gifyu.com Open in urlscan Pro
104.21.235.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gifyu.com/j88betxyz
Submission: On May 17 via manual (May 17th 2024, 6:09:21 pm UTC) from VN — Scanned from IL

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 45 HTTP transactions. The main IP is 104.21.235.53, located in and belongs to CLOUDFLARENET, US. The main domain is gifyu.com. The Cisco Umbrella rank of the primary domain is 90095.
TLS certificate: Issued by GTS CA 1P5 on April 13th 2024. Valid for: 3 months.

This is the only time gifyu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.21.235.53 104.21.235.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.21.74.205 65.21.74.205	24940 (HETZNER-AS) (HETZNER-AS)
10	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
11	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
45	12

14 104.21.235.53 (None, )

ASN13335 (CLOUDFLARENET, US)

gifyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.74.205 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.74.21.65.clients.your-server.de

s9.gifyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gifyu.com gifyu.com — Cisco Umbrella Rank: 90095 s9.gifyu.com — Cisco Umbrella Rank: 207659	438 KB
13	google.com analytics.google.com — Cisco Umbrella Rank: 154 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646 www.google.com — Cisco Umbrella Rank: 2	70 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	211 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	241 B
1	google.co.il www.google.co.il — Cisco Umbrella Rank: 28483	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
45	7

	Domain	Requested by
14	gifyu.com	gifyu.com static.cloudflareinsights.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	gifyu.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.google.co.il	gifyu.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	gifyu.com
1	www.googletagmanager.com	gifyu.com
1	s9.gifyu.com	gifyu.com
45	12

This site contains links to these domains. Also see Links.

Domain
dzcs.short.gy

Subject Issuer	Validity	Valid
gifyu.com GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
s9.gifyu.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.co.il WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://gifyu.com/j88betxyz
Frame ID: 69E50B2C3F4B10C6CBF5E43F1B20E2B6
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html
Frame ID: FCD6A7EC0560C4F4FE33680BC052B392
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8060303453945060&output=html&h=280&slotname=3477796164&adk=334349172&adf=687585655&pi=t.ma~as.3477796164&w=1200&abgtt=5&fwrn=4&fwrnh=100&lmt=1715969357&rafmt=1&format=1200x280&url=https%3A%2F%2Fgifyu.com%2Fj88betxyz&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715969356616&bpp=4&bdt=868&idt=368&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=1454756480839&frm=20&pv=2&ga_vid=50297997.1715969357&ga_sid=1715969357&ga_hid=1376451960&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415&oid=2&pvsid=74801589070617&tmod=1399200315&uas=0&nvt=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=423
Frame ID: 6E7776C2EA1F38C7D160FF6D571C4456
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8060303453945060&output=html&adk=534223583&adf=3719640579&abgtt=5&lmt=1715969357&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgifyu.com%2Fj88betxyz&pra=7&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715969356620&bpp=2&bdt=872&idt=445&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280&nras=1&correlator=1454756480839&frm=20&pv=1&ga_vid=50297997.1715969357&ga_sid=1715969357&ga_hid=1376451960&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415&oid=2&pvsid=74801589070617&tmod=1399200315&uas=0&nvt=1&fsapi=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Frame ID: 64EF83FE8B11E8B0FF5341D3B6910F45
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50483382C5C18A49BE5E6AA1890AE4DA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED288288CBAD3106EEEAFAAF69B6A3EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

J88 (j88betxyz) - Gifyu

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

12
Subdomains

12
IPs

3
Countries

825 kB
Transfer

2183 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dzcs.short.gy/hCcqE4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request j88betxyz Show response
gifyu.com/ 182 KB
33 KB 315ms
171ms Document
text/html 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gifyu.com/j88betxyz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396a156d9caec99d5f2844ecced34ba379e1449c9be8362a6f50d24117d6ed8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88558eb8ac0c9b43-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 18:09:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqLF1CvRoci4JTlcFdhICipnLkWAhoDprjcyUrEYATP7PkxwhFVj0Z7lxDc3cPH8JTUus4bf88hsHbpD6s%2F%2FwouYaHtU9aT77OWy0luYMfjJpd6tQ8cXkcR1v7c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 peafowl.min.css
gifyu.com/lib/Peafowl/ 83 KB
17 KB 157ms
156ms Stylesheet
text/css 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/peafowl.min.css?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48e66e8772080e5affc86bbc23ac2fd57863e2347e2d0a24fa5e4125b3fc5f4

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-14bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hmt5eT2chx%2BKHUuzlDcGKt%2B2TjNr1IBXMvntLOHcio7MqyUKczt2aVwijhD3Xn%2BtwYQErrA%2B%2Bmu15x8w502Kg8ZQBNU86gk3ptv5L5%2BLY7kxub7O80VvSQrmTQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 88558eb9cd9f9b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=0,i=?0

GET
H3 200 style.min.css
gifyu.com/app/themes/Peafowl/ 35 KB
9 KB 219ms
218ms Stylesheet
text/css 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/app/themes/Peafowl/style.min.css?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef56e0c7d530369c91614f1e323973ca28faffad04bbb97e68b0816ccf5673c

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-8c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYXWgW6YzlSzV7GklgN3zf3aUjfQI89lEcOIt5dx7ftxR7Qxh6Q8QKFgxKib2kNysHMMnc5ugWDq4YBBOaictG2aFYq4vq9q1OLbAAR9IUy2EiVEkkdnH91ot8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 88558eb9cda39b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=0,i=?0

GET
H3 200 all.min.css
gifyu.com/lib/Peafowl/font-awesome-5/css/ 58 KB
13 KB 227ms
225ms Stylesheet
text/css 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2I95uxeSOPVfAd3%2But0GRbbK8F4EBteujFH61YrjrfGYW207ovWM009wwhIh0ija5G1VQeDXuykuoir2LA8ohqA4A9RW6EldB3G7PgvtOkACWgf7tTh6HMzQII%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 88558eb9cda59b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=0,i=?0

GET
H3 200 style.css
gifyu.com/app/themes/Peafowl/custom_hooks/ 37 B
481 B 142ms
141ms Stylesheet
text/css 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/app/themes/Peafowl/custom_hooks/style.css?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef313ba19a4592c81ce70b4088c084ae30f0337cf0d6182d0e08c94ccaa49f6

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:15 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 18 Jan 2017 19:05:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "587fbc8c-25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbkdzI9KjYnPuSQZane7p2%2B6u3j0q2SEcTzAKKjscq0bcM9WREPRMBFTJm%2BK4nr0NEMrP62TBZ%2FlOzqdGJ6hxOKR0J9EkWBf3rAeS4Cq6pvbsrcXPxFTSdqhA1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 88558eb9cda79b43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
priority: u=0,i=?0

GET
H3 200 logo_20151124060647.png
gifyu.com/content/images/system/ 3 KB
3 KB 330ms
329ms Image
image/png 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gifyu.com/content/images/system/logo_20151124060647.png
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8102d58078a9ad6b7f160bd0808840516231e42f6ffb332147f8cfb36c165c

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2523
alt-svc: h3=":443"; ma=86400
content-length: 3051
cf-bgj: h2pri,csam-hash
last-modified: Sun, 22 Jan 2017 15:09:41 GMT
server: cloudflare
etag: "5884cb35-beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7hP%2F0pGA6tZO0enaTTVfZl73Uc0NaqO9acg2FhnNiKROjnkfgt8dM8kzbWftOVenXBL0HfgcstFXl7S72XPOU7VFdTE2cMvkI1FrclPx9AQFUdGxBpdiP1PHak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 88558eb9cdaa9b43-FRA
priority: u=2,i

GET
H2 200 SZlUZ.png
s9.gifyu.com/images/ 113 KB
113 KB 432ms
139ms Image
image/png 65.21.74.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s9.gifyu.com/images/SZlUZ.png
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.21.74.205 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.74.21.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b80f019d22a3435a2f18cfb4ee4186526baddf99fc013e59ea05eef324ab1bc6

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
last-modified: Tue, 16 Apr 2024 16:27:29 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "661ea6f1-1c28b"
content-length: 115339
content-type: image/png

GET
H3 200 av_1715349290.jpg
gifyu.com/content/images/users/bx0L/ 3 KB
4 KB 131ms
131ms Image
image/jpeg 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gifyu.com/content/images/users/bx0L/av_1715349290.jpg
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 724e2e6c2c1817679e7b45e9c18bb93f0d099090299297fa31a148f9f61ee0cb

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
cf-cache-status: MISS
last-modified: Fri, 10 May 2024 15:54:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663e434a-d4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BU1hZ7X9v6wjOOLDoS5feiLPEJRI%2BGv4zOwJihkKYGb%2FY47mpCMnnkpk3D%2FqgGABUb6LZFrcPmMeNhT6qmxRtZoNZxU3IlzVFNrhZ0xcmyVzgEWcQsMPnscOuts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 88558ebbd91a9b43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3406
priority: u=2,i

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 387ms
158ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gifyu.com
URL: https://gifyu.com/j88betxyz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8ca1d96ed582f348daeb4f1a3207a9051ac730a36d125444cfc65f86081e4355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52487
x-xss-protection: 0
server: cafe
etag: 778982451104299154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 17 May 2024 18:09:16 GMT

GET
H3 200 scripts.min.js Show response
gifyu.com/lib/Peafowl/js/ 248 KB
77 KB 364ms
363ms Script
application/javascript 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/js/scripts.min.js?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-3de92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ghmDjEzSn5VSXApP%2FZq%2Bs0xVJQGKFVVjWdU4KkdMczjLDtz37KX%2BDWKeMkZDhVPh0Ch84SjnHr7vwWAmmpeswGwCVk3O0mJamV5%2BWmeGvqRunqZzzJomAhwWeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 88558ebbe9259b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 peafowl.min.js Show response
gifyu.com/lib/Peafowl/ 152 KB
46 KB 373ms
372ms Script
application/javascript 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/peafowl.min.js?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c82e03c0c1858d6e95e6695f9d090dc90c5be8f8b79b3f22232044b381f225

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-25fde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stQ8e5OisebnMesn0ROB4Ft%2BtmEE3fzqZIksbPntV9cyubyiwTgmuKY73%2FZO%2FEX7W62SL5VJb6AW3QI5B34wgO53FWfto%2FKrI56Z0rshvzXiGsU8sbnN%2B23MwJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 88558ebbe9299b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H3 200 chevereto.min.js Show response
gifyu.com/app/lib/ 101 KB
26 KB 140ms
139ms Script
application/javascript 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/app/lib/chevereto.min.js?e006262125ec9a16116f2469b384dae1
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2153e915beaff7acc17643951e8f366eb1201a564af7afb567347fc737a9d98e

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64063c24-19332"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FvTU4ZO2O1pyTKZpkaEcJ1QjCTHDXM4YzxmvIbNT%2FqkShQTRkI01lTgLdx6%2BFAF004ngg2LQqioDc3DHWuCv9gZUxwqMH%2BqKl21u0oGmxe76%2Fp00BkmHc4NNWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 88558ebbe92c9b43-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 398ms
150ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MN4E328XVD

Requested by

Host: gifyu.com
URL: https://gifyu.com/j88betxyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bca64743790c8283b8b0ee6be210aa841ced66ff9b8d54af633d5589c180632e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 May 2024 18:09:16 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 220ms
99ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: gifyu.com
URL: https://gifyu.com/j88betxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

Referer: https://gifyu.com/
Origin: https://gifyu.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88558ebc7c0ee3e7-TLV

GET
H3 200 fa-solid-900.woff2
gifyu.com/lib/Peafowl/font-awesome-5/webfonts/ 78 KB
79 KB 217ms
217ms Font
application/octet-stream 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/font-awesome-5/webfonts/fa-solid-900.woff2
Requested by: Host: gifyu.com
URL: https://gifyu.com/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://gifyu.com/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Origin: https://gifyu.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127
alt-svc: h3=":443"; ma=86400
content-length: 80252
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
server: cloudflare
etag: "64063c24-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFn5RBmJcGXbAcnQ6BWU4QWC3B924coqpgdLwct4xT69pacPnPImWSMBMYJ29QQS%2F31S7xII1wxOBKwof6Wi9KzvdInVaJZabQJD2tATMTil%2Bk5Zq7lS%2Fkc5ieY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 88558ebc09549b43-FRA
priority: u=0,i=?0

GET
H3 200 fa-regular-400.woff2
gifyu.com/lib/Peafowl/font-awesome-5/webfonts/ 13 KB
14 KB 126ms
126ms Font
application/octet-stream 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/lib/Peafowl/font-awesome-5/webfonts/fa-regular-400.woff2
Requested by: Host: gifyu.com
URL: https://gifyu.com/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Request headers

Referer: https://gifyu.com/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Origin: https://gifyu.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127
alt-svc: h3=":443"; ma=86400
content-length: 13588
last-modified: Mon, 06 Mar 2023 19:16:52 GMT
server: cloudflare
etag: "64063c24-3514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=us6hsyJoZGTOYsSpkNsx62p4rs0ZHXO0oLqvpwhkFa5phsfzVDBptFPlY9UPSGZn3MQGx0ovV%2FgQwh%2BYVUQlg0XVAhSd2WHgtOA0cNHJ4n%2BZLn9ULoPRCvdAHTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 88558ebc09579b43-FRA
priority: u=0,i=?0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/ 416 KB
140 KB 174ms
174ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcf5431a41c12d17b53100cb60471ccb5d6d538d5f4d797c485255c52bf47d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143745
x-xss-protection: 0
server: cafe
etag: 15516901982710289819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 May 2024 18:09:16 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 307ms
122ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MN4E328XVD&gtm=45je45f0v887444234za200&_p=1715969356091&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=50297997.1715969357&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715969356&sct=1&seg=0&dl=https%3A%2F%2Fgifyu.com%2Fj88betxyz&dt=J88%20(j88betxyz)%20-%20Gifyu&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1224
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MN4E328XVD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 18:09:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gifyu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 379ms
120ms Ping
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MN4E328XVD&cid=50297997.1715969357&gtm=45je45f0v887444234za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MN4E328XVD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 18:09:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gifyu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 395ms
147ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MN4E328XVD&cid=50297997.1715969357&gtm=45je45f0v887444234za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1106896871

Requested by

Host: gifyu.com
URL: https://gifyu.com/j88betxyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 18:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240515/r20110914/ Frame FCD6 0
0 339ms
116ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age: 57523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 02:10:34 GMT
etag: 5035419970550746386
expires: Fri, 31 May 2024 02:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6E77 0
0 500ms
297ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8060303453945060&output=html&h=280&slotname=3477796164&adk=334349172&adf=687585655&pi=t.ma~as.3477796164&w=1200&abgtt=5&fwrn=4&fwrnh=100&lmt=1715969357&rafmt=1&format=1200x280&url=https%3A%2F%2Fgifyu.com%2Fj88betxyz&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715969356616&bpp=4&bdt=868&idt=368&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=1454756480839&frm=20&pv=2&ga_vid=50297997.1715969357&ga_sid=1715969357&ga_hid=1376451960&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415&oid=2&pvsid=74801589070617&tmod=1399200315&uas=0&nvt=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 18:09:17 GMT
expires: Fri, 17 May 2024 18:09:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 64EF 0
0 580ms
428ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8060303453945060&output=html&adk=534223583&adf=3719640579&abgtt=5&lmt=1715969357&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgifyu.com%2Fj88betxyz&pra=7&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715969356620&bpp=2&bdt=872&idt=445&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1200x280&nras=1&correlator=1454756480839&frm=20&pv=1&ga_vid=50297997.1715969357&ga_sid=1715969357&ga_hid=1376451960&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415&oid=2&pvsid=74801589070617&tmod=1399200315&uas=0&nvt=1&fsapi=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 18:09:17 GMT
expires: Fri, 17 May 2024 18:09:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-8060303453945060 Show response
fundingchoicesmessages.google.com/i/ 181 KB
61 KB 387ms
152ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8060303453945060?href=https%3A%2F%2Fgifyu.com%2Fj88betxyz&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

82cc4b6e253420ebdb4a7ab6922a779007e62e71f7e837f86c94fd712368e5a9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3iM0eDQvT7S-Ti5Esrm2Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3iM0eDQvT7S-Ti5Esrm2Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxELcHOd2zdvEJjDh504WJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0MzPQPD-AIDADvrQt8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 148ms
148ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8060303453945060&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20240515_103944&sat=1715945952017&afm=2%2C0%2C1&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.233&alldns=0.233&allp=17&fd=(0%2C6%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=gifyu.com&pvc=74801589070617&r=0.1&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415

Requested by

Host: gifyu.com
URL: https://gifyu.com/j88betxyz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 18:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 147ms
147ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C95331982%2C95331711%2C95332415&hl=en&pvc=74801589070617

Requested by

Host: gifyu.com
URL: https://gifyu.com/j88betxyz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 18:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 375ms
144ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 AGSKWxUM_CrDTCfDm3OYUIDNBsUvOtBmclbYPtvzbsBTe5E--vKTLNrLZkp7r19uIUGjFP5Dw3FDtl1rK44wOaAPRJnLIrHesIQBCaWD_-HTo55IJhMkQWKEfiyQJvxes_XXKzJO1Ri9Ig== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 144ms
143ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUM_CrDTCfDm3OYUIDNBsUvOtBmclbYPtvzbsBTe5E--vKTLNrLZkp7r19uIUGjFP5Dw3FDtl1rK44wOaAPRJnLIrHesIQBCaWD_-HTo55IJhMkQWKEfiyQJvxes_XXKzJO1Ri9Ig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1OTY5MzU4LDIxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9naWZ5dS5jb20vajg4YmV0eHl6IixudWxsLFtbOCwiN1d1dHZ0aUFOSlkiXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.7WutvtiANJY.es5.O/am=AgM/d=1/rs=AJlcJMzriX690I_YLBSGKRxB1_slEeXEbg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

3c29de357ecbf395a2d428d8e09ac37dc99371fc98a8fc7ac02f32d756104011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O7ND5pDTI4ws_s3RncAj9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-O7ND5pDTI4ws_s3RncAj9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxEI8HOd2zdvEJrDh7YUeRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1NDMz0Dw_gCAwCUIUOc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 159ms
159ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240515&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

43ab27bd957211d9cbf320c5ce2bd0b8ba29f5f05c47f7389064c3aef32a5858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12568
x-xss-protection: 0

POST
H3 204 rum Show response
gifyu.com/cdn-cgi/ 0
137 B 118ms
117ms XHR
text/plain 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gifyu.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gifyu.com/j88betxyz
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gifyu.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 88558eca2df99b43-FRA

GET
H3 200 favicon_1515837356961_97d28a.png
gifyu.com/content/images/system/ 2 KB
2 KB 122ms
122ms Other
image/png 104.21.235.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gifyu.com/content/images/system/favicon_1515837356961_97d28a.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e8b629cfeccb9cc600250024ee647f4e5e126b6c51582eb1b60a84b4e7efe6

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/j88betxyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5804
alt-svc: h3=":443"; ma=86400
content-length: 1944
cf-bgj: h2pri,csam-hash
last-modified: Sat, 13 Jan 2018 09:55:56 GMT
server: cloudflare
etag: "5a59d7ac-798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDcmvvWZ7NhofX3CVWMcZiNJ4z2v9QPxbug4WlIOeV1eOawsud3DG5hoyOmT5YD3iZFZwmm2whz%2F7ZiIc1sUsobHagwloqxL%2FusPBKO63OID5UFzkhoO5hB5REg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 88558eca2dfd9b43-FRA
priority: u=1,i

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 363ms
129ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 May 2024 18:09:18 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5048 0
0 341ms
111ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
age: 9086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 15:37:53 GMT
expires: Sat, 17 May 2025 15:37:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame ED28 0
0 364ms
128ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G8XKYfJrhkjYUd3odl8Gsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-G8XKYfJrhkjYUd3odl8Gsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 18:09:19 GMT
expires: Fri, 17 May 2024 18:09:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxWhKXC5Pr731yZV71QpwBYKZVcuOYESDxJyggYs3cYIZeCTKNNazVTnNyF5zJeflI2_-AY0E8NfepD6rmNgT9NtPel0rlrnAa0abIJfmYUkVkj3hM7ufPPiwRQ7kIyPpcZ3lZ5GUQpmuGUlGewvaY7-AJ9Dl... 54 B
110 B 132ms
131ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhKXC5Pr731yZV71QpwBYKZVcuOYESDxJyggYs3cYIZeCTKNNazVTnNyF5zJeflI2_-AY0E8NfepD6rmNgT9NtPel0rlrnAa0abIJfmYUkVkj3hM7ufPPiwRQ7kIyPpcZ3lZ5GUQpmuGUlGewvaY7-AJ9DlSkOzs6YJdETMlhtwFqA0AnV0jcyNIFW/_/adnetwork300./lazyad-.dartconfig.js/adops.-advertisement-management/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.7WutvtiANJY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxRaT0UT8BWo5uHMaxbGOgHVXhwTQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

89e9b2cfb5b9e9978a04eec7fbfe9a40ceabb18262ada45bfea18b373a22dd32

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5WF7SyuGykuuOhLu--lWEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5WF7SyuGykuuOhLu--lWEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxELcHOd3zdvEJtDw7Q-_kkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBqaGZnoFhfIEBAFF1Qy8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 117ms
117ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 12:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 May 2024 12:13:29 GMT

POST
H3 204 AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 360ms
133ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4R1AqQRFffaCKR7qkWlUHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4R1AqQRFffaCKR7qkWlUHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1pBicEqfwRoCxELcHOd3zdvEJtCwZkadkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU00zMwiy8wAACJZSIK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gifyu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9kaNhOTp_5fhA8bnWmFDiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-9kaNhOTp_5fhA8bnWmFDiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBicEqfwRoCxELcHOd3zdvEJnBg-b0aJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGpopmdgFl9gAACwkiKR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gifyu.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c5cvygTEDwSsu9W4uPkIWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c5cvygTEDwSsu9W4uPkIWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0ZBicEqfwRoCxELcHOd3zdvEJtAw43e1kktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU00zMwiy8wAACfEyJX"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gifyu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BlWVSwKkUaiwnnyZ4ksg-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-BlWVSwKkUaiwnnyZ4ksg-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1pBicEqfwRoCxELcHOd3zdvEJtDwf02NkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU00zMwiy8wAACmIiJv"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gifyu.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU7oo32r9dn8ctw3LYzkND2q3jm1duBifU4FpoZv6zq-KOqZFtsowUeRRQhCIANfM8FVsfAJlcwsuCq8LPvcGGD-jKc5FrdWKaMLlk074QYjXb_lxKykL76umu7Fx-vTXd5M6uhhA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 141ms
140ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU7oo32r9dn8ctw3LYzkND2q3jm1duBifU4FpoZv6zq-KOqZFtsowUeRRQhCIANfM8FVsfAJlcwsuCq8LPvcGGD-jKc5FrdWKaMLlk074QYjXb_lxKykL76umu7Fx-vTXd5M6uhhA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1OTY5MzU5LDExMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2lmeXUuY29tL2o4OGJldHh5eiIsbnVsbCxbWzgsIjdXdXR2dGlBTkpZIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

129d164514c403aeaee1c1c4faf0a5dcf0d1d8e9fc8494b649926eb12c1f37b9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R36i18dlrt-jgzL26ErRxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R36i18dlrt-jgzL26ErRxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0ZBiUAzbyXTe6Q7TdSA20HjOZAHEEl9fMmkAcczz6awpQOyUPoM1CIh96mewxgBx681zrFOBOOnfedYiIN65-ALrQSBedeQC6yYgbv98gXU6EH9nv8j6H4iFuDnO75q3iU1gx5-PUUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGZnoGhvEFBgAdZkTU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWmqdXrGGGKEOqviW5LPR8yJndzxaXGia5En4tdNx68YFr1f2fP0kIr2efkTHII6XcZMs3XVkdWYcRwsz1kt79gWrKlfeNhWP-r6nHfA-lii2SpRPAP50TeS5K2fuEeE9CMiCgnxw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 141ms
140ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWmqdXrGGGKEOqviW5LPR8yJndzxaXGia5En4tdNx68YFr1f2fP0kIr2efkTHII6XcZMs3XVkdWYcRwsz1kt79gWrKlfeNhWP-r6nHfA-lii2SpRPAP50TeS5K2fuEeE9CMiCgnxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1OTY5MzU5LDI2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9naWZ5dS5jb20vajg4YmV0eHl6IixudWxsLFtbOCwiN1d1dHZ0aUFOSlkiXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

df4fac14580ac630069d0766e2d3b0e74e68e603f6bda8c85a349f6a72b63bd0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nNV5Pxa_bECq4tac7VzH6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://gifyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nNV5Pxa_bECq4tac7VzH6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxEI8HOd3zdvEJvBh1c5FjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGZnoGhvEFBgCUZUOa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW96rUCKgaicmVj-7qx8J8Tz3KoCI_VqbBZYQgBj3oYFQsw82AnqK6UZeuKAcn68LI_aToALrQUC7GaK-DCNg256VUQdJOefkx2o3ZW0Ob19UYZ0QV5AX8m0JYNB9X9fRdSMBsqMA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 127ms
126ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW96rUCKgaicmVj-7qx8J8Tz3KoCI_VqbBZYQgBj3oYFQsw82AnqK6UZeuKAcn68LI_aToALrQUC7GaK-DCNg256VUQdJOefkx2o3ZW0Ob19UYZ0QV5AX8m0JYNB9X9fRdSMBsqMA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v-qlww30OEGU1jDlvZRAPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v-qlww30OEGU1jDlvZRAPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxEI8HOd3zdvEJvBj3e0HjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0EzPwCy-wAAA4lAjIw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gifyu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcNpyBNRz6I856GMeEA9dKXGgFpFG7lmVikEGkMjhitR-bKXqWKlLhKWjqj70h91UQy2GoPSvFh2SQZjVvOueQBQ1n2d6qpWYt_OJLajeFOoLkH4EelVmGVwdK-aXyOravUcNWYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PCOQbHXlS3EJFVaOQeH6UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gifyu.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 May 2024 18:09:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-PCOQbHXlS3EJFVaOQeH6UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxEI8HOd3zdvEJvBj7rrHjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0EzPwCy-wAAA1Aki7w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gifyu.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240515&jk=74801589070617&bg=!hYalhsnNAAaTdHvKs3Q7ADQBe5WfOMRLe9eVdEEmVw01NYIDONj8fFd2UiV6jL2mwtO2Fyx377qLjTl7mTPJ2BLqx34nAgAAADxSAAAAAmgBB34ANadJiasdm32MeCCs92-oD6zPlCdfj9csfcrHC4UMNdJevwp5QPqJ58wrwLWuWK9rsEAVzVMemQKYOONywzAU6VZ0ae6nlmPeRMhv2uYDZzgAi5Aa6eYqkHNMLihQXbTDTgHsaUgs2jP7Ofy3rEOHlbz_kPwCLdAzGqjNMp6g4E_kHzPugwsnrh1P1zJW2XSrWYhXBTKoVejUtfSJvRuHpyzScgHR8rKUF9c66iRbb0PLK5YrOCMaR7rDyVxpk9HjL5oq3lRUo1Su6wSMBitd0hUjuy9mWXeaFNRjn0gTRKGTyHecj0rDN67xwDqKZM0vOASOxnqvvjId30x7EJc7cvsvHqyzi5mHu1Cr8Ntvy_rZt0uj2TivGVk61n1o-khe-RUGeoO9TEJGA-1X_iv96_vG28RmFlk-SbQBlVIHCtLoUNGBvFd0CH8vOTevfURQ5AV6ElmfQJU_Jl3g-_9vmBa6W7TVQ5GyIoi9TLYfdJY9--Ka17NS6o2BnqFP_kV_bGXlR2QYU7fQq9VIFuirjVbY5rsRVl4waoifV9pp0ou4aq-dTGS18DOjHD5baLA085liXyvDC13G-9JzLdkxcHsFR6ebpAmCe1LPZkGjvH5He6WP29ncQb5BDhIPigVVnft5C4g6TuIgYLPIWhihmwReWBxmTP9gAYNWIkUMrkuOSNExDQHSatrWNJ1TCbp1tY3Wo73gMtjJypZWH3Wfww3UfMNl3AyBW_wEwmDG0mKmM0MQ1mu_MNXbxFcPCsflIWdbNSUM1LS4DZ9gEAkmCvyR6FULX30oDM7PJFi_fsot8GwY2GoBNn_YeVyH15-qzXGYrgWsFdck3al3CpbAvz-i9ECjnsBtB8HSwbBOydnsCTsekhSlannI_uYpAOxCOlri9Vo5rv95V7UhjYcRJOwxBvcTc3DrIyDby-x_cREPjE4LtTgIm7eV9CWbWchJMA

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gifyu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: s37tsghg0cte4qvjf4u593f448
.gifyu.com/	1970-01-21 06:15:29	Name: _ga Value: GA1.1.50297997.1715969357
.gifyu.com/	1970-01-21 06:15:29	Name: _ga_MN4E328XVD Value: GS1.1.1715969356.1.0.1715969356.60.0.0
.doubleclick.net/	1970-01-20 20:39:30	Name: test_cookie Value: CheckForPermission
.gifyu.com/	1970-01-21 06:01:05	Name: __gads Value: ID=74d383d561f5a851:T=1715969357:RT=1715969357:S=ALNI_MZxIJunIsiTCJUNdQG7UjwPhrXq3A
.gifyu.com/	1970-01-21 06:01:05	Name: __gpi Value: UID=00000e2205e2936e:T=1715969357:RT=1715969357:S=ALNI_MYRZrA0WJw3M4TWoHpkWsqFwP7Idg
.gifyu.com/	1970-01-21 00:58:41	Name: __eoi Value: ID=2383c462b3ff5490:T=1715969357:RT=1715969357:S=AA-AfjbbtvCFBJsdsgtNMx_Hnzpq
.gifyu.com/	1970-01-21 05:25:05	Name: FCNEC Value: %5B%5B%22AKsRol9jCcXgvvKzNOvuk7SX_t1h8BwrbibWmZYL-0TE9ZZPYLaHZ8XDONgTXOhmeDY9kd15lHbI9gnX1u3XTaYYcUmALKrWSrzV-TPKTQqoNqfWQu6kvVd5QD2iCocKK0qmkhrE68ijiLIyV41Hh-i3DQXVMpZZBA%3D%3D%22%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://gifyu.com/j88betxyz Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gifyu.com/j88betxyz Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fundingchoicesmessages.google.com
gifyu.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s9.gifyu.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.co.il
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.16.79.73
104.21.235.53
142.250.184.226
142.250.185.78
142.250.186.129
142.250.186.163
142.250.186.68
172.217.16.200
173.194.76.157
216.239.32.181
65.21.74.205
129d164514c403aeaee1c1c4faf0a5dcf0d1d8e9fc8494b649926eb12c1f37b9
13e8b629cfeccb9cc600250024ee647f4e5e126b6c51582eb1b60a84b4e7efe6
2153e915beaff7acc17643951e8f366eb1201a564af7afb567347fc737a9d98e
2ef56e0c7d530369c91614f1e323973ca28faffad04bbb97e68b0816ccf5673c
35c82e03c0c1858d6e95e6695f9d090dc90c5be8f8b79b3f22232044b381f225
396a156d9caec99d5f2844ecced34ba379e1449c9be8362a6f50d24117d6ed8e
3c29de357ecbf395a2d428d8e09ac37dc99371fc98a8fc7ac02f32d756104011
43ab27bd957211d9cbf320c5ce2bd0b8ba29f5f05c47f7389064c3aef32a5858
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6ef313ba19a4592c81ce70b4088c084ae30f0337cf0d6182d0e08c94ccaa49f6
724e2e6c2c1817679e7b45e9c18bb93f0d099090299297fa31a148f9f61ee0cb
7bcf5431a41c12d17b53100cb60471ccb5d6d538d5f4d797c485255c52bf47d7
82cc4b6e253420ebdb4a7ab6922a779007e62e71f7e837f86c94fd712368e5a9
89e9b2cfb5b9e9978a04eec7fbfe9a40ceabb18262ada45bfea18b373a22dd32
8b8102d58078a9ad6b7f160bd0808840516231e42f6ffb332147f8cfb36c165c
8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692
8ca1d96ed582f348daeb4f1a3207a9051ac730a36d125444cfc65f86081e4355
a48e66e8772080e5affc86bbc23ac2fd57863e2347e2d0a24fa5e4125b3fc5f4
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b80f019d22a3435a2f18cfb4ee4186526baddf99fc013e59ea05eef324ab1bc6
bca64743790c8283b8b0ee6be210aa841ced66ff9b8d54af633d5589c180632e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
df4fac14580ac630069d0766e2d3b0e74e68e603f6bda8c85a349f6a72b63bd0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

gifyu.com Open in urlscan Pro 104.21.235.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

0 %IPv6

7 Domains

12 Subdomains

12 IPs

3 Countries

825 kBTransfer

2183 kBSize

8 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gifyu.com Open in urlscan Pro
104.21.235.53 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

12
Subdomains

12
IPs

3
Countries

825 kB
Transfer

2183 kB
Size

8
Cookies

45 HTTP transactions
0 data transactions