urlscan.io logo urlscan.io
SecurityTrails logo

sur.ly Open in urlscan Pro
54.173.41.122  Public Scan

Go To Rescan Add Verdict Report
URL: http://sur.ly/i/login.ajera.com/
Submission: On June 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 54.173.41.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sur.ly.
This is the only time sur.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    54.173.41.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-41-122.compute-1.amazonaws.com
sur.ly
6    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
1    2606:4700:3030::681c:1a56 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sur.ly
10    2606:4700:3030::681c:1b56 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sur.ly
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
5    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
10 cdn.sur.ly sur.ly
5 mc.yandex.ru 2 redirects sur.ly
5 sur.ly sur.ly
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com sur.ly
pagead2.googlesyndication.com
2 bam.nr-data.net js-agent.newrelic.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com sur.ly
1 js-agent.newrelic.com sur.ly
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 img.sur.ly sur.ly
37 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-14 -
2020-10-09		 8 months crt.sh
sur.ly
Let's Encrypt Authority X3		 2020-05-13 -
2020-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-29 -
2021-05-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://sur.ly/i/login.ajera.com/
Frame ID: D42973920241B7DE44A29C5AC908BEC7
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Frame ID: 061837BF90BF62FCCA6C12C95353176B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&h=90&slotname=4478561455&adk=4142691258&adf=4207102462&w=970&lmt=1591051947&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947376&bpp=20&bdt=88&idt=76&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1221179708104&frm=20&pv=2&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=2090&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HYX4DLwH2P&p=http%3A//sur.ly&dtd=93
Frame ID: FBD0C8DB20C2C57D04E88B18F402F2A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&h=600&slotname=5099862656&adk=2754771741&adf=2453001854&w=300&lmt=1591051947&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947396&bpp=3&bdt=108&idt=82&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=230uV4y9o5&p=http%3A//sur.ly&dtd=87
Frame ID: 64B48CC7B7AF5138672F85BA78C2D3C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&adk=1812271804&adf=3025194257&lmt=1591051947&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591051947399&bpp=1&bdt=111&idt=87&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x600&nras=1&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=92
Frame ID: D5290ECF969B9090634C0B6150D191CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 1ADB232798E9BF8EC616C32ABC7EBFE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

37
Requests

86 %
HTTPS

70 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

399 kB
Transfer

830 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 16
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 21
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=712394338&gjid=1697477801&cid=807968707.1591051947&tid=UA-37202582-1&_gid=256606255.1591051947&_r=1&cd1=domain&z=1651604220 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=712394338&gjid=1697477801&cid=807968707.1591051947&tid=UA-37202582-1&_gid=256606255.1591051947&_r=1&cd1=domain&z=1651604220
Request Chain 26
  • https://mc.yandex.ru/watch/29271320?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowAds%22%3A%221%22%2C%22has_keywords%22%3A%220%22%7D&browser-info=ti%3A10%3Ans%3A1591051947038%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602005227%3Aet%3A1591051948%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A443288179409%3Arqn%3A1%3Arn%3A320453405%3Ahid%3A54369379%3Ads%3A7%2C12%2C229%2C12%2C0%2C0%2C0%2C73%2C0%2C%2C%2C%2C323%3Afp%3A315%3Awn%3A22547%3Ahl%3A2%3Agdpr%3A14%3Av%3A1866%3Arqnl%3A1%3Ast%3A1591051948%3Au%3A1591051948393375974%3At%3Alogin.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera HTTP 302
  • https://mc.yandex.ru/watch/29271320/1?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowAds%22%3A%221%22%2C%22has_keywords%22%3A%220%22%7D&browser-info=ti%3A10%3Ans%3A1591051947038%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602005227%3Aet%3A1591051948%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A443288179409%3Arqn%3A1%3Arn%3A320453405%3Ahid%3A54369379%3Ads%3A7%2C12%2C229%2C12%2C0%2C0%2C0%2C73%2C0%2C%2C%2C%2C323%3Afp%3A315%3Awn%3A22547%3Ahl%3A2%3Agdpr%3A14%3Av%3A1866%3Arqnl%3A1%3Ast%3A1591051948%3Au%3A1591051948393375974%3At%3Alogin.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sur.ly/i/login.ajera.com/ 		53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
d1a3f6a079afdd220172c80ac13990522850d7a4678a04ace50a6cd212426d2a

Request headers

Host
sur.ly
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Mon, 01 Jun 2020 22:52:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding User-Agent
Content-Encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8d6d8215d49d6a9bc5a86a29c919a3eda9af426d2ab87424ba95a27b007a4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 01 Jun 2020 22:52:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10312755542652500454
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
39241
X-XSS-Protection
0
Expires
Mon, 01 Jun 2020 22:52:27 GMT
login.ajera.com.png
img.sur.ly/thumbnails/620x343/l/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sur.ly/thumbnails/620x343/l/login.ajera.com.png
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ea473c30cf55faf18a43f854a80f5ef164eac91dbd945edfd896ce96dda3d7

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
MISS
x-amz-request-id
B4703652DFC9FDD1
status
200
content-length
9517
x-amz-id-2
2eVM3cPcgIRt5UQtqXl/suMLa3iUPrqySsJpvvB29J6kxMSfkykKrsf3EzttsIIe+t/uQ9B5zFg=
last-modified
Fri, 29 Mar 2019 17:08:20 GMT
server
cloudflare
etag
"4157e045d100d9ac47e59dec426658d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
cf-request-id
0313af2530000097ea8b330200000001
accept-ranges
bytes
cf-ray
59cc814eb8cd97ea-FRA
expires
Mon, 15 Jun 2020 22:52:27 GMT
notify
sur.ly/ 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/notify?d=login.ajera.com&dv=1&fg=0&r=26621
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 01 Jun 2020 22:52:27 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.1
content-type
image/gif; charset=utf-8
save_stat.php
sur.ly/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sur.ly/save_stat.php?statistic=YTo3OntzOjc6InR5cGVfaWQiO2k6MTtzOjk6Im9iamVjdF9pZCI7czo4OiI3MDUyMTgwOCI7czozOiJ1cmkiO3M6MTk6Ii9pL2xvZ2luLmFqZXJhLmNvbS8iO3M6ODoicmVmZXJyZXIiO047czo1OiJxdWVyeSI7TjtzOjQ6InRpbWUiO2k6MTU5MTA1MTk0NztzOjQ6InNpZ24iO3M6MzI6IjQyZjY1NTgwOWU2MTZiNTlhNmNjZGE5NzEyY2EyNjQ3Ijt9
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Jun 2020 22:52:27 GMT
Server
nginx/1.14.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif; charset=utf-8
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=3760,3661,3381,5893,7683,5982,3564,6022&r=88524
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 01 Jun 2020 22:52:27 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.1
content-length
43
content-type
image/gif
logo_main.png
cdn.sur.ly/domain/img/ 		478 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/logo_main.png
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add6c3026ceeda68a2bd3019ec2de86f2c18e7c43cd08c5d873361def95937b0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568225
status
200
content-length
478
cf-request-id
0313af2535000005c44b98e200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-1de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814eb82b05c4-FRA
expires
Sat, 13 Jun 2020 19:15:22 GMT
icon_search_button-1.png
cdn.sur.ly/domain/img/ 		263 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/icon_search_button-1.png
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92abd459956c0d3e7c4d1c1cbb7337526c5b56f5779c4732d3b3aabc636c73b

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568203
status
200
content-length
263
cf-request-id
0313af2535000005c44b98f200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814eb82c05c4-FRA
expires
Sat, 13 Jun 2020 19:15:44 GMT
bg_top_green.jpg
cdn.sur.ly/domain/img/ 		678 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/bg_top_green.jpg
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d376bb26b43006a4f51a9c72e9bfb9637a1850128f90ce3dba878f41fb48d98a

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568203
status
200
content-length
678
cf-request-id
0313af2536000005c44b994200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-2a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814eb83205c4-FRA
expires
Sat, 13 Jun 2020 19:15:44 GMT
icons_stars.png
cdn.sur.ly/domain/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/icons_stars.png
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64aa4781a6aa35dfeb9b76c89c40d57d9d62f6ad01c0bc7144a2d129ce36dfe

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568225
status
200
content-length
1143
cf-request-id
0313af2535000005c44b991200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-477"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814eb82e05c4-FRA
expires
Sat, 13 Jun 2020 19:15:22 GMT
bg_browser.jpg
cdn.sur.ly/domain/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/bg_browser.jpg
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba4102daac4c95ce8ea040027d3f7935e5f46cd2f0b645fdcbeb992872e2be5

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568203
status
200
content-length
5833
cf-request-id
0313af2535000005c44b990200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-16c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814eb82d05c4-FRA
expires
Sat, 13 Jun 2020 19:15:44 GMT
us.png
cdn.sur.ly/domain/img/icons_flags/ 		488 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/icons_flags/us.png
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac836d19ba59b13f74176339bbb73a752844e528a338bd9340c945d2f2895c5

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568105
status
200
content-length
488
cf-request-id
0313af2545000005c44b995200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-1e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814ed85b05c4-FRA
expires
Sat, 13 Jun 2020 19:17:22 GMT
icon_title_desc.jpg
cdn.sur.ly/domain/img/ 		605 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/icon_title_desc.jpg
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0d4351c573d32db3c47538d9bbab48415feb915621eeb9689af588d16bf2f6

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568225
status
200
content-length
605
cf-request-id
0313af2545000005c44b996200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-25d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814ed85c05c4-FRA
expires
Sat, 13 Jun 2020 19:15:22 GMT
icons_social.jpg
cdn.sur.ly/domain/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/domain/img/icons_social.jpg
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ea464e20b6f962f4950e09b9f2683cd92939e84e3597daa449be364e94e623

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
cf-cache-status
HIT
age
1568225
status
200
content-length
1365
cf-request-id
0313af2545000005c44b997200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
"5dbad26a-555"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59cc814ed85d05c4-FRA
expires
Sat, 13 Jun 2020 19:15:22 GMT
proximanova-bold-webfont.woff
cdn.sur.ly/domain/css/fonts/bold/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/domain/css/fonts/bold/proximanova-bold-webfont.woff
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dab18f741bc75e5623c5ba21a023f160dca37b29219caf08daf5c34f167ef3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/
Origin
http://sur.ly

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
br
cf-cache-status
HIT
age
1568225
status
200
cf-request-id
0313af25390000060987b87200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
W/"5dbad26a-f081"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
59cc814ecb060609-FRA
expires
Sat, 13 Jun 2020 19:15:22 GMT
proximanova-regular-webfont.woff
cdn.sur.ly/domain/css/fonts/regular/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/domain/css/fonts/regular/proximanova-regular-webfont.woff
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
944cd018f5c0b3cd9f640b891c5421723efa196728aa86d8dedb9a741a412079

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/
Origin
http://sur.ly

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
br
cf-cache-status
HIT
age
757994
status
200
cf-request-id
0313af25390000060987b88200000001
last-modified
Thu, 31 Oct 2019 12:24:10 GMT
server
cloudflare
etag
W/"5dbad26a-11806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
59cc814ecb090609-FRA
expires
Tue, 23 Jun 2020 04:19:13 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6968
date
Mon, 01 Jun 2020 20:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 01 Jun 2020 22:56:19 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
136 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b8040d177c3f749c610c9c523bd03160afb95e505d64976ca40d92551aa88ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Jun 2020 22:52:27 GMT
Content-Encoding
br
Last-Modified
Thu, 28 May 2020 05:38:18 GMT
Server
nginx/1.14.2
ETag
"5ecf4e4a-9ffd"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40957
Expires
Mon, 01 Jun 2020 23:52:27 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Mon, 01 Jun 2020 22:52:27 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
integrator.js
adservice.google.de/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sur.ly
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sur.ly
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/ 		218 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83908
x-xss-protection
0
server
cafe
etag
18422230976395592926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jun 2020 22:52:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/ Frame 0618 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200526/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sur.ly/i/login.ajera.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 26 May 2020 23:47:48 GMT
expires
Tue, 09 Jun 2020 23:47:48 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
515079
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Clou...
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Clo...
35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=712394338&gjid=1697477801&cid=807968707.1591051947&tid=UA-37202582-1&_gid=256606255.1591051947&_r=1&cd1=domain&z=1651604220
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jun 2020 22:52:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=462521418&t=pageview&_s=1&dl=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ul=en-us&de=UTF-8&dt=login.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=712394338&gjid=1697477801&cid=807968707.1591051947&tid=UA-37202582-1&_gid=256606255.1591051947&_r=1&cd1=domain&z=1651604220
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame FBD0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&h=90&slotname=4478561455&adk=4142691258&adf=4207102462&w=970&lmt=1591051947&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947376&bpp=20&bdt=88&idt=76&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1221179708104&frm=20&pv=2&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=2090&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HYX4DLwH2P&p=http%3A//sur.ly&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6229621628186488&output=html&h=90&slotname=4478561455&adk=4142691258&adf=4207102462&w=970&lmt=1591051947&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947376&bpp=20&bdt=88&idt=76&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1221179708104&frm=20&pv=2&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=2090&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HYX4DLwH2P&p=http%3A//sur.ly&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sur.ly/i/login.ajera.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Jun 2020 22:52:28 GMT
server
cafe
content-length
13625
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 01-Jun-2020 23:07:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jun 2020 22:52:28 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1590752365362815"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27673
x-xss-protection
0
expires
Mon, 01 Jun 2020 22:52:27 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 64B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&h=600&slotname=5099862656&adk=2754771741&adf=2453001854&w=300&lmt=1591051947&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947396&bpp=3&bdt=108&idt=82&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=230uV4y9o5&p=http%3A//sur.ly&dtd=87
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6229621628186488&output=html&h=600&slotname=5099862656&adk=2754771741&adf=2453001854&w=300&lmt=1591051947&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&flash=0&wgl=1&adsid=NT&dt=1591051947396&bpp=3&bdt=108&idt=82&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=980&ady=568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=230uV4y9o5&p=http%3A//sur.ly&dtd=87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sur.ly/i/login.ajera.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Jun 2020 22:52:27 GMT
server
cafe
content-length
21926
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 01-Jun-2020 23:07:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jun 2020 22:52:27 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D529 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229621628186488&output=html&adk=1812271804&adf=3025194257&lmt=1591051947&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591051947399&bpp=1&bdt=111&idt=87&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x600&nras=1&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6229621628186488&output=html&adk=1812271804&adf=3025194257&lmt=1591051947&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591051947399&bpp=1&bdt=111&idt=87&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x600&nras=1&correlator=1221179708104&frm=20&pv=1&ga_vid=807968707.1591051947&ga_sid=1591051947&ga_hid=462521418&ga_fc=0&iag=0&icsg=10282&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2217521411788823&pem=230&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sur.ly/i/login.ajera.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 01 Jun 2020 22:52:27 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 01-Jun-2020 23:07:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jun 2020 22:52:27 GMT
cache-control
private
1
mc.yandex.ru/watch/29271320/
Redirect Chain
  • https://mc.yandex.ru/watch/29271320?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowAds...
  • https://mc.yandex.ru/watch/29271320/1?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowA...
257 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/29271320/1?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowAds%22%3A%221%22%2C%22has_keywords%22%3A%220%22%7D&browser-info=ti%3A10%3Ans%3A1591051947038%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602005227%3Aet%3A1591051948%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A443288179409%3Arqn%3A1%3Arn%3A320453405%3Ahid%3A54369379%3Ads%3A7%2C12%2C229%2C12%2C0%2C0%2C0%2C73%2C0%2C%2C%2C%2C323%3Afp%3A315%3Awn%3A22547%3Ahl%3A2%3Agdpr%3A14%3Av%3A1866%3Arqnl%3A1%3Ast%3A1591051948%3Au%3A1591051948393375974%3At%3Alogin.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
95f61a1e3a958e570fe76f09675ea28dc9365ce16bf997b59b6f372af406dbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Jun 2020 22:52:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01-Jun-2020 22:52:27 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://sur.ly
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
257
X-XSS-Protection
1; mode=block
Expires
Mon, 01-Jun-2020 22:52:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Jun 2020 22:52:27 GMT
Last-Modified
Mon, 01-Jun-2020 22:52:27 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://sur.ly
Strict-Transport-Security
max-age=31536000
Location
/watch/29271320/1?wmode=7&page-url=http%3A%2F%2Fsur.ly%2Fi%2Flogin.ajera.com%2F&charset=utf-8&site-info=%7B%22urltype%22%3A%22domain%22%2C%22type%22%3A%22desktop%22%2C%22isShowAds%22%3A%221%22%2C%22has_keywords%22%3A%220%22%7D&browser-info=ti%3A10%3Ans%3A1591051947038%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602005227%3Aet%3A1591051948%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A443288179409%3Arqn%3A1%3Arn%3A320453405%3Ahid%3A54369379%3Ads%3A7%2C12%2C229%2C12%2C0%2C0%2C0%2C73%2C0%2C%2C%2C%2C323%3Afp%3A315%3Awn%3A22547%3Ahl%3A2%3Agdpr%3A14%3Av%3A1866%3Arqnl%3A1%3Ast%3A1591051948%3Au%3A1591051948393375974%3At%3Alogin.ajera.com%20-%20Ajera%20-%20Deltek%20Cloud%20-%20Login%20Ajera
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 01-Jun-2020 22:52:27 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Jun 2020 22:52:27 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 01 Jun 2020 23:52:27 GMT
nr-1169.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1169.min.js
Requested by
Host: sur.ly
URL: http://sur.ly/i/login.ajera.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 22:52:28 GMT
content-encoding
gzip
x-amz-request-id
0F29A27F753E1AFD
x-cache
HIT
status
200
content-length
10276
x-amz-id-2
RTyRtbPoVluljTtYOi1PDmzXZ0EgpPGsJyhbvz8bvk6ESiFaefFHrKBOySEZQ3f3qaja+cszoxA=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 20 May 2020 21:16:15 GMT
server
AmazonS3
x-timer
S1591051948.390394,VS0,VE0
etag
"7e312620a90879b595db1bff9c42ed57"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4419
adsenhit
sur.ly/notify/ 		16 B
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sur.ly/notify/adsenhit?domain=login.ajera.com&is_ads_hidden=0&viewport_height=1200&ads_top_coord=568&device=1&r=35434
Protocol
HTTP/1.1
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Jun 2020 22:52:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.14.1
Connection
keep-alive
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200526&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da61960e22637277539f7bdd1161cb3dd7942e574f0722cd8bd6e0271dafe469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Jun 2020 22:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Jun 2020 22:52:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Mon, 01 Jun 2020 22:52:28 GMT
aaec216529
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/aaec216529?a=4104753&v=1169.7b094c0&to=MVABY0dQWkJVVkZZXggaIEJGRVtcG3ZdXkUUWg9bUENrYVVbV1wLXFEMWlRYWmFVUlc%3D&rst=1372&ck=1&ref=http://sur.ly/i/login.ajera.com/&ap=40&be=256&fe=1298&dc=324&perf=%7B%22timing%22:%7B%22of%22:1591051947038,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:7,%22c%22:7,%22ce%22:19,%22rq%22:19,%22rp%22:248,%22rpe%22:260,%22dl%22:250,%22di%22:323,%22ds%22:323,%22de%22:323,%22dc%22:1297,%22l%22:1297,%22le%22:1300%7D,%22navigation%22:%7B%7D%7D&fp=314&fcp=314&at=HRcWFQ9KSR0WVBAKShtI&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 1ADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sur.ly/i/login.ajera.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sur.ly/i/login.ajera.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Mon, 01 Jun 2020 22:39:34 GMT
expires
Tue, 01 Jun 2021 22:39:34 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
774
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200526&jk=2217521411788823&bg=!dXaldm5YBNik3Ub9ymoCAAAAUFIAAAATmQFt7MHhLDG4s6cUAxnVbBMvBzRvIzXN30hhPwmC4LouKsl_Zd-nkRPobZ41cp8LjKT_ZT-yMKPVjMohvDcSdoSf76iTMtgFRJ3UhK0mIPYEkfX7-g_bp4e5hJHWs_Qybuog0_pBuh-lMNBnBS6u3kE1haveN12wvyVhVLGxNX06ZmUIZ6mpv3wDa0jFI3euk3bju0pXBO3tRMRQwCcBRTZ2P5mOCtOM2I8HH4pzNVI1HR9xyTK8SdCKnyJtFjSm33jiCE9YbWo5gpMz4Vl_zcuH754TgZ4E24EzdvGiZ0up0KgK90SDLYcbMNhXbNZQV3Eg_nvn5ckC0XDy0uYZt6ercQeRWvmJkjF_fip00u_lWjFjoQ6LQ-nibVPGuZSdDjF1fuEmBlNQswukyNkUMJbLGmgxsa41jkPK4hdobQNWmkrYLxFk-pzS6tKxD2oYRMVBHSnX9Cc5rAEyokopP34dUArplZsZxlN6Lg-xoZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jun 2020 22:52:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aaec216529
bam.nr-data.net/events/1/ 		24 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/aaec216529?a=4104753&v=1169.7b094c0&to=MVABY0dQWkJVVkZZXggaIEJGRVtcG3ZdXkUUWg9bUENrYVVbV1wLXFEMWlRYWmFVUlc%3D&rst=11372&ck=1&ref=http://sur.ly/i/login.ajera.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
http://sur.ly/i/login.ajera.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
http://sur.ly
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require function| searchForm object| adsbygoogle number| adsEnabled number| isShowAds string| domain number| device function| visible string| dimensionValue string| GoogleAnalyticsObject function| ga object| yaParams object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Ya object| yaCounter29271320 object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.sur.ly/ Name: _ym_visorc_29271320
Value: b
.sur.ly/ Name: _ym_isad
Value: 2
.sur.ly/ Name: _ym_d
Value: 1591051948
.sur.ly/ Name: _ym_uid
Value: 1591051948393375974
.sur.ly/ Name: __cfduid
Value: d726b18e09c50ff9b85ba7b6f4718a04d1591051947
.doubleclick.net/ Name: IDE
Value: AHWqTUkjbjbcjsGQ4Fs-tq85xNjhE4Qx3bsJowAbOYvwJw0GYJOzdfvlK_BpyJBE
.sur.ly/ Name: _gat
Value: 1
.sur.ly/ Name: _gid
Value: GA1.2.256606255.1591051947
.sur.ly/ Name: _ga
Value: GA1.2.807968707.1591051947

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bam.nr-data.net
cdn.sur.ly
googleads.g.doubleclick.net
img.sur.ly
js-agent.newrelic.com
mc.yandex.ru
pagead2.googlesyndication.com
sur.ly
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
151.101.114.110
162.247.242.18
2606:4700:3030::681c:1a56
2606:4700:3030::681c:1b56
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81b::200e
2a02:6b8::1:119
54.173.41.122
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
2ba4102daac4c95ce8ea040027d3f7935e5f46cd2f0b645fdcbeb992872e2be5
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3c0d4351c573d32db3c47538d9bbab48415feb915621eeb9689af588d16bf2f6
4ac836d19ba59b13f74176339bbb73a752844e528a338bd9340c945d2f2895c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61ea473c30cf55faf18a43f854a80f5ef164eac91dbd945edfd896ce96dda3d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
944cd018f5c0b3cd9f640b891c5421723efa196728aa86d8dedb9a741a412079
95f61a1e3a958e570fe76f09675ea28dc9365ce16bf997b59b6f372af406dbd7
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
add6c3026ceeda68a2bd3019ec2de86f2c18e7c43cd08c5d873361def95937b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dab18f741bc75e5623c5ba21a023f160dca37b29219caf08daf5c34f167ef3
b8040d177c3f749c610c9c523bd03160afb95e505d64976ca40d92551aa88ffa
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
d1a3f6a079afdd220172c80ac13990522850d7a4678a04ace50a6cd212426d2a
d376bb26b43006a4f51a9c72e9bfb9637a1850128f90ce3dba878f41fb48d98a
d8d6d8215d49d6a9bc5a86a29c919a3eda9af426d2ab87424ba95a27b007a4a2
da61960e22637277539f7bdd1161cb3dd7942e574f0722cd8bd6e0271dafe469
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ea464e20b6f962f4950e09b9f2683cd92939e84e3597daa449be364e94e623
e92abd459956c0d3e7c4d1c1cbb7337526c5b56f5779c4732d3b3aabc636c73b
f64aa4781a6aa35dfeb9b76c89c40d57d9d62f6ad01c0bc7144a2d129ce36dfe
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408