogspot.com%2F&dt=World%27s%20Shortest%20URL%20Shortener%20%7C%20T.LY&en=ad_impression&ep.query_id=CPf2iKS-oooDFUciaAgdYDQjaQ&_et=1095&tfd=2789
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c&gtm=457e4cb0za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://t.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:36 GMT
content-type
text/plain
server
Golfe2
AGSKWxXdymvOByQfjGccTS-SLEuwbMX-ajJbK1AATCHm1gG2S6KFn6KXz1z-RYVBys9cqRekvCmYCN0G-BmgangPGfugnFA6u_gs6a22wrYuSk1FFSOasoxvOEaHTxGQ9QoVJhkLd7k2Fg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXdymvOByQfjGccTS-SLEuwbMX-ajJbK1AATCHm1gG2S6KFn6KXz1z-RYVBys9cqRekvCmYCN0G-BmgangPGfugnFA6u_gs6a22wrYuSk1FFSOasoxvOEaHTxGQ9QoVJhkLd7k2Fg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDE1Mjc2LDM2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDddLDAsMTBdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adee6e1c715ac0002b9912770f7a0e5d0f45113011dad6aa48cc1ed7c7a6d80a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YI_nwIK556u4I-rr8o4hyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTDsebT611sAjOuzD7NqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiaGRgqWdgHF9gDABvLkKC"
content-security-policy
script-src 'report-sample' 'nonce-YI_nwIK556u4I-rr8o4hyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
bframe
www.google.com/recaptcha/api2/ Frame A181 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LjWUR7DRzGRpQXjvPot_HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LjWUR7DRzGRpQXjvPot_HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 14:54:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
728_200.
fundingchoicesmessages.google.com/f/AGSKWxVRpbtcv5DuFqFxdkVhZl-knWGKvJRs-ZiZ0NOf3ew6dYRI7EHS28tyUubveG2rgU3caVe-O9xR4mKImAXh8O8wXDrDfsoxt-CojE5Uzlp--8-cSJkymxzCAc-3s35VZ0GhEOULJdPWjjXbV9Utu0uFAueK9... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVRpbtcv5DuFqFxdkVhZl-knWGKvJRs-ZiZ0NOf3ew6dYRI7EHS28tyUubveG2rgU3caVe-O9xR4mKImAXh8O8wXDrDfsoxt-CojE5Uzlp--8-cSJkymxzCAc-3s35VZ0GhEOULJdPWjjXbV9Utu0uFAueK9dWz-eDUc3sWQet0bxMnv0aSVRJEzwov/_/footer_ad_/china-ad./advertisementrotation._sectionfront_ad./728_200.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
22d6e32d2135c5cfa5051517e08e5052ab179922d32eec90d64feb885b0df028
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScRMPCCoWWBeAVxkVVRaxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTNsfbT611sAhsa36QqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGVjqGRjHFxgDAC31QjI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ScRMPCCoWWBeAVxkVVRaxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		178 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
44da9781e63ee384573ccf921227ce42ec56e921513b1b47f4b78417a1d04190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
br
etag
7257392402828655249
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:54:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54642
x-xss-protection
0
server
cafe
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rucCBjMxsa8qiozDynM11A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiWMy_i8kpfQZrEBB_qL_M-gOIGb5eYeUAYiFujrWfXu9iE1hwZ0W0kktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxNDI00DMwjy8wAACXtyxq"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rucCBjMxsa8qiozDynM11A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Gt_pIAsbNYGAI5LgKQtvHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj7afXu9gEGs5fnseo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQwN9AzM4wsMABgUKzk"
content-security-policy
script-src 'report-sample' 'nonce-Gt_pIAsbNYGAI5LgKQtvHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8fQj5pi9IXIzT7QuUUY99A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj7afXu9gEXnQcWMuo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQwN9AzM4wsMAB8TK1I"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8fQj5pi9IXIzT7QuUUY99A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ElbYb-ljz-_Rb8s3tmL1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsQUD8of4y6w8gZvh6hZUDiIV4ONZ-er2LTaBh_9W1jEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDI0EDPwDy-wAAAEv4rLg"
content-security-policy
script-src 'report-sample' 'nonce-ElbYb-ljz-_Rb8s3tmL1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXGiOyp2ADpecy5eZzZ57c209KRNxp90ahKbW1nMpPUYEOVXQJBblxq224MFy_oclOeRgMgBhAm4-lHq4WYLeNEi9E2wTeDImtcFWqrBSgeJ4dYC6zfIffxiNgTQyNzgnoreJPsqQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXGiOyp2ADpecy5eZzZ57c209KRNxp90ahKbW1nMpPUYEOVXQJBblxq224MFy_oclOeRgMgBhAm4-lHq4WYLeNEi9E2wTeDImtcFWqrBSgeJ4dYC6zfIffxiNgTQyNzgnoreJPsqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDE1Mjc3LDMyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sMCwxMF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
7f0848c05a3385cf83b0bf213b9a73dc9bdd0cc1e70ee0f18380b854f67b1a63
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GQ_8fsa7nvyO0_QeoPh7Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQf6i_zPoDiGecv8y6AIiLJK6wtgAxw9crrBxALMTDsfbT611sAh2LlmxnVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDKw1DMwji8wBgBl4EI9"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GQ_8fsa7nvyO0_QeoPh7Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWtF0FKpe81kaiL-sa8h7wYy2HebwcPppxm9Yr7qwYEaNbUidGHzatIWeYbqTUIiaa21dm5OF8CE5F2hit8QZ5QjVA7FEzmaWHOZoMfYf16Wny503WRfPXFm5EbvaGPR-x1UHNtCw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWtF0FKpe81kaiL-sa8h7wYy2HebwcPppxm9Yr7qwYEaNbUidGHzatIWeYbqTUIiaa21dm5OF8CE5F2hit8QZ5QjVA7FEzmaWHOZoMfYf16Wny503WRfPXFm5EbvaGPR-x1UHNtCw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fd038IfwI5HLpW-jJdNt2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj7afXu9gENvyc-55RySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6BmYxxcYAAA02iuj"
content-security-policy
script-src 'report-sample' 'nonce-Fd038IfwI5HLpW-jJdNt2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXX5qIw46bcKrFYmZEmmW3y88wNhk9l3lnkBKZidGQ0f9NC2vK7nfPyxmiRUae8Fo0RXcf4sJxJbSt704hLp7e2H4-XU29L8maFDbpxyx0yQNsey52jYwh39LjNvPlDImrurmxReQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OgVxXCh4xVLzauH_1JwOJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://t.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:54:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj7afXu9gEJmy6-IFRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6BmYxxcYAAApkCt5"
content-security-policy
script-src 'report-sample' 'nonce-OgVxXCh4xVLzauH_1JwOJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://t.ly
content-length
0
x-xss-protection
0
server
ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241210&jk=2670319576248196&bg=!gYKlgs3NAAbtGp3CzRo7ADQBe5WfOBHj7h0PCt0BIDcxzrD2VivqM9QVmPMtti23YhxT8p8YDPY5yqrUYEfonfYgjHDnAgAAAIBSAAAAAmgBB34ANpX7siJ5jEzKRczxSSUgsdiseaj_xoPkGf75VUrEEhv_dw4Yf2ji3m0w3rHGkTeVFra9yvh1ypkCjw7PIHedhs2kJXqtrZECAl_9z4S5_47RSnLCsQtFgA_5xPf4BzkIqdQQQNbG9U6IrzQ4HrrPHiJLRCYyCkT-OjfFGcBU0oV0bHguXSdb9VUJ8mtM6TL5aT0FjIGt6yWCyoHzbLieR_wMSVyByvGQ-ObrIXlL-D2B1B_nMDPeMr4H0Bd5yAoTgwj7zvendHfXcLfgPlvkd4XZYcWOYFM2SVnIhpZr31hw6KIPmX_uNw5AOSmW83it7NjRqSKSKMUR_eBtF-xEe5lxfxpE6mgRMr9E2gKy5Bph5a3v3TbGoVvG33bfvfhP6JBdmkKQYsCAsQvzgFe71q2Lb_ZXk0lf9Tlgm_zGsca5VR5ejOJ_yYFjmjxqnTOBcLDqcFWlMQCN5PB-d6hQ2aE0-mUFC_2lKtSWdy2q7oy-Z9VLpJwPITd1OilOpdlwpJd-bFqUY4X5urWyhJqHB-RripWDsILnp2F5cvsu4iLgHEc9RIpOcp947SZUBnj0tgk0VbfPmxJMA63gGRowdi7vDN4W3EhcfnJhyqT7KzT-NPhTNFIALi-MaU0Njy0I2-gltfrmK8Gy7OrifcI5z_PKkFj3PHarMSujI8JUE0_E7dQdVzV7dTHK0zXwBrCpoVakoGmSSNJKKexQErdmmxPbuqeFt889N0frl5eWtKIkRvIgxHDY-cojh3LoTwuXnlsQqPNyamODuU_GtRxOyOhHKSsTQ_f77NjfE6YOziq1qbKVITGWO0zCcPRIM_GA7Ho0iRxpFbQSprs5j5a8a9dC22j6oE_ntH65LFB47IWnX26rcczkfhqQwPXucC41tL3QHnSDHYL6Vfx7WJonhtUps2Hq6Smt98d3ZalWt-MffABljWc_hkA

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| __cfQR object| __cfBeacon string| _baseUrl string| _apiUrl string| _defaultShortDomain string| _googleRecaptchaSiteKey object| Spark function| gtag_report_conversion function| gtag object| dataLayer object| adsbygoogle object| webpackChunk object| APP function| URI function| axios function| _ function| moment function| Popper function| __ function| jQuery function| $ function| Vue object| Bus function| SparkForm function| SparkFormErrors function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter boolean| _rewardful_loaded function| Rewardful function| rewardful string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| vueRecaptchaApiLoaded function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| GooglebQhCsO function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| GoogleGcLKhOms object| recaptcha object| closure_lm_250750 object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmNkNDI1ODlkYTMzYjdlOWxvYWRlcl9qcw== string| NmNkNDI1ODlkYTMzYjdlOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| 267859a4-b42d-4f5a-b891-c277c7682cd5

22 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJNbFnc6nBTMj27EfCg0nFEO7Jy0YjcMkEAHRgKH03NWx1wlMA-ZjUGsWV7s9dOUoGFiGCUZAdYsqlbCx98r3bI
.t.ly/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik1qZVR2Tk9id2hCei9zTndRODgxSHc9PSIsInZhbHVlIjoiN01QVlh1SSszTTBGTDJvSW13UWx6b3Z5RG9scXgwUHVhb25FalgyR1VYS2NyMThDSklwUjViMmd1aGZZN3p2d0NVd3l0bjJneGRSeEhVTzYwd0tGRVFLRUs0d0xEcjc0cWl5VWpKMWlldkV6MUtHaTczejJ0M3F0UHlIbkMzcDYiLCJtYWMiOiIyYjIyMDM1NzM1YTE0MDgwMzgwYWM3NGFjOTJiNzFlN2NmOWQxZDc4N2NjZWE4YmNhNGIyYmFmYzcyMGM1N2E1IiwidGFnIjoiIn0%3D
.t.ly/ Name: tly_session
Value: eyJpdiI6ImRQd3FGY2hUU3o2YmwzWjBWU0lhb0E9PSIsInZhbHVlIjoicG9mV284djAxSWw4dTZUdjhuZU0zQnk5NUhPTWZaR0NIMXNXbGxiZC96YVp6WDBlTDNDS3FXRFViMTJyWEhSNEZHMWRxVjBTSTVIdkRDd05zeUtMZS9VWGpib2xjenZERVliVGdFdzlKbnNXeTFNajBOQVZ5VnVQNkFDemJlSHgiLCJtYWMiOiJjZjFhZTA2MmRiMTkzODU2MTU0MjBmNGFiZmVmMzE3OWZjMjhkNTUxYWUyMGM5NWNmMTllYTlhZmQyMjJmNGJlIiwidGFnIjoiIn0%3D
t.ly/ Name: userTimezone
Value: Pacific/Honolulu
.t.ly/ Name: _gcl_au
Value: 1.1.788828460.1734015275
.t.ly/ Name: cf_clearance
Value: 174G0AXmyB._XxbANvkASwX6h0VMvIviZpLFABjSPYg-1734015274-1.2.1.1-8jL4_FNViZdZ83q120y3zEq3zCZCPexo.UBp8VoLQip_rw9FY7wI4J9QlMWEIIEUsqHdeQh7gHBx.77YKoX8UqVpsx65VEemNVYxTCfnRpwLeKpqHtNiEDCBFY72fLBkOlZ_v53_rNaI7.BSFV.nu.EchKTQFDjXSw7c4HER6CNm2AbLTm_bIEDG.jumpG5cpVE4YTjoyZarFApLwDuz.PRGqkpgALhj7faaidNa_NP.6zBOIFmEGTYqEmeaAlIXFKWQhfxDT0.t9P98Zl4vGt7X9TblOnOFy0djXe7CBZiOpmbscDt_Dyb8u9C3HZfA0pKCB9cuvC3ujbbROYbRqynJhOglPod5D6sSfmfenlekiGpzEkK8uHGe0HlmwlxX
.t.ly/ Name: _ga
Value: GA1.2.1761229235.1734015275
.t.ly/ Name: _gid
Value: GA1.2.807715395.1734015275
.t.ly/ Name: _gat_gtag_UA_89207177_8
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmurH2TCE18IaeeIluQzRTDZ2X2PRA07gDr7eivOQ35617G-_hzDAvD5WhYqsg
.googleadservices.com/ Name: ar_debug
Value: 1
.t.ly/ Name: __gads
Value: ID=510c7ae8bcbb5f88:T=1734015275:RT=1734015275:S=ALNI_MbUnqspInMAT0TB82evOcxS6OJ4gw
.t.ly/ Name: __gpi
Value: UID=00000fb0507c69e8:T=1734015275:RT=1734015275:S=ALNI_Ma_Wd7oJ5OsTCF2JSv040fQnDH0IQ
.t.ly/ Name: __eoi
Value: ID=233b3b1887441f96:T=1734015275:RT=1734015275:S=AA-AfjaKT1DLlkP2qEqI-ld6FWYw
.t.ly/ Name: _ga_W1D48QS4F7
Value: GS1.1.1734015274.1.0.1734015276.0.0.0
.casalemedia.com/ Name: CMID
Value: Z1r5LNHM5WsAAHsXCn-99AAA
.casalemedia.com/ Name: CMPS
Value: 5797
.casalemedia.com/ Name: CMPRO
Value: 5797
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.t.ly/ Name: FCNEC
Value: %5B%5B%22AKsRol9RtfqgAXY1Fh3VLnVJIheslZhQe_Ggacwca2u8FnLcDGfnHsBPxblLK-AbunpMr-7gt8PTnqBUmIfW7jgplCw1JsZkC5_maWtDqEcT8D0vV_OhkS8PSyMDdRfS33XBOxmIjF665Vypc48mI1HZnaQTFXsxzg%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
r.wdfl.co
servv-cusserv.blogspot.com
servv-cusserv.blogspot.sn
static.cloudflareinsights.com
t.ly
td.doubleclick.net
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
ep1.adtrafficquality.google
104.17.24.14
104.20.6.133
142.250.65.228
142.250.72.98
142.251.40.130
142.251.40.142
2001:4860:4802:32::178
216.239.36.178
2600:9000:2840:c600:1b:348c:b140:93a1
2606:4700::6810:5049
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81d::2009
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2003
0a26d79abf9d49d4ba2bca17de805e95ff171f2fe0612ff12a3c5c3b3f8da866
0eac2071342d4c4c1d29fc07f20585b6f9213256fda27667c9d9b383856ff3e5
1d25206852365841987ab30352033a712b2631c9ad3eea806d7c90afb9b10a36
229cf352675733310370228fe56ec6daa939ff27db0fb2d549c2115408874956
22d6e32d2135c5cfa5051517e08e5052ab179922d32eec90d64feb885b0df028
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac
300ad308802c0f4cc8844639b0ee28ce4318c39fa5c66f4f9e94d04ed53cbe96
311644d85911c5abe8a711f061699e36759b12135cffb789e00b66d758e080bc
38853b3f3958f8f31c54c0ff436b537a81a4e99f557a532e37d4d01ae0f17b39
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3b69305e0b2e78c97a40cb5797bb27a65f2a4af637996ef91d7282d2c08c6b86
44da9781e63ee384573ccf921227ce42ec56e921513b1b47f4b78417a1d04190
4bc74ff6ae76fe9ae8183d503a7a5d6ab29dfc6a69213f8c6f396ad19fd8e2d1
4e6e3936ed46cae6b235b4535b7cc50c6bcd96efb3a9173a146343cc08b4c18e
5bee01bca47034d845eb445e497b77babc0c8f84634ee157eac159501e163aec
5c50688d168ae48d6741afe23d58571b3ae67bdd6a00346c5b4ff9da699de5da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c99fd20028c5c00fd7d9c295e91da1b2bef9814cd6039f49f4901e8ce8ebee7
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
7652ce0c420cc0bf9471532f793aa7af0b8d13df27572bad4e27bf6eda4c16e1
77175e810f3939f6d0c4eb844fbe5cb3e8510b2c9f974a2c0199699551e6d889
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f0848c05a3385cf83b0bf213b9a73dc9bdd0cc1e70ee0f18380b854f67b1a63
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8dbe465e70b981c4e37aa83ee9765b950a3857f65a94e45f5c6f7b632efb95d9
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a7caa8b02e080b62bab75ae53181045399f5fdc5e4ebcf824b34c22bbd17cf25
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
adee6e1c715ac0002b9912770f7a0e5d0f45113011dad6aa48cc1ed7c7a6d80a
bcb72efb1dbe2b505518ae93c7ee33765323617ed040c136f91291fd51b47efc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1b94592605f1089faea93aa97881bec5852187782d9226c2a6a6758c67040a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e355f28e2d8050f6d7822387787fb0faeb38839d8621e9370fa0a4e10a5e826c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bcab36ba05720607f044d5208eb3324b38a6a08cfcd0b042b5aeb36c839a19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28b02a1dce147e28478354053bf881fefe1bfab2e11348d146e43a204f46105
fbadf458f6e1454e4905142cbd0e1bec4a775d99b962255ce174f7051754e51a
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99