urlscan.io logo urlscan.io
SecurityTrails logo

bitly.ws Open in urlscan Pro
185.11.100.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bitly.ws/3f2B
Effective URL: https://bitly.ws/
Submission: On March 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 14 domains to perform 99 HTTP transactions. The main IP is 185.11.100.204, located in Poland and belongs to CF-KRK, PL. The main domain is bitly.ws. The Cisco Umbrella rank of the primary domain is 209935.
TLS certificate: Issued by R3 on February 18th 2024. Valid for: 3 months.
This is the only time bitly.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 185.11.100.204 29522 (CF-KRK)
13 172.253.115.156 15169 (GOOGLE)
1 172.253.62.97 15169 (GOOGLE)
14 172.253.63.101 15169 (GOOGLE)
1 192.229.210.155 15133 (EDGECAST)
1 142.251.167.113 15169 (GOOGLE)
10 172.253.122.155 15169 (GOOGLE)
12 172.253.63.132 15169 (GOOGLE)
1 74.119.119.65 19750 (AS-CRITEO)
7 74.119.119.131 19750 (AS-CRITEO)
1 74.119.119.147 19750 (AS-CRITEO)
2 74.119.119.80 19750 (AS-CRITEO)
2 74.119.119.149 19750 (AS-CRITEO)
2 172.253.122.95 15169 (GOOGLE)
3 172.253.63.94 15169 (GOOGLE)
1 74.119.118.147 19750 (AS-CRITEO)
2 142.251.167.95 15169 (GOOGLE)
8 216.239.32.3 15169 (GOOGLE)
2 142.251.167.94 15169 (GOOGLE)
1 18.160.41.107 16509 (AMAZON-02)
1 3.162.3.85 16509 (AMAZON-02)
1 18.67.65.47 16509 (AMAZON-02)
1 172.253.115.104 15169 (GOOGLE)
2 3.230.77.233 14618 (AMAZON-AES)
1 13.225.195.70 16509 (AMAZON-02)
99 26
10    185.11.100.204 (Poland)

ASN29522 (CF-KRK, PL)
PTR: v5103.vps.ogicom.net
bitly.ws
13    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
pagead2.googlesyndication.com
1    172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net
www.googletagmanager.com
14    172.253.63.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f101.1e100.net
fundingchoicesmessages.google.com
1    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
1    142.251.167.113 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f113.1e100.net
www.google-analytics.com
10    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
googleads.g.doubleclick.net
12    172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net
tpc.googlesyndication.com
1    74.119.119.65 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
7    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    74.119.119.80 (United States)

ASN19750 (AS-CRITEO, US)
imageproxy.us.criteo.net
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
3    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
1    74.119.118.147 (United States)

ASN19750 (AS-CRITEO, US)
rtb.da.us.criteo.com
2    142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
imasdk.googleapis.com
8    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
fonts.gstatic.com
1    18.160.41.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-107.iad55.r.cloudfront.net
creatives.smadex.com
1    3.162.3.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-85.yul62.r.cloudfront.net
static-content-1.smadex.com
1    18.67.65.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-47.iad89.r.cloudfront.net
d3jdaktv9qp9iu.cloudfront.net
1    172.253.115.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f104.1e100.net
www.google.com
2    3.230.77.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-77-233.compute-1.amazonaws.com
va-trk.smadex.com
br-trk.smadex.com
1    13.225.195.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-70.yul62.r.cloudfront.net
impression.appsflyer.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
491 KB
15 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
www.google.com — Cisco Umbrella Rank: 2
133 KB
13 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
39 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 694
imageproxy.us.criteo.net — Cisco Umbrella Rank: 3249
csm.us.criteo.net — Cisco Umbrella Rank: 3386
65 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
86 KB
10 bitly.ws
bitly.ws — Cisco Umbrella Rank: 209935
27 KB
4 smadex.com
creatives.smadex.com — Cisco Umbrella Rank: 6141 Failed
static-content-1.smadex.com — Cisco Umbrella Rank: 6707
va-trk.smadex.com — Cisco Umbrella Rank: 36159
br-trk.smadex.com — Cisco Umbrella Rank: 6914
20 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
imasdk.googleapis.com — Cisco Umbrella Rank: 497
135 KB
3 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 3256
cat.va.us.criteo.com — Cisco Umbrella Rank: 3312
rtb.da.us.criteo.com — Cisco Umbrella Rank: 9517
47 KB
1 appsflyer.com
impression.appsflyer.com — Cisco Umbrella Rank: 2440
322 B
1 cloudfront.net
d3jdaktv9qp9iu.cloudfront.net
3 MB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
249 B
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2629
441 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
81 KB
99 14
Domain Requested by
14 fundingchoicesmessages.google.com bitly.ws
pagead2.googlesyndication.com
13 pagead2.googlesyndication.com bitly.ws
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
bitly.ws
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
bitly.ws
10 bitly.ws 2 redirects bitly.ws
8 csi.gstatic.com imasdk.googleapis.com
7 static.criteo.net ads.us.criteo.com
3 www.gstatic.com bitly.ws
googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com bitly.ws
googleads.g.doubleclick.net
2 csm.us.criteo.net ads.us.criteo.com
2 imageproxy.us.criteo.net ads.us.criteo.com
1 impression.appsflyer.com
1 br-trk.smadex.com
1 va-trk.smadex.com
1 www.google.com tpc.googlesyndication.com
1 d3jdaktv9qp9iu.cloudfront.net
1 static-content-1.smadex.com
1 creatives.smadex.com imasdk.googleapis.com
1 rtb.da.us.criteo.com googleads.g.doubleclick.net
1 cat.va.us.criteo.com ads.us.criteo.com
1 ads.us.criteo.com googleads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 www.paypalobjects.com bitly.ws
1 www.googletagmanager.com bitly.ws
99 26

This site contains links to these domains. Also see Links.

Domain
xy2.eu
tinyurl.mobi
www.buymeacoffee.com
buy.stripe.com
Subject Issuer Validity Valid
bitly.ws
R3		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-31 -
2024-05-01		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-29 -
2024-05-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.da.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-14 -
2024-04-11		 3 months crt.sh
*.smadex.com
Amazon RSA 2048 M02		 2023-10-17 -
2024-11-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.appsflyer.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-03		 a year crt.sh

This page contains 11 frames:

Primary Page: https://bitly.ws/
Frame ID: B84BC6CC93AF7A65130BAA7583BEFE5D
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1710521393&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393423&bpp=7&bdt=275&idt=325&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4737411356488&frm=20&pv=2&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=347
Frame ID: 451E9D56C8FE67F93BBFDF5210CB1F61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Frame ID: B37B420020AD8B29DE44D273002CB36A
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Frame ID: 3FFCFB20DF8953258C8B3AE2D4480A63
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=3116027668&pi=t.aa~a.1182920990~rp.3&daaos=1710492803556&w=1200&fwrn=4&fwrnh=100&lmt=1710521394&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521394670&bpp=1&bdt=1522&idt=1&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76e92710c538f182%3AT%3D1710521393%3ART%3D1710521393%3AS%3DALNI_MZgY1p863q1trsWUPRyXDMmQSIIoA&gpic=UID%3D00000dd2bb2cd16c%3AT%3D1710521393%3ART%3D1710521393%3AS%3DALNI_MYK_RfFJkmBE5VSC-3cfgK2uhM2pw&eo_id_str=ID%3Deb7836ef8cd2012d%3AT%3D1710521393%3ART%3D1710521393%3AS%3DAA-AfjZSqB79lfcolnG_PdI4PowS&prev_fmts=0x0%2C1200x200&nras=2&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&psts=AOrYGslDbspvww2IoKqMV3ym_6R08SDWSD22Mq50Kg-ILi5lJkJz7rBFSM0exPAaQe0XRSEbKiIn2muYg2pBkg&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 39578622FDDD4439FF32E456043FE26A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: FF43573457A2E5A92645B9E3A469D285
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: A3C2BBEAC37C93FAE0F7FA6936EAB3CE
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 1C71B42F316AA8A5D76C06D05878CA88
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js
Frame ID: 91444F7933B92A9F375AF7E9D4DD1D65
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27437C1990E4B67D1F734416400C8D14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BB456F0BDA2EE640F95296D7756ECC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitly | URL Shortener

Page URL History Show full URLs

  1. https://bitly.ws/3f2B HTTP 301
    https://bitly.ws/?redirect=3f2B HTTP 302
    https://bitly.ws/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

99
Requests

99 %
HTTPS

0 %
IPv6

14
Domains

26
Subdomains

26
IPs

2
Countries

4223 kB
Transfer

6177 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bitly.ws/3f2B HTTP 301
    https://bitly.ws/?redirect=3f2B HTTP 302
    https://bitly.ws/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bitly.ws/
Redirect Chain
  • https://bitly.ws/3f2B
  • https://bitly.ws/?redirect=3f2B
  • https://bitly.ws/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache / PHP/5.5.38
Resource Hash
de3baa8de2e1c0289660e968810ba929476dd8e3d24bc308719bd596c4daf363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html
date
Fri, 15 Mar 2024 16:49:53 GMT
expires
Fri, 15 Mar 2024 16:49:53 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/5.5.38

Redirect headers

cache-control
max-age=0
content-type
text/html
date
Fri, 15 Mar 2024 16:49:52 GMT
expires
Fri, 15 Mar 2024 16:49:52 GMT
location
/
server
Apache
x-powered-by
PHP/5.5.38
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9bd709978c361d9b36f3f1c689379a4962ddfcc7b65aa679f4df109f9fc81433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50810
x-xss-protection
0
server
cafe
etag
9090265569010922295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 15 Mar 2024 16:49:53 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8Q1W6PKNCX
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6952d4dd25999e7313e65f627eced8ffa5588d2c79b3acb5f17075b726e54aac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Mar 2024 16:49:53 GMT
pub-2614556310778759
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-2614556310778759?ers=1
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
50fd283a5deb324b3057094dfbd0b423107b48d70c18f10c25f4fa5e70767a76
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-2UKvqHD2XkaUb-rgys9Puw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-security-policy
script-src 'nonce-2UKvqHD2XkaUb-rgys9Puw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj44-L69kEHry_0MUIAFRnLXs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
style.css
bitly.ws/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitly.ws/css/style.css
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
b11dc47889de3326bebc34326b08c225799df4a275b28db686c6e3482b3f4bd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 14:06:38 GMT
server
Apache
etag
"2a1c-60d7e4eba09c9-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
2516
expires
Fri, 15 Mar 2024 16:49:53 GMT
adframe.js
bitly.ws/js/ 		16 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bitly.ws/js/adframe.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Sat, 30 Dec 2017 21:02:30 GMT
server
Apache
etag
"10-5619511402320"
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
16
expires
Fri, 15 Mar 2024 16:49:53 GMT
paypal.jpg
bitly.ws/gfx/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.ws/gfx/paypal.jpg
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Tue, 02 Jan 2018 13:00:56 GMT
server
Apache
etag
"2204-561cab086d14b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8708
expires
Sat, 15 Mar 2025 16:49:53 GMT
paypal.png
bitly.ws/gfx/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.ws/gfx/paypal.png
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Tue, 02 Jan 2018 13:00:54 GMT
server
Apache
etag
"158c-561cab06562ce"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5516
expires
Sat, 15 Mar 2025 16:49:53 GMT
pixel.gif
www.paypalobjects.com/pl_PL/i/scr/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chf/16D4) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
3ddeb05243326
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:41 GMT
server
ECAcc (chf/16D4)
traceparent
00-00000000000000000003ddeb05243326-c0390848ad1539d2-01
etag
"5d5637c5-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 15 Mar 2024 17:49:53 GMT
bmac.png
bitly.ws/gfx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.ws/gfx/bmac.png
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
54339f1c8cb089c05773b2b18fd5da6e702956decbf7dea6ef0348a64203c657

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Sat, 19 Aug 2023 15:45:47 GMT
server
Apache
etag
"c86-6034889f203e4"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3206
expires
Sat, 15 Mar 2025 16:49:53 GMT
stripe.png
bitly.ws/gfx/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.ws/gfx/stripe.png
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
b8214bd5cbd9197f329d1df98d908dc7a1cd38c28e8010b92e49b3f35dd9986a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Sat, 19 Aug 2023 15:45:50 GMT
server
Apache
etag
"54f-603488a24201d"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1359
expires
Sat, 15 Mar 2025 16:49:53 GMT
bitly-chart.png
bitly.ws/gfx/ 		210 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitly.ws/gfx/bitly-chart.png
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS
v5103.vps.ogicom.net
Software
Apache /
Resource Hash
c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
last-modified
Tue, 02 Jan 2018 13:00:56 GMT
server
Apache
etag
"d2-561cab088ec59"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
210
expires
Sat, 15 Mar 2025 16:49:53 GMT
collect
www.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8Q1W6PKNCX&gtm=45je43d0v9119634474za200&_p=1710521393171&gcd=13l3l3l3l1&npa=0&dma=0&cid=1716613130.1710521393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710521393&sct=1&seg=0&dl=https%3A%2F%2Fbitly.ws%2F&dt=Bitly%20%7C%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=882
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Q1W6PKNCX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bitly.ws
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxX0zS5I3lJ1VnZxy6Y171EyhPNcdIwuviDPMvKZnB9mgq1KePCozzvCP6B6VaTtQZI-60la2FSPsDZyksmFI7zo8W4NE-lv_UHoM-0JdEWoYsPQkmbK0aZZY75ny1yE2LQlCnkXvw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX0zS5I3lJ1VnZxy6Y171EyhPNcdIwuviDPMvKZnB9mgq1KePCozzvCP6B6VaTtQZI-60la2FSPsDZyksmFI7zo8W4NE-lv_UHoM-0JdEWoYsPQkmbK0aZZY75ny1yE2LQlCnkXvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNTIxMzkzLDM4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iaXRseS53cy8iLG51bGwsW1s4LCJnREp3cEd2TkFkRSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
a2b5c9eb8f373d8b4d1d5ea03ab657311732a908a0f8cc9e72922ca675b233dd
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-tktaDh_XYYrWDzu-__It4A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-security-policy
script-src 'nonce-tktaDh_XYYrWDzu-__It4A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44D45ILzrBeBWIiHY-OPi-vZBBZM7jvLCAB6PTHy"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
f48d5807b4a98e3412650fcde60cdfe64cc058c99b07a68650c13987692f0b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140963
x-xss-protection
0
server
cafe
etag
16673226874405011165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 16:49:53 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 451E 		265 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1710521393&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393423&bpp=7&bdt=275&idt=325&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4737411356488&frm=20&pv=2&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
c891951bade1ecf8d5cbc25f708f38c773960272a01a56738fd830e97dc89342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
63807
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 16:49:54 GMT
expires
Fri, 15 Mar 2024 16:49:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B37B 		32 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
212a4402c57f9bd169d26d882f83bdb90021c5494ce425852ced054723d85ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14556
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 16:49:54 GMT
expires
Fri, 15 Mar 2024 16:49:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
oas_handler.
fundingchoicesmessages.google.com/f/AGSKWxVxhMP58tOpD-9PZUMDlbZMMwgZDwvH286YGMx3vQPvWneqzjs9dB01k8NuvbfgzKB_1ipkEtNRs2gznD9cawBXJvtKkZ6j6GQFPaRUD24EOkreGaLYlKk30EtHrVProFXaN2751U81xqR79MKVqhXkEFks2... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVxhMP58tOpD-9PZUMDlbZMMwgZDwvH286YGMx3vQPvWneqzjs9dB01k8NuvbfgzKB_1ipkEtNRs2gznD9cawBXJvtKkZ6j6GQFPaRUD24EOkreGaLYlKk30EtHrVProFXaN2751U81xqR79MKVqhXkEFks28Xo1Yc0j17qclDCUVMk0flsBxaOPPuY/_/sample300x250ad./adclient-_UIM-Ads_.ad.wrapper./oas_handler.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-w4rnPPWqoXd1B9wiZShrBjBPDQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
a124edef602d94215dacc5e4713fe04065cca9de1eea56acc4865040a45e66c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-YGsFn7G_0_38yiYfBvjYlw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-YGsFn7G_0_38yiYfBvjYlw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44D45ILzrBeBWIibY9OPi-vZBCa8uGcPAEaAMfI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-w4rnPPWqoXd1B9wiZShrBjBPDQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11523
x-xss-protection
0
server
cafe
etag
916572542668392311
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:15:04 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-ULhVWMWMln9b5Jm8wMFxIw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-ULhVWMWMln9b5Jm8wMFxIw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIm2PTj4vr2QRurFuVBAC9rQxp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bitly.ws
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-V0XO_dMzABzPps1gANwKVw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-V0XO_dMzABzPps1gANwKVw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIm2PTj4vr2QQWvOhPAgC9yQxU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bitly.ws
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-AWRmvg6yRmMsK3I7J1dLOA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
script-src 'nonce-AWRmvg6yRmMsK3I7J1dLOA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIm2PTj4vr2QRWXPmWBAC-ewyv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bitly.ws
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-xoHR1UeNbuC3XANS5LKGQQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
script-src 'nonce-xoHR1UeNbuC3XANS5LKGQQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIm2PTj4vr2QRmXL-dBAC9aQyC"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bitly.ws
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWD-n21ndLoaoc_GKGUUzNGSYPp8TcVSOx11GIO6aUf40Hfxlh36skZ75BeMx6xYhs0gltwka_v7OIeXdFHn6fzLnjZvQwAyAdDvznDdxfjJ7L0Td-56JXDfEC4IaTEvGEq4CbfiA==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWD-n21ndLoaoc_GKGUUzNGSYPp8TcVSOx11GIO6aUf40Hfxlh36skZ75BeMx6xYhs0gltwka_v7OIeXdFHn6fzLnjZvQwAyAdDvznDdxfjJ7L0Td-56JXDfEC4IaTEvGEq4CbfiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNTIxMzk0LDE2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiZ0RKd3BHdk5BZEUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
a25eb162181c7e608cf0316121f585d91bdeb671aa06d513f063dff2020d3538
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-XI1hUJBDCZw0VIZI8Jp5BQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-XI1hUJBDCZw0VIZI8Jp5BQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtj04-L69kEXjzfGwcAJqAtOw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXBto_4gWuR6D971Fp2yZsUHqtIYVfOG8FDz6XSDqiQenf5pclkihzUasNPR2PPYR7umEAy0A9gCasb_0KBNIyTI9esApuNnw5sF3Ecj4_89R9x65BS3pV5WLVJAFmgV37Lp9aUKA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXBto_4gWuR6D971Fp2yZsUHqtIYVfOG8FDz6XSDqiQenf5pclkihzUasNPR2PPYR7umEAy0A9gCasb_0KBNIyTI9esApuNnw5sF3Ecj4_89R9x65BS3pV5WLVJAFmgV37Lp9aUKA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNTIxMzk0LDIyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiZ0RKd3BHdk5BZEUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
3467c60b8405a183293cb74a539c20f53926585136659ad18e2f28e187d262a5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-ZZERGXwh8uW-DwpVdmxmlQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-ZZERGXwh8uW-DwpVdmxmlQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtj04-L69kEDixoqQcAKV0svw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVOE0a9eut6wSG-HHZOan0OM4xWhbFIoHDpybRAGnXN698rZC-BuVGHoqgInb7g0ULT-IkfBfqA-VrLXsRskezDAVFJpqXCwwjlVmceNomDXOOQOY3JugWe3bVxlvHHfMmop6PdpA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVOE0a9eut6wSG-HHZOan0OM4xWhbFIoHDpybRAGnXN698rZC-BuVGHoqgInb7g0ULT-IkfBfqA-VrLXsRskezDAVFJpqXCwwjlVmceNomDXOOQOY3JugWe3bVxlvHHfMmop6PdpA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNTIxMzk0LDI5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iaXRseS53cy8iLG51bGwsW1s4LCJnREp3cEd2TkFkRSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
0c45c56ece293f055ed69d3ea7ff26b7b026355db96806dc17876f47fc402352
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-LeNySA0kgZg1M3o4B5-5WQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-LeNySA0kgZg1M3o4B5-5WQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj04-L69kEDmx4P58RAFLzLVA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXkvJA6sophuLeH3YGeDi2mMrmvQSW_-4i_f3BucnXpWy1qCo0Kw9pJv2UjXwkasCsycrnQ3uzl2l8m4G0aZe2z2IcAensiCagPBjLc3F0CbrMif9H-wp31q4H66rlpQuq_6e4YQA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXkvJA6sophuLeH3YGeDi2mMrmvQSW_-4i_f3BucnXpWy1qCo0Kw9pJv2UjXwkasCsycrnQ3uzl2l8m4G0aZe2z2IcAensiCagPBjLc3F0CbrMif9H-wp31q4H66rlpQuq_6e4YQA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-KTEQvRq_Gl6Wj0PslTUjgQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
script-src 'nonce-KTEQvRq_Gl6Wj0PslTUjgQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh2PTj4vr2QQadq7dzQgAx1UMaw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bitly.ws
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame B37B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
13985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:56:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame B37B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
15131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:37:43 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 3FFC 		132 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ac0f2025f72e1ab7b2fa3ecc5c71dd16660722f5a19447443ad2f42d4b90531e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 16:49:54 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=X_KzpY7HyecIv6SsApTtSXZA4OyDY1TKf9cBUHhioYkXjMpzx8Dec7cj5U7VpQheSou_Q_L6l9KRf3oBhqKtt_vBX95ZGn4FvVkIM1BeKu0CDcuBqhrnBZEMn440QwKAoRRp-zEpZiz1vBDv4suHD4qAWkwUcPonnzviAu-BKZrU_oA3pUFGZSLFHFbMDQKJr1e086rp-Y1ES-WHEvhmv1dL9rICpeVAxb0bBgvT9fZD6TlTTnho0KUP5cwi9eMj1ZuO0g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59653168
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B37B 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:31:12 GMT
truncated
/ Frame B37B 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d6848dfb9438e299c0d15289aa54d2b14d8bbeece2a5ede0f2b91ed2bc29339

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3FFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Mar 2025 16:49:54 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3FFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Mar 2025 16:49:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3FFC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 10 Mar 2025 16:49:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3FFC 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 10 Mar 2025 16:49:54 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 3FFC 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Wa6OgZCHUMsbDkD1x9csKeiWr9O522u15HdlFTLSjbaoVsKB8iOCiiI8L55Gid1gII2_0Mnq5zLn-lgl9eW8Nq74-IYHJEyP5ama7UAv82DCxbKsdmVZsMypK7OAbj3yJ7N_qaxqTaEBx5Y5At1OjofTyn7Y2-PiLxINAuhmUXlaE3wGyVVcx1XfCMkLpPZ39YFQHbg73aQs4PkINAnB00kzJxCDnkqyTIYsMGJOkZM0CHY4gg3B32qMcvgMI7Je8yY3Wfu03tgMcn-iIuOuG9ySFKX7Lkh2XIEmIwUHbp6COPSFFY8GWmT403zB49zhWO527sM--WhN_nl3Eg2XjFDvH8h0kF-TLkcwblFAb1oSjuzIxINJobTaInoADuueVCcQJx3_Vt_nDIBgOIoYfgkBop0qzGWxFRexIPVVwfAJYZg7BHOSC6j5iviCvoWm9fISaw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2778080
expires
Mon, 26 Jul 1997 05:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
027ab445608ff16d29e54b18f6a4e754206f24d8fb2ea5fa7b6290a6a605a1fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57253
x-xss-protection
0
server
cafe
etag
7770209654509835462
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 16:49:54 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-_gXU9L-aSaw7nHISAZTPeg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
script-src 'nonce-_gXU9L-aSaw7nHISAZTPeg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1hDgFiIh2PTj4vr2QQWrNuxkwkAyJEMjw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bitly.ws
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWU4YE3iQItVgyskeariVEaIRX719ML-pNf511cKHBobE7YXM6o6b8-1HZbVD-Avyu5rQPCFeO8-tWWckckHTuVREfBo4nzuapHTsPtzSKExObZ8DS9xyGqCfVVO0XqhT2pPz0aEA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMzdvPrPXCeeMxH4E3Fx-A4QREuOow/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-4KYl7VsUrQ_OF6pvlD4n-g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-4KYl7VsUrQ_OF6pvlD4n-g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1hDgFiIh2PTj4vr2QQ-nL67kwkAysANHw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bitly.ws
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ca-pub-2614556310778759
fundingchoicesmessages.google.com/i/ 		183 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
ESF /
Resource Hash
e15ba73758a04d215cc382424ae20b9c5b95f6e32d588bce0fce08b1a30594e6
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-5AQF60shDtFWl7RcBCVKGg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-security-policy
script-src 'nonce-5AQF60shDtFWl7RcBCVKGg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj04-L69kETjy5sY8JAFc1LZ0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3FFC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Mar 2025 16:49:54 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3957 		436 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=3116027668&pi=t.aa~a.1182920990~rp.3&daaos=1710492803556&w=1200&fwrn=4&fwrnh=100&lmt=1710521394&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521394670&bpp=1&bdt=1522&idt=1&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D76e92710c538f182%3AT%3D1710521393%3ART%3D1710521393%3AS%3DALNI_MZgY1p863q1trsWUPRyXDMmQSIIoA&gpic=UID%3D00000dd2bb2cd16c%3AT%3D1710521393%3ART%3D1710521393%3AS%3DALNI_MYK_RfFJkmBE5VSC-3cfgK2uhM2pw&eo_id_str=ID%3Deb7836ef8cd2012d%3AT%3D1710521393%3ART%3D1710521393%3AS%3DAA-AfjZSqB79lfcolnG_PdI4PowS&prev_fmts=0x0%2C1200x200&nras=2&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&psts=AOrYGslDbspvww2IoKqMV3ym_6R08SDWSD22Mq50Kg-ILi5lJkJz7rBFSM0exPAaQe0XRSEbKiIn2muYg2pBkg&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
24714d6533e252ba6d732780a6d5a97b8ba542363c19c90ac88e93149143ada4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 16:49:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.us.criteo.net/img/ Frame 3FFC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=396&m=0&partner=110251&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F110251%2F5319164%2F815275bc7c2a445d81e2ca311511cfd9_9eeceec3-7eaa-4981-9da3-81732ef4a7d4.jpg&v=3&w=196&rid=4&s=-cLjWzLNTPG94FCS35-cdY2-
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b247e9c2baf0fb3756e588a7f1ccb6b2dd35c5c7ed36493c305db648ad66a696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3954
expires
Thu, 06 Mar 2025 17:50:59 GMT
img
imageproxy.us.criteo.net/img/ Frame 3FFC 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=110251&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0604%2F9162%2F8704%2Ffiles%2F4GiraffeToolsGrandfallsPressureWasherPRO.png%3Fv%3D1706610865&v=3&w=800&rid=4&s=WUWRYa5ZIioaCLgvxdHZhDO2&b=1200
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7fab11800b4549af657a5ffe1f66e7a72858ab8b0a8b2374838edf99b96f3e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
49074
expires
Fri, 21 Feb 2025 23:12:00 GMT
all
csm.us.criteo.net/ Frame 3FFC 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=X_KzpY7HyecIv6SsApTtSXZA4OyDY1TKf9cBUHhioYkXjMpzx8Dec7cj5U7VpQheSou_Q_L6l9KRf3oBhqKtt_vBX95ZGn4FvVkIM1BeKu0CDcuBqhrnBZEMn440QwKAoRRp-zEpZiz1vBDv4suHD4qAWkwUcPonnzviAu-BKZrU_oA3pUFGZSLFHFbMDQKJr1e086rp-Y1ES-WHEvhmv1dL9rICpeVAxb0bBgvT9fZD6TlTTnho0KUP5cwi9eMj1ZuO0g&sds=2&rev=91140.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3FFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Mar 2025 16:49:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3FFC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Mar 2025 16:49:54 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame FF43 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

age
75365
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:53:49 GMT
etag
5035419970550746386
expires
Thu, 28 Mar 2024 19:53:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame A3C2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

age
75365
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 19:53:49 GMT
etag
5035419970550746386
expires
Thu, 28 Mar 2024 19:53:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1C71 		6 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
08b1d01987b871819d1c09e50b54292f972e2b27514167555c71f9d29366f88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 15 Mar 2024 16:49:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 1C71 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:34:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 1C71 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
15485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:31:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 1C71 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
13985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:56:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 1C71 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
15131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:37:43 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1C71 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:31:12 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame 1C71 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 12:58:25 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame FF43 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:58:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
13888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6460
x-xss-protection
0
server
cafe
etag
5807243554008179978
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:58:26 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF43 		205 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 15:07:59 GMT
x-content-type-options
nosniff
age
6115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Mar 2025 15:07:59 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF43 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:32:50 GMT
x-content-type-options
nosniff
age
1024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Mar 2025 16:32:50 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame FF43 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
14980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
server
cafe
etag
3566326672948847535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:40:14 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B37B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CL93KMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLEBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKoFfF2H1o7U98z6WiahJxcdU1JyVH6qA4wLqvaOQLNaNC83dO2mgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=X95b0Qk7cAE&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtq8dhCe1dQ21FwmwoqWvca8KKBEBFqy5kyXt3rYRPs-f7vQjHn5QItRz1HBMi9O5cF11wdpemO-J4MsXRMEo6sn0f_0pMw8yhpNxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Mar 2024 16:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.da.us.criteo.com/google/auction/ Frame B37B 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=mOv7GcX5RLAJyAHiIp0XAgAAAI76l97vjlJMEDF89GXKfZ33MXvJN8ArAAASAAAKCkFRVUJEQUVCREF6OoiQpU_26uIgk8CnILl1&wp=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.118.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
168797
server
Kestrel
content-length
0
css
fonts.googleapis.com/ Frame A3C2 		9 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
7a3f9828ea2351588dcc8d8436e36935bbf9e1d1bfdc6c7d839d4bc6840490e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Mar 2024 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 15 Mar 2024 16:49:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame A3C2 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 13 Mar 2024 21:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 10:39:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:11:56 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame A3C2 		375 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
sffe /
Resource Hash
ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 13 Mar 2024 21:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132877
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 10:39:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:11:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame A3C2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 12:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
15131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 12:37:43 GMT
weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js
pagead2.googlesyndication.com/bg/ Frame 9144 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
c1e5247e784f7ec0180c6c053ce839dbbb3498df887d48d0e90c65d536a758c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Mar 2024 16:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
87103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20158
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 16:38:12 GMT
csi
csi.gstatic.com/ Frame A3C2 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ltsw9vh4&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&sei=21062100%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3C2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 13 Mar 2024 09:00:27 GMT
x-content-type-options
nosniff
age
200968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:00:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3C2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 13 Mar 2024 21:03:36 GMT
x-content-type-options
nosniff
age
157579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:03:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CYQN1MXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMByAMCqgS0AU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP6jCqa4CzZvv43fYrj1EPTDxP1SUzheg4S8vFxyiTOmo1uDbAS_3tEWS4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAP6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1710521395110&ai=CYQN1MXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMByAMCqgS0AU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP6jCqa4CzZvv43fYrj1EPTDxP1SUzheg4S8vFxyiTOmo1uDbAS_3tEWS4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAP6CwIIAYAMAdAVAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A3C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ltsw9vhj&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.11n&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A3C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ltsw9vi2&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&dmn=creatives.smadex.com&pth=%252Fr%252F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%252Fe%252F99034%252Fcr%252F3444630%252Fs%252F266445&rbid=simple
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
266445
creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/ Frame A3C2 		0
0
truncated
/ Frame A3C2 		461 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fbfff5b6fbf5bb76aa76a7a98105465abcda7fccd42c81497b6c705fb70b3a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame A3C2 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXtIhMXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMBqgSxAU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP7hCIcqhK6tjSQdZF92Ahdoy-lY9zJwmz1NJ06RKJi4j0MO0d6Nd4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=EXZe2-X5_fw&uach_m=%5BUACH%5D&cid=CAQSTwB7FLtqnwJYOILlA70LRloIbVKmiID-Sy3PpW-HjoB_z5hY9KQRGhF1r6MDYIOHKwCY00jcMWpkcM98o32-BcGYFV-BdbdJxtAKSg-fV38YAQ&vt=10&cbvp=2&vis=1
Requested by
Host: bitly.ws
URL: https://bitly.ws/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
c5378dd39737e23b10e6febc7a0777e586162eebf226f580b7aadf93558f690f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12220
x-xss-protection
0
266445
creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/ Frame A3C2 		14 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/266445?creative_name=jungle_landscape&app_id=5020455596&inventory_domain=bitly.ws&bid_digest=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&async_click_url=https%3A%2F%2Fgeo-tracker.smadex.com%2Fct%3Fq%3D7736c70a619d95295b4ab476b03c256d5b063169a3ff2cd3bec3f3dd9748a281eedf945d03bcb7fa6d7a7e2521fb4d76b41004239ac512dddc765af1f5bffa38671d91e37cf71f855eadcb10ee8438fd26ce81eaec48849afdf8caf7053418426d635e1d2a9b40059978bcee769a0b65892352e3a77a45b281e944cce7459ef9a9e50b7a21b2549359a6c1bf4931806f748e9c4b6547b9a415cbf958135f22e8c687eb7dc833f2c5815bb225c62fe13c0fa478a72720f5bbe8cd127bf11719764d5d51448a2cddca29b50da6b53322b1f6ac2078c90f4298eea039635c7ffdb1201236c94b7cb5436c96819ec51b7755cb9c993183f57ca182eab91f70c1d5a5cb346f3305cbcf161207d0a7ba11610ba1306202b4d45e7803e87bb16e90abe04b053732c22bb2304cedc6f7bbd7b98c19eada8a62604dad7174b55dc8c6266821fa873beffeb13c5a85c387a36df3c524df3903357a7608275af66395c3288768365e2c9f4d15b34c91254968c46568334b12d061aa3f60bf643fafedf7a89d0ce51dad400cf9e6406466b4dae963f1dbeb6eb9d4b56093a8c5b6c98ffbf9bc9d2110656960ca58f2a665a887f9d42b22d8363f68a9129cb3642ca9e88e58621eefdd36038aabae972f2440a440899d9d56c0d74f0cc66fc6b145050d7b10c061ffd571b0de7908cb8b9e997812addbe63d5e9ea6d15743a47b2d721f95bfbb4b2dc2d5da13d3918289c3fe4da52bbd4d208fe714a7ce96bd0db118db6dacd9962fea4537d08f08331a59fc38f415af1ee79cb46f38a144f07ecf1bbba19dffce53c29c7bac2d2b05204ea6bd5502ae1d010a7d011332a49663bbdd92e79b6465f8cdd0599ce815f76f1c79982354ac51f95d8c5f0b289713e64372352b5bbad600d96d11617dbcf9bc44eff7c1e46b273bbb0e805a43bc6233a188cafad842183426d6377405e3e3fc2bcc18cc64788350b2c38ea4d546aeb656f909fa380ff03d6d98eeee5721f7e169666d38320374855840f1ab679cf713d5b7311ed1eee3578d7923b35f5117b083acf0fa422396df593af41a445b01ad89624385679c52f9df7d3a1b59532684a4a99e94058e&app_bundle=&impression_track_url=https%3A%2F%2Fbr-trk.smadex.com%2Fhyperad%2Frtb%2F99034%2Fimpression%2F24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA%2F1%2F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%2FZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg%2Fnotify%3Fcid%3D321154&idfa_raw=&device_os=ios&crid=3444630&campaign_name=jji_tier1en_smadex_tcpa_en_-_geo&click_through_url=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1200391796%3Fmt%3D8&idfa_sha1=&exchange_name=Google&ord=1710521394034&tc=1&bcp[0]=%26af_ad_type%3Dvideo%26af_ad_tran_id%3D0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5&optId=sko-d_vast
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-107.iad55.r.cloudfront.net
Software
/
Resource Hash
930dfc91af9af67b61bd0b3e694d0c43a2d1f865e834d2f2cc256514b290eae6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
via
1.1 b6caa49e59026d07a8e0859900a10572.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
access-control-max-age
10080
x-cache
Miss from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/xml
access-control-allow-credentials
true
access-control-allow-headers
*
x-amz-cf-id
W7ue9P-otV0Cxr-gDA_e2yso5bP1LyFxr3ZOjqXUB_gkO0YWVpVQ_g==
csi
csi.gstatic.com/ Frame A3C2 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ltsw9vi4&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&vast_v=3.0&vmfc=3&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x15&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PolicyButton.png
static-content-1.smadex.com/uploads/Custom-Creatives/Global+Assets/ Frame A3C2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-content-1.smadex.com/uploads/Custom-Creatives/Global+Assets/PolicyButton.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-85.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
383093d5eb91e6966b0b2fff9c7b447a50592c5787375fca883a8cc9d20465c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
V7n8MlodNkw6FLfejrPm.ryau9jnT3aA
date
Fri, 15 Mar 2024 06:29:45 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
last-modified
Mon, 29 Mar 2021 13:04:45 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
37211
etag
"d90915c21a0a19709b8bf7e622908b63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4573
x-amz-cf-id
kgNCxbsTJqZsFKUFy_ftGOI0E8cSBooqui3S8KSGp_SIB67Aw4MfCw==
csi
csi.gstatic.com/ Frame A3C2 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ltsw9vpi&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=500&br=422&mt=video%2Fmp4&vs=640x360&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=1&cnd=209x117.5625&cnctr=1&cnrt=Static&cncth=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1200391796%3Fmt%3D8&met.4=arp_a_e.199~videopreviewvisible.19m&ua_e=1&umsem=0&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aVywC4iDgHLYezlbcoGrxhvn-422-640x360.mp4
d3jdaktv9qp9iu.cloudfront.net/c/12413268/ Frame A3C2 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://d3jdaktv9qp9iu.cloudfront.net/c/12413268/aVywC4iDgHLYezlbcoGrxhvn-422-640x360.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-47.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
6028b3f927433020d4db324c49301c47310089836ac015afe4d564b0483e85a6

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
via
1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
x-amz-meta-transcoded
1
last-modified
Thu, 01 Feb 2024 12:08:22 GMT
server
CloudFront
x-amz-cf-pop
IAD89-P1
age
37241
etag
"063e6c397704653d5cc7e60bff8a65b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-3167872/3167873
x-amz-cf-id
xmXBsdkcOLW3gNU_15EB34kJcv_1ccbWa3Y5bspG0qi2iRVhTWF7eg==
Content-Length
3167873
csi
csi.gstatic.com/ Frame A3C2 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ltsw9vpx&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=500&br=422&mt=video%2Fmp4&vs=640x360&ple=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcreatives.smadex.com%252Fr%252F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%252Fe%252F99034%252Fcr%252F3444630%252Fs%252F266445%253Fcreative_name%253Djungle_landscape%2526app_id%253D5020455596%2526inventory_domain%253Dbitly.ws%2526bid_digest%253D25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390%2526async_click_url%253Dhttps%25253A%25252F%25252Fgeo-tracker.smadex.com%25252Fct%25253Fq%25253D7736c70a619d95295b4ab476b03c256d5b063169a3ff2cd3bec3f3dd9748a281eedf945d03bcb7fa6d7a7e2521fb4d76b41004239ac512dddc765af1f5bffa38671d91e37cf71f855eadcb10ee8438fd26ce81eaec48849afdf8caf7053418426d635e1d2a9b40059978bcee769a0b65892352e3a77a45b281e944cce7459ef9a9e50b7a21b2549359a6c1bf4931806f748e9c4b6547b9a415cbf958135f22e8c687eb7dc833f2c5815bb225c62fe13c0fa478a72720f5bbe8cd127bf11719764d5d51448a2cddca29b50da6b53322b1f6ac2078c90f4298eea039635c7ffdb1201236c94b7cb5436c96819ec51b7755cb9c993183f57ca182eab91f70c1d5a5cb346f3305cbcf161207d0a7ba11610ba1306202b4d45e7803e87bb16e90abe04b053732c22bb2304cedc6f7bbd7b98c19eada8a62604dad7174b55dc8c6266821fa873beffeb13c5a85c387a36df3c524df3903357a7608275af66395c3288768365e2c9f4d15b34c91254968c46568334b12d061aa3f60bf643fafedf7a89d0ce51dad400cf9e6406466b4dae963f1dbeb6eb9d4b56093a8c5b6c98ffbf9bc9d2110656960ca58f2a665a887f9d42b22d8363f68a9129cb3642ca9e88e58621eefdd36038aabae972f2440a440899d9d56c0d74f0cc66fc6b145050d7b10c061ffd571b0de7908cb8b9e997812addbe63d5e9ea6d15743a47b2d721f95bfbb4b2dc2d5da13d3918289c3fe4da52bbd4d208fe714a7ce96bd0db118db6dacd9962fea4537d08f08331a59fc38f415af1ee79cb46f38a144f07ecf1bbba19dffce53c29c7bac2d2b05204ea6bd5502ae1d010a7d011332a49663bbdd92e79b6465f8cdd0599ce815f76f1c79982354ac51f95d8c5f0b289713e64372352b5bbad600d96d11617dbcf9bc44eff7c1e46b273bbb0e805a43bc6233a188cafad842183426d6377405e3e3fc2bcc18cc64788350b2c38ea4d546aeb656f909fa380ff03d6d98eeee5721f7e169666d38320374855840f1ab679cf713d5b7311ed1eee3578d7923b35f5117b083acf0fa422396df593af41a445b01ad89624385679c52f9df7d3a1b59532684a4a99e94058e%2526app_bundle%253D%2526impression_track_url%253Dhttps%25253A%25252F%25252Fbr-trk.smadex.com%25252Fhyperad%25252Frtb%25252F99034%25252Fimpression%25252F24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA%25252F1%25252F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%25252FZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg%25252Fnotify%25253Fcid%25253D321154%2526idfa_raw%253D%2526device_os%253Dios%2526crid%253D3444630%2526campaign_name%253Djji_tier1en_smadex_tcpa_en_-_geo%2526click_through_url%253Dhttps%25253A%25252F%25252Fitunes.apple.com%25252Fapp%25252Fid1200391796%25253Fmt%25253D8%2526idfa_sha1%253D%2526exchange_name%253DGoogle%2526ord%253D1710521394034%2526tc%253D1%2526bcp%255B0%255D%253D%252526af_ad_type%25253Dvideo%252526af_ad_tran_id%25253D0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%2526optId%253Dsko-d_vast&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 16:49:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2743 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
14142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 12:54:13 GMT
expires
Sat, 15 Mar 2025 12:54:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1BB4 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f104.1e100.net
Software
GSE /
Resource Hash
41fd99206c387f9e4259e37b4f718d8a3ac8f2a41b8de10d86d057239b00dee2
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-oDRcz85qEXhlFlpvEgXFsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bitly.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-oDRcz85qEXhlFlpvEgXFsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 16:49:55 GMT
expires
Fri, 15 Mar 2024 16:49:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame 2743 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Mar 2024 16:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
88334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 16:17:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B37B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3JDtDSzrelE9UKGjyHGtsx6aEMBtwK-6P7JE2enbH3x_-l38Nl20UvKx9uBu3COob7HAJV3U_RgbdIDJ0YSMpjHLcTkAz4aqJ9oVNakRKJq-7XKJjuXkNmSByU9J90jXvpWuU1A&sig=Cg0ArKJSzMCeJrYLTJ6BEAE&id=lidar2&mcvt=1000&p=0,0,200,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=624732521&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=645419400&rst=1710521393791&rpt=748&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
start
va-trk.smadex.com/hyperad/tracking/action/ Frame A3C2 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va-trk.smadex.com/hyperad/tracking/action/start?click_id=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&crid=3444630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.77.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-77-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A3C2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CYQN1MXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMByAMCqgS0AU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP6jCqa4CzZvv43fYrj1EPTDxP1SUzheg4S8vFxyiTOmo1uDbAS_3tEWS4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAP6CwIIAYAMAdAVAYAXAQ&sigh=ytSatJv8FsE&label=part2viewed&ad_mt=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
notify
br-trk.smadex.com/hyperad/rtb/99034/impression/24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNN... Frame A3C2 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br-trk.smadex.com/hyperad/rtb/99034/impression/24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA/1/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/ZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg/notify?cid=321154
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.77.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-77-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
id1200391796
impression.appsflyer.com/ Frame A3C2 		2 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://impression.appsflyer.com/id1200391796?pid=smadex_int&c=jji_tier1en_smadex_tcpa_en_-_geo&af_siteid=bitly.ws_Google&af_c_id=39742&af_adset=jji_tier1en_smadex_tcpa_en_-_geo&af_ad_id=12323307&af_ad=jungle_landscape&af_sub_siteid=5020455596&af_sub1=bitly.ws&af_sub2=&af_viewthrough_lookback=6h&clickid=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&idfa=&sha1_idfa=&af_source_platform=ios&af_ad_type=video&af_ad_tran_id=0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5&af_engagement_type=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-70.yul62.r.cloudfront.net
Software
af-wh-impressions_API /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
server
af-wh-impressions_API
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
content-length
2
x-amz-cf-id
XtZacjMt58vVBDbIFONygxHJA6LIQDDMpO-IRj2jdkKg6K1TZBTr2w==
adview
googleads.g.doubleclick.net/pagead/ Frame A3C2 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUPHLMXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMByAMCqgSxAU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP7hCIcqhK6tjSQdZF92Ahdoy-lY9zJwmz1NJ06RKJi4j0MO0d6Nd4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=IWaZiCL483U&uach_m=%5BUACH%5D&cid=CAQSTwB7FLtqnwJYOILlA70LRloIbVKmiID-Sy3PpW-HjoB_z5hY9KQRGhF1r6MDYIOHKwCY00jcMWpkcM98o32-BcGYFV-BdbdJxtAKSg-fV38YAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A3C2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CYQN1MXz0ZdKsOPam6tkPsYyguAefrPKNXNmN1afECMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEFqAMByAMCqgS0AU_QKvOSZqdaSU_ZeZCvOFG9sOYx5IbCUAVmgRTOHZSA0X-DUItmZ2V9qxrzL94XGtwooFySyOo8e_-lzQGKkbdbmJboWe0LuzVJo66JEakOVtUOpR1LDQKj2e_REFyorlw2IVlF5bemnd4KYIcDr6v4DiT3dFLHhMYL1S8nD5KjHtDXd0IxHcwSdP6jCqa4CzZvv43fYrj1EPTDxP1SUzheg4S8vFxyiTOmo1uDbAS_3tEWS4AG-PGT-bXI-e18oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYzOLA4Nz2hAP6CwIIAYAMAdAVAYAXAQ&sigh=ytSatJv8FsE&label=vast_creativeview&ad_mt=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A3C2 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~ltsw9vq4&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=500&br=422&mt=video%2Fmp4&vs=640x360&dm=45000&event_name=first_play&asset_bytes=145992&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=6&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=2&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ey~ff.1fb~videopreviewstarted.1fc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=2457908995637851&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2743 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ebSRIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Mar 2024 16:49:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
all
csm.us.criteo.net/ Frame 3FFC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=X_KzpY7HyecIv6SsApTtSXZA4OyDY1TKf9cBUHhioYkXjMpzx8Dec7cj5U7VpQheSou_Q_L6l9KRf3oBhqKtt_vBX95ZGn4FvVkIM1BeKu0CDcuBqhrnBZEMn440QwKAoRRp-zEpZiz1vBDv4suHD4qAWkwUcPonnzviAu-BKZrU_oA3pUFGZSLFHFbMDQKJr1e086rp-Y1ES-WHEvhmv1dL9rICpeVAxb0bBgvT9fZD6TlTTnho0KUP5cwi9eMj1ZuO0g&sds=2&rev=91140.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfR8MQAN8AIECGBlAAXr1CbmOV5Wlnk0X_6W1w&u=%7CIpFf4PZcJST0TJIyVQDTEayp26jS%2FO5T%2FvHLxKpQ5j4%3D%7C&c1=f2W0RUnQkd6rCVE6Tntl32jl-mPPyuUulUKVy7jxcfw0VYJrjTj3Cs5kXjn6HBXhyRubXPoaCvrH0wT0YfUt_FSaKI0GiTPzXNwHlf_L-TIbu9d9_Nrv3f2e1rWXOSUrk9BSLj7cH_jT5SvbfEW-tTx4_n_qtANt6iPnKB-_e_QHg0pSGyPQBL9WCOfhAPulZjC3sSphfr_yKNaOkyxGuDUfOXhnpJXWYbQAl9SezY0HYTYbEOe0wiSC3jc3lYKzbxEsMak-oOt3ms1bqW8PIeEZw4t7V9xhBTcY3f8_qFklkTgv5kMPRW08Jkhw2uBmHg3LAx4gDEd0mZrfLp0ne_xGoegT-Heq2145nLx8gmwaZqAwBSGzr8Cp6M05lGVO5YV3kFkiUhhdJ71RT6SIUkNqJUVDHC2npADaP5NjJ-IP5qk3vx5hX3kpn02aZSKzpfdFhaYS0_d4gAuRpWvj_B4853cQ4z9gvUyhuwmsp7IwEElCmeHcoWDqTpD9kSEfo9trA7pcZM_iNpLb5x5KvzaCzpA6IUYRlZ37hpr31_ALVfFDzTx2Y2F-kZSzQ663gEo23ztskDfzWZNiYiFaZgCmHh55twPLuGoO_K0ppCr5_TX3T68vCNhbhsOrMvnl-pkyF6nqSHpGJZRSlYS2HFJvr40R4yIuVHXfflL5oJJRXz6mW9Y_GoQh55JCDDXTajr9WVl3li0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCToxMXz0ZYLgN-XAodAP1NeX8AGcge-wXKLKp6p0wI23ARABIABg_aCZgegDggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLQBT9DbJ7X0qnxsTzKhknpM7B1QFiv72NmfidNkXI-x2is221ZIcmH6_KzP102oQnmMDyJZ_-x-Y8enJ0I2kaqDNkIgVNz1INJ8ZfrUaGuaxlZPy1wq36hBQvnuOqDYIm-MksDVCEVzBpFRjzKcTirdj9ydYwTy6mOCy3D-kz8qw3bnBYqJIlKHe_gpmKpHfn0VEDM_jUURZfItHvC54l1aXVCyxxf40H9H_q12LK7z4NRBtJYCgAbw0PSZ8_2-6rwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYj9PA4Nz2hAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qc3Z5Go9XhS6gYQnGd8OG8P5qZA%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 15 Mar 2024 16:49:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=2457908995637851&bg=!GhmlGVbNAAY_ejuoH3o7ADQBe5WfOGD5bLCPsMpZrVRqvPznaxZrtCxw4S5dKEkXeWwGFMxBOqPPZY4hpTwkc8TFRd5pAgAAAIdSAAAAA2gBBwoAhYO1lTTv-XSE7M1-Ck9RDKZ0yTWBjAHNrFpd82PwPv00gufzeYTQfbfO6KFFaT3aivHNu2WiynzhDPCba32SwWxyhPBeYJvwbs70ncHD4AIrjC8TMpj2MgfvFEetIveelDHc46SrdtQfVCW090yx1O5aAQ6r1UzP9Cy1Kuyw6HfJ4sbzBRyZAqfsruzm4BCS-EWkPaIIfLuDkz-NEnExaywONvM4GLVvoOwwmdyPBoliIlNFwisBSBNr3ntK3mZ9H7_EW-X-uvuNL1PeFXSC7JQMffQV4KP4XlmUZCjmGU_zyCzHoRQKJjmAZOsUphJ5jYTSgPAUeZDZVZUfDIZIYO8nnadRDWY_YgQhW-IGANbcYiGtIQXLQCkls2CFEZQ2MOYOY32ZJwbU1eV_LZOuTAZ_VN8z1CKdO8NfOhTY3Eee9s7To4PhyrFYIv_RSoFc0jIKk9Z9HX0k2uwLiFp5o-z7iwFRytAo-bXrQnhE8-AmJiOICczDsw9ddc_fLeCNdES80zdKX-Trf3ByXjlDP9pYMk4zWkFIjvWcz-e_pKMkjFviGc1jpWCovQm88-87i1I8YwI-DSpPbjitBotbvTpSk4D4exHurAfp9yb5XKzSCDwFsRzayt_SVGA0vVU3cJjsZN114sFqgybObq6oznjZV1OcXu_2iDU_vuojQeE1P1qVi6TFycglwSuqKPUP7c7sd2aQaVmRALe8y0ipIQY2XjmOA50tRUR6I5gwMJ5xOi0eEZnQA22rXPsRGH5AuF80XrcsRIvZH70fjcFmmtNyWVS3QAAvFna1nDGmoyqMUJe0o7Gscm5Ke6pzfkJ9CLFqdNGwdX3Z1PwbCDqK6RvA7_vzCuk8XMVjPACE7LKeq2pABc4LwLKzBJwVR5dPiyxNO6gGW170nF1wKxOsl71kOWFo6AFC5CAjDIe750hawhxO__93cj9wFkLzX3Ic36pgNoZp_-6olU60EE3ql5cTiJ3RbDvUtj3RTeeL-A__hyUIhu2CJmZ3Ap0buEoaR3YhoIoUifm9BlZQyl3_jrHkl8-k6YQazTLcnO6RAqVlFMSRBLSrnVEj2NQvTN7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bitly.ws/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers
csi
csi.gstatic.com/ Frame A3C2 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~ltsw9vvn&c=4384199252891&slotId=2192099626445.5&qqid=CJKJw-Dc9oQDFXaTOgUdMQYIdw&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=500&br=422&mt=video%2Fmp4&vs=640x360&dm=45000&met.4=vfl.1jh
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 16:49:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creatives.smadex.com
URL
https://creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/266445?creative_name=jungle_landscape&app_id=5020455596&inventory_domain=bitly.ws&bid_digest=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&async_click_url=https%3A%2F%2Fgeo-tracker.smadex.com%2Fct%3Fq%3D7736c70a619d95295b4ab476b03c256d5b063169a3ff2cd3bec3f3dd9748a281eedf945d03bcb7fa6d7a7e2521fb4d76b41004239ac512dddc765af1f5bffa38671d91e37cf71f855eadcb10ee8438fd26ce81eaec48849afdf8caf7053418426d635e1d2a9b40059978bcee769a0b65892352e3a77a45b281e944cce7459ef9a9e50b7a21b2549359a6c1bf4931806f748e9c4b6547b9a415cbf958135f22e8c687eb7dc833f2c5815bb225c62fe13c0fa478a72720f5bbe8cd127bf11719764d5d51448a2cddca29b50da6b53322b1f6ac2078c90f4298eea039635c7ffdb1201236c94b7cb5436c96819ec51b7755cb9c993183f57ca182eab91f70c1d5a5cb346f3305cbcf161207d0a7ba11610ba1306202b4d45e7803e87bb16e90abe04b053732c22bb2304cedc6f7bbd7b98c19eada8a62604dad7174b55dc8c6266821fa873beffeb13c5a85c387a36df3c524df3903357a7608275af66395c3288768365e2c9f4d15b34c91254968c46568334b12d061aa3f60bf643fafedf7a89d0ce51dad400cf9e6406466b4dae963f1dbeb6eb9d4b56093a8c5b6c98ffbf9bc9d2110656960ca58f2a665a887f9d42b22d8363f68a9129cb3642ca9e88e58621eefdd36038aabae972f2440a440899d9d56c0d74f0cc66fc6b145050d7b10c061ffd571b0de7908cb8b9e997812addbe63d5e9ea6d15743a47b2d721f95bfbb4b2dc2d5da13d3918289c3fe4da52bbd4d208fe714a7ce96bd0db118db6dacd9962fea4537d08f08331a59fc38f415af1ee79cb46f38a144f07ecf1bbba19dffce53c29c7bac2d2b05204ea6bd5502ae1d010a7d011332a49663bbdd92e79b6465f8cdd0599ce815f76f1c79982354ac51f95d8c5f0b289713e64372352b5bbad600d96d11617dbcf9bc44eff7c1e46b273bbb0e805a43bc6233a188cafad842183426d6377405e3e3fc2bcc18cc64788350b2c38ea4d546aeb656f909fa380ff03d6d98eeee5721f7e169666d38320374855840f1ab679cf713d5b7311ed1eee3578d7923b35f5117b083acf0fa422396df593af41a445b01ad89624385679c52f9df7d3a1b59532684a4a99e94058e&app_bundle=&impression_track_url=https%3A%2F%2Fbr-trk.smadex.com%2Fhyperad%2Frtb%2F99034%2Fimpression%2F24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA%2F1%2F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%2FZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg%2Fnotify%3Fcid%3D321154&idfa_raw=&device_os=ios&crid=3444630&campaign_name=jji_tier1en_smadex_tcpa_en_-_geo&click_through_url=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1200391796%3Fmt%3D8&idfa_sha1=&exchange_name=Google&ord=1710521394034&tc=1&bcp[0]=%26af_ad_type%3Dvideo%26af_ad_tran_id%3D0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5&optId=sko-d_vast

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| adsbygoogle function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| NzQyOGU5ZTY4MGI2ODQ1NWxvYWRlcl9qcw== string| NzQyOGU5ZTY4MGI2ODQ1NWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint boolean| adblock function| paste number| links_count function| numberWithCommas function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| e562d60c-615c-4b5f-98f5-8dbf0b2efe09 object| googletag object| google_llp boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.bitly.ws/ Name: _ga_8Q1W6PKNCX
Value: GS1.1.1710521393.1.0.1710521393.0.0.0
.bitly.ws/ Name: _ga
Value: GA1.1.1716613130.1710521393
.bitly.ws/ Name: FCNEC
Value: %5B%5B%22AKsRol_AAQBFQP62KUeBraVO3kjha2gCNs9ILXrgu31kBAGIWlOaPrJ8sKlSLujT_WTpi64lekWOdFrKhBbMDDLwMhPAYZbQB2h6XBsgvWG_f9G_yef_eoIrPYtyTkB_8SmAIYQmpoVYaLjZoKY4xW0TOz0D8R91iQ%3D%3D%22%5D%5D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bitly.ws/ Name: __gads
Value: ID=76e92710c538f182:T=1710521393:RT=1710521393:S=ALNI_MZgY1p863q1trsWUPRyXDMmQSIIoA
.bitly.ws/ Name: __gpi
Value: UID=00000dd2bb2cd16c:T=1710521393:RT=1710521393:S=ALNI_MYK_RfFJkmBE5VSC-3cfgK2uhM2pw
.bitly.ws/ Name: __eoi
Value: ID=eb7836ef8cd2012d:T=1710521393:RT=1710521393:S=AA-AfjZSqB79lfcolnG_PdI4PowS
.smadex.com/ Name: smxtrack
Value: 3458b31c-d905-437d-a707-5e844d9df15c

18 Console Messages

Source Level URL
Text
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1710521393&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710521393439&bpp=10&bdt=291&idt=341&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4737411356488&frm=20&pv=1&ga_vid=1716613130.1710521393&ga_sid=1710521394&ga_hid=2066127028&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95327951%2C95327955%2C95320377%2C95321865%2C95325784&oid=2&pvsid=2457908995637851&tmod=1515245032&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=350
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html#RS-1-&adk=1812271801&client=ca-pub-2614556310778759&fa=1&ifi=5&uci=a!5&btvi=2
Message:
Access to XMLHttpRequest at 'https://creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/266445?creative_name=jungle_landscape&app_id=5020455596&inventory_domain=bitly.ws&bid_digest=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&async_click_url=https%3A%2F%2Fgeo-tracker.smadex.com%2Fct%3Fq%3D7736c70a619d95295b4ab476b03c256d5b063169a3ff2cd3bec3f3dd9748a281eedf945d03bcb7fa6d7a7e2521fb4d76b41004239ac512dddc765af1f5bffa38671d91e37cf71f855eadcb10ee8438fd26ce81eaec48849afdf8caf7053418426d635e1d2a9b40059978bcee769a0b65892352e3a77a45b281e944cce7459ef9a9e50b7a21b2549359a6c1bf4931806f748e9c4b6547b9a415cbf958135f22e8c687eb7dc833f2c5815bb225c62fe13c0fa478a72720f5bbe8cd127bf11719764d5d51448a2cddca29b50da6b53322b1f6ac2078c90f4298eea039635c7ffdb1201236c94b7cb5436c96819ec51b7755cb9c993183f57ca182eab91f70c1d5a5cb346f3305cbcf161207d0a7ba11610ba1306202b4d45e7803e87bb16e90abe04b053732c22bb2304cedc6f7bbd7b98c19eada8a62604dad7174b55dc8c6266821fa873beffeb13c5a85c387a36df3c524df3903357a7608275af66395c3288768365e2c9f4d15b34c91254968c46568334b12d061aa3f60bf643fafedf7a89d0ce51dad400cf9e6406466b4dae963f1dbeb6eb9d4b56093a8c5b6c98ffbf9bc9d2110656960ca58f2a665a887f9d42b22d8363f68a9129cb3642ca9e88e58621eefdd36038aabae972f2440a440899d9d56c0d74f0cc66fc6b145050d7b10c061ffd571b0de7908cb8b9e997812addbe63d5e9ea6d15743a47b2d721f95bfbb4b2dc2d5da13d3918289c3fe4da52bbd4d208fe714a7ce96bd0db118db6dacd9962fea4537d08f08331a59fc38f415af1ee79cb46f38a144f07ecf1bbba19dffce53c29c7bac2d2b05204ea6bd5502ae1d010a7d011332a49663bbdd92e79b6465f8cdd0599ce815f76f1c79982354ac51f95d8c5f0b289713e64372352b5bbad600d96d11617dbcf9bc44eff7c1e46b273bbb0e805a43bc6233a188cafad842183426d6377405e3e3fc2bcc18cc64788350b2c38ea4d546aeb656f909fa380ff03d6d98eeee5721f7e169666d38320374855840f1ab679cf713d5b7311ed1eee3578d7923b35f5117b083acf0fa422396df593af41a445b01ad89624385679c52f9df7d3a1b59532684a4a99e94058e&app_bundle=&impression_track_url=https%3A%2F%2Fbr-trk.smadex.com%2Fhyperad%2Frtb%2F99034%2Fimpression%2F24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA%2F1%2F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%2FZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg%2Fnotify%3Fcid%3D321154&idfa_raw=&device_os=ios&crid=3444630&campaign_name=jji_tier1en_smadex_tcpa_en_-_geo&click_through_url=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1200391796%3Fmt%3D8&idfa_sha1=&exchange_name=Google&ord=1710521394034&tc=1&bcp[0]=%26af_ad_type%3Dvideo%26af_ad_tran_id%3D0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5&optId=sko-d_vast' from origin 'https://googleads.g.doubleclick.net' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://creatives.smadex.com/r/0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5/e/99034/cr/3444630/s/266445?creative_name=jungle_landscape&app_id=5020455596&inventory_domain=bitly.ws&bid_digest=25d5b72561fa2fd7aca9dfc4c0e14cf0f9cf2f0edddb252694013ca694b00914209e8ef59670d1cf4d55e2475078fa1ceab9a1336f7993c31d1a59b42c1ed923f2813fb8cef05fc1e4b866f1c213a416e34050b6c2accd1badd8eb7464ade893d1d180d1c7b9ab59052ac552c95a315f44fe8debf69db081b3a867c1cfec73ef752a9752b006bbfd6049f9d286f4092c36ed8f6d641d1026af6f54dbd51557e7589eec3db22023be477f6369499662b5b814433b7258e7982d489f6e0224cee2b06565b5f577d672f6d06044d3da4390&async_click_url=https%3A%2F%2Fgeo-tracker.smadex.com%2Fct%3Fq%3D7736c70a619d95295b4ab476b03c256d5b063169a3ff2cd3bec3f3dd9748a281eedf945d03bcb7fa6d7a7e2521fb4d76b41004239ac512dddc765af1f5bffa38671d91e37cf71f855eadcb10ee8438fd26ce81eaec48849afdf8caf7053418426d635e1d2a9b40059978bcee769a0b65892352e3a77a45b281e944cce7459ef9a9e50b7a21b2549359a6c1bf4931806f748e9c4b6547b9a415cbf958135f22e8c687eb7dc833f2c5815bb225c62fe13c0fa478a72720f5bbe8cd127bf11719764d5d51448a2cddca29b50da6b53322b1f6ac2078c90f4298eea039635c7ffdb1201236c94b7cb5436c96819ec51b7755cb9c993183f57ca182eab91f70c1d5a5cb346f3305cbcf161207d0a7ba11610ba1306202b4d45e7803e87bb16e90abe04b053732c22bb2304cedc6f7bbd7b98c19eada8a62604dad7174b55dc8c6266821fa873beffeb13c5a85c387a36df3c524df3903357a7608275af66395c3288768365e2c9f4d15b34c91254968c46568334b12d061aa3f60bf643fafedf7a89d0ce51dad400cf9e6406466b4dae963f1dbeb6eb9d4b56093a8c5b6c98ffbf9bc9d2110656960ca58f2a665a887f9d42b22d8363f68a9129cb3642ca9e88e58621eefdd36038aabae972f2440a440899d9d56c0d74f0cc66fc6b145050d7b10c061ffd571b0de7908cb8b9e997812addbe63d5e9ea6d15743a47b2d721f95bfbb4b2dc2d5da13d3918289c3fe4da52bbd4d208fe714a7ce96bd0db118db6dacd9962fea4537d08f08331a59fc38f415af1ee79cb46f38a144f07ecf1bbba19dffce53c29c7bac2d2b05204ea6bd5502ae1d010a7d011332a49663bbdd92e79b6465f8cdd0599ce815f76f1c79982354ac51f95d8c5f0b289713e64372352b5bbad600d96d11617dbcf9bc44eff7c1e46b273bbb0e805a43bc6233a188cafad842183426d6377405e3e3fc2bcc18cc64788350b2c38ea4d546aeb656f909fa380ff03d6d98eeee5721f7e169666d38320374855840f1ab679cf713d5b7311ed1eee3578d7923b35f5117b083acf0fa422396df593af41a445b01ad89624385679c52f9df7d3a1b59532684a4a99e94058e&app_bundle=&impression_track_url=https%3A%2F%2Fbr-trk.smadex.com%2Fhyperad%2Frtb%2F99034%2Fimpression%2F24-H4sIAAAAAAAA_5WSPWgUQRTHJ89jkeOIFoe1jajgLDO7s3c7Ab0EEyJ-5AKJH4iwzMzOXhb3dtfdTRTETmzThSAWgkEsLAI2giCinRamM5WxsBBsUihYOnuKmtKBgTfzvn7znwcP3hwGhBCciNNKF2UVV7FIgkSkYalErgEofH48BtPLJdairLBjU0KG5bRNmMOlQyMt3JBr6npARDLIirhaGuIVB6tc4DgtK5EkcHaP599Oe8LWNtd3WrB_KKubsPnp3hjI-OOXK8-_9hC8v_ziyTvr26ma1azdngFDNRyA9fTlxj7UOD0F7eU8iaMqqGtt5CebHx796NXR0PY7NvNtymwCDZ1CcyrPEw2teH4pSzVYcVZCy3i7tinaLoeiqPKRB-CYqEODeHQOVnRBWdCF1my_P3t-BgH6DWSazCvFw45i3FOdUDq-7DAqia9dJn3td4mIiMOk1OEoCdZWdywEk9z1fM8jUaRD5UWcCZ93WSgoc2QkuZJo--3usyN1o19p6w8tuHv_aH2xdeCPGk3OicsM7vjFuXPYbBhfzIosrbK_hgXEMQSYuJh6i7QzwfiEZxRx2dUzRLk89PwIa0crTKnWWBh47HrKd6SkXGkPbtSKbs1MwvFrq6-_by-8gkZ_rmYyf3DBu2SMg7V61zMcBitmVhC0FkQkihhB4_YdaA-ybJBoW2VDGD2mTr31X8IdiuJ0oIu8MCP0E37WP-y6AgAA%2F1%2F0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5%2FZfR8MQAOFlIFOpN2AAgGMee_j_920QrGHKwRCg%2Fnotify%3Fcid%3D321154&idfa_raw=&device_os=ios&crid=3444630&campaign_name=jji_tier1en_smadex_tcpa_en_-_geo&click_through_url=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1200391796%3Fmt%3D8&idfa_sha1=&exchange_name=Google&ord=1710521394034&tc=1&bcp[0]=%26af_ad_type%3Dvideo%26af_ad_tran_id%3D0c39d58f-e2ec-11ee-a1b0-35c82bb19ce5&optId=sko-d_vast
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bitly.ws/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
bitly.ws
br-trk.smadex.com
cat.va.us.criteo.com
creatives.smadex.com
csi.gstatic.com
csm.us.criteo.net
d3jdaktv9qp9iu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
imasdk.googleapis.com
impression.appsflyer.com
pagead2.googlesyndication.com
rtb.da.us.criteo.com
static-content-1.smadex.com
static.criteo.net
tpc.googlesyndication.com
va-trk.smadex.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypalobjects.com
creatives.smadex.com
13.225.195.70
142.251.167.113
142.251.167.94
142.251.167.95
172.253.115.104
172.253.115.156
172.253.122.155
172.253.122.95
172.253.62.97
172.253.63.101
172.253.63.132
172.253.63.94
18.160.41.107
18.67.65.47
185.11.100.204
192.229.210.155
216.239.32.3
3.162.3.85
3.230.77.233
74.119.118.147
74.119.119.131
74.119.119.147
74.119.119.149
74.119.119.65
74.119.119.80
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
027ab445608ff16d29e54b18f6a4e754206f24d8fb2ea5fa7b6290a6a605a1fe
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
08b1d01987b871819d1c09e50b54292f972e2b27514167555c71f9d29366f88c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
0c45c56ece293f055ed69d3ea7ff26b7b026355db96806dc17876f47fc402352
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c
212a4402c57f9bd169d26d882f83bdb90021c5494ce425852ced054723d85ed3
24714d6533e252ba6d732780a6d5a97b8ba542363c19c90ac88e93149143ada4
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3467c60b8405a183293cb74a539c20f53926585136659ad18e2f28e187d262a5
383093d5eb91e6966b0b2fff9c7b447a50592c5787375fca883a8cc9d20465c4
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41fd99206c387f9e4259e37b4f718d8a3ac8f2a41b8de10d86d057239b00dee2
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50fd283a5deb324b3057094dfbd0b423107b48d70c18f10c25f4fa5e70767a76
54339f1c8cb089c05773b2b18fd5da6e702956decbf7dea6ef0348a64203c657
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6028b3f927433020d4db324c49301c47310089836ac015afe4d564b0483e85a6
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea
6952d4dd25999e7313e65f627eced8ffa5588d2c79b3acb5f17075b726e54aac
6d6848dfb9438e299c0d15289aa54d2b14d8bbeece2a5ede0f2b91ed2bc29339
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a3f9828ea2351588dcc8d8436e36935bbf9e1d1bfdc6c7d839d4bc6840490e3
7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a
7fab11800b4549af657a5ffe1f66e7a72858ab8b0a8b2374838edf99b96f3e34
7fbfff5b6fbf5bb76aa76a7a98105465abcda7fccd42c81497b6c705fb70b3a9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
930dfc91af9af67b61bd0b3e694d0c43a2d1f865e834d2f2cc256514b290eae6
9bd709978c361d9b36f3f1c689379a4962ddfcc7b65aa679f4df109f9fc81433
9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a124edef602d94215dacc5e4713fe04065cca9de1eea56acc4865040a45e66c1
a25eb162181c7e608cf0316121f585d91bdeb671aa06d513f063dff2020d3538
a2b5c9eb8f373d8b4d1d5ea03ab657311732a908a0f8cc9e72922ca675b233dd
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac0f2025f72e1ab7b2fa3ecc5c71dd16660722f5a19447443ad2f42d4b90531e
b11dc47889de3326bebc34326b08c225799df4a275b28db686c6e3482b3f4bd7
b247e9c2baf0fb3756e588a7f1ccb6b2dd35c5c7ed36493c305db648ad66a696
b8214bd5cbd9197f329d1df98d908dc7a1cd38c28e8010b92e49b3f35dd9986a
c1e5247e784f7ec0180c6c053ce839dbbb3498df887d48d0e90c65d536a758c0
c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d
c5378dd39737e23b10e6febc7a0777e586162eebf226f580b7aadf93558f690f
c891951bade1ecf8d5cbc25f708f38c773960272a01a56738fd830e97dc89342
de3baa8de2e1c0289660e968810ba929476dd8e3d24bc308719bd596c4daf363
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e15ba73758a04d215cc382424ae20b9c5b95f6e32d588bce0fce08b1a30594e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48d5807b4a98e3412650fcde60cdfe64cc058c99b07a68650c13987692f0b5d