t.ly
104.20.7.133 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.ly/8SJ81 9yr old
Effective URL:
https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81 9yr old
Submission: On May 26 via manual (May 26th 2025, 1:21:06 am UTC) from AU — Scanned from AU

Summary HTTP 141 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 17 domains to perform 141 HTTP transactions. The main IP is 104.20.7.133, located in and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 25218. 9yr old
TLS certificate: Issued by WE1 on March 28th 2025. Valid for: 3mo.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	104.20.7.133 104.20.7.133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4006:813::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:277... 2600:9000:2774:6c00:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4006:814::200e	15169 (GOOGLE) (GOOGLE)
3	172.217.14.68 172.217.14.68	15169 (GOOGLE) (GOOGLE)
1 14	142.250.67.2 142.250.67.2	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
4 8	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
1	142.250.72.131 142.250.72.131	15169 (GOOGLE) (GOOGLE)
2	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4006:809::2001	15169 (GOOGLE) (GOOGLE)
1 3	2404:6800:400... 2404:6800:4006:809::200e	15169 (GOOGLE) (GOOGLE)
10	142.250.66.238 142.250.66.238	15169 (GOOGLE) (GOOGLE)
2	18.67.93.102 18.67.93.102	16509 (AMAZON-02) (AMAZON-02)
1	34.111.60.239 34.111.60.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2404:6800:400... 2404:6800:4006:811::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:809::2006	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c00::5f	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4006:810::200a	15169 (GOOGLE) (GOOGLE)
2	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	35.213.89.133 35.213.89.133	15169 (GOOGLE) (GOOGLE)
3 6	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2c0f:fb50:400... 2c0f:fb50:4002:80c::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
1	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
2	142.250.72.161 142.250.72.161	15169 (GOOGLE) (GOOGLE)
1 1	173.194.28.10 173.194.28.10	15169 (GOOGLE) (GOOGLE)
2	74.125.152.70 74.125.152.70	15169 (GOOGLE) (GOOGLE)
2	142.250.72.134 142.250.72.134	15169 (GOOGLE) (GOOGLE)
1	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
141	35

26 104.20.7.133 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
blog.t.ly 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

28 172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2404:6800:4006:813::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:2774:6c00:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.95.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2404:6800:4006:814::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.217.14.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s38-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 142.250.67.2 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net

googleads.g.doubleclick.net 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 142.250.71.66 (Plainview, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
cm.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.72.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s49-in-f3.1e100.net

www.google.com.au 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

www.google-analytics.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2404:6800:4006:809::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2404:6800:4006:809::200e (Sydney, Australia) 1 redirects

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
gcdn.2mdn.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 142.250.66.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net

fundingchoicesmessages.google.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 18.67.93.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-102.syd62.r.cloudfront.net

cdn.mediago.io 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com

images.mediago.io 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 2404:6800:4006:811::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2404:6800:4006:809::2006 (Sydney, Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2404:6800:4008:c00::5f (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2404:6800:4006:810::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtrace.mediago.io 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com

trace-jp.mediago.io 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 103.43.90.178 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2c0f:fb50:4002:80c::2003 (Kenya)

ASN15169 (GOOGLE, US)

csi.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

bid.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.72.161 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s50-in-f1.1e100.net

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 173.194.28.10 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s05-in-f10.1e100.net

r5---sn-ntqe6n76.c.2mdn.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 74.125.152.70 (United States)

ASN15169 (GOOGLE, US)
PTR: mel04s04-in-f6.1e100.net

r1---sn-hxa7zn7z.c.2mdn.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.72.134 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s49-in-f6.1e100.net

ad.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

ade.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 117 9yr old tpc.googlesyndication.com — Cisco Umbrella Rank: 184 13yr old ade.googlesyndication.com — Cisco Umbrella Rank: 358 9yr old	587 KB
26	t.ly 2 redirects t.ly — Cisco Umbrella Rank: 25218 9yr old blog.t.ly 5yr old	1 MB
24	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 56yr old td.doubleclick.net — Cisco Umbrella Rank: 341 3yr old cm.g.doubleclick.net — Cisco Umbrella Rank: 314 9yr old bid.g.doubleclick.net — Cisco Umbrella Rank: 1508 9yr old ad.doubleclick.net — Cisco Umbrella Rank: 159 9yr old	126 KB
15	google.com www.google.com — Cisco Umbrella Rank: 3 56yr old fundingchoicesmessages.google.com — Cisco Umbrella Rank: 733 7yr old	74 KB
6	gstatic.com csi.gstatic.com 9yr old fonts.gstatic.com 9yr old	40 KB
6	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 730 12yr old	5 KB
6	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 9612 6yr old images.mediago.io — Cisco Umbrella Rank: 8274 3yr old gtrace.mediago.io — Cisco Umbrella Rank: 4016 2yr old trace-jp.mediago.io — Cisco Umbrella Rank: 187432 4yr old	28 KB
5	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 410 9yr old gcdn.2mdn.net — Cisco Umbrella Rank: 1333 9yr old r5---sn-ntqe6n76.c.2mdn.net 4yr old r1---sn-hxa7zn7z.c.2mdn.net 4yr old	3 MB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 415 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 424 2yr old	26 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 60 56yr old	329 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 312 9yr old	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 56yr old imasdk.googleapis.com — Cisco Umbrella Rank: 527 9yr old	140 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 64 56yr old	22 KB
3	cloudflare.com 1 redirects cdnjs.cloudflare.com — Cisco Umbrella Rank: 271 13yr old challenges.cloudflare.com — Cisco Umbrella Rank: 2081 4yr old	22 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 24746 9yr old	64 B
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 24122 8yr old	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 605 7yr old	7 KB
141	17

	Domain	Requested by
28	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com ep2.adtrafficquality.google www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
20	t.ly	2 redirects t.ly static.cloudflareinsights.com
14	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com pagead2.googlesyndication.com t.ly googleads.g.doubleclick.net
12	tpc.googlesyndication.com	t.ly googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net cdn.mediago.io
6	blog.t.ly
5	csi.gstatic.com	imasdk.googleapis.com
5	www.googletagmanager.com	t.ly www.googletagmanager.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
3	www.google.com	www.googletagmanager.com ep2.adtrafficquality.google
2	ad.doubleclick.net	t.ly imasdk.googleapis.com
2	r1---sn-hxa7zn7z.c.2mdn.net
2	gtrace.mediago.io	googleads.g.doubleclick.net cdn.mediago.io
2	cdn.mediago.io	t.ly googleads.g.doubleclick.net
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
2	challenges.cloudflare.com	1 redirects
1	ade.googlesyndication.com
1	r5---sn-ntqe6n76.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	trace-jp.mediago.io	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	images.mediago.io	t.ly
1	www.google.com.au
1	td.doubleclick.net	www.googletagmanager.com
1	r.wdfl.co	t.ly
1	cdnjs.cloudflare.com	t.ly
1	static.cloudflareinsights.com	t.ly
141	35

This site contains links to these domains. Also see Links.

Domain
x.com
www.facebook.com
www.linkedin.com
chromewebstore.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com
adssettings.google.com
cdn.mediago.io
trace.popin.cc
ad.doubleclick.net

Subject Issuer	Validity	Valid
t.ly WE1	`2025-03-28` - `2025-06-26`	3mo	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3mo	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3mo	crt.sh
*.g.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
r.wdfl.co Amazon RSA 2048 M02	`2024-08-02` - `2025-08-30`	1yr	crt.sh
*.google.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
adtrafficquality.google WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google.com.au WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.mediago.io Amazon RSA 2048 M03	`2024-07-07` - `2025-08-04`	1yr	crt.sh
tpc.googlesyndication.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.gstatic.com WR2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.c.docs.google.com WR2	`2025-05-20` - `2025-07-29`	2mo	crt.sh

This page contains 20 frames:

Primary Page: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81
Frame ID: A229D364EBE06A745589C8F6736961C2
Requests: 62 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js
Frame ID: 5040DCCA30FE4C6FD71A54BF9A8D4813
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10875945736?random=1748222468943&cv=11&fst=1748222468943&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&hn=www.googleadservices.com&frm=0&tiba=Free%20URL%20Shortener&npa=0&pscdl=noapi&auid=1488930346.1748222469&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: BB331DCEB272CCE9CFCDD590CDBC203B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Ft.ly
Frame ID: 991065120FC6478472C13BE2820E50EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: 56A3D959DEB1A5B780F816559034CF20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748222467&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14172876740403959&aiapmi=0.16&aiact=0.5855296252670694&aicct=0.7&ailct=0.6697513670900843&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222468786&bpp=7&bdt=609&idt=236&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5985093623993&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: CFFE91EE2F9BF9DE2DDA609050853387
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222468793&bpp=1&bdt=617&idt=269&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=277
Frame ID: 52C5AF9A322FC4C873AA526CFD979778
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 511BE76B9516AE794040579356510F34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe?hl=en
Frame ID: 0F97D38C3F39969FD9BFFA89694D9D66
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3617422784&adf=1957998420&pi=t.aa~a.4962273~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&to=qs&pwprc=8670500221&format=1200x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222470309&bpp=1&bdt=2132&idt=-M&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db124da15d28540b6%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MaesCV7KccK5l-GC6kmjofv_rhi6A&gpic=UID%3D000010e775ef2672%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MYxwBUXDyUdPkKto8Ci2QYA0STyTw&eo_id_str=ID%3D09232f25a0e55c65%3AT%3D1748222469%3ART%3D1748222469%3AS%3DAA-Afjb9aJT-3gkwbk7kDbOpfPPf&prev_fmts=0x0%2C1110x280&nras=2&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=446
Frame ID: 88DEE1493ABD03BEAEADEA8590316460
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3422485851&adf=4089986722&pi=t.aa~a.2817915557~rp.4&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&to=qs&pwprc=8670500221&format=1110x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222470309&bpp=1&bdt=2132&idt=-M&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db124da15d28540b6%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MaesCV7KccK5l-GC6kmjofv_rhi6A&gpic=UID%3D000010e775ef2672%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MYxwBUXDyUdPkKto8Ci2QYA0STyTw&eo_id_str=ID%3D09232f25a0e55c65%3AT%3D1748222469%3ART%3D1748222469%3AS%3DAA-Afjb9aJT-3gkwbk7kDbOpfPPf&prev_fmts=0x0%2C1110x280%2C1200x280&nras=3&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=449
Frame ID: 222A7115FCD0ADA4FE60F7C9424F1AA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: B4803DB51AFC334FBE60CD6CD955DB60
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: 432819125E5D0E72DCEB11FC0EEA1681
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: A15EE3DA471FABF08441791FA3B47FF3
Requests: 26 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/template/style/style_banner_d854f3.css
Frame ID: 9746A74261D1520703795C9DADC69D2F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQ6dfVlAYYkcb_swIwAQ&v=APEucNVTTvnJdLNQ23ASvh_B-ZLaEwNJZ4lfajkSoM0FyECG1tseceuIFOappRQKB_6x6CQP7ORfQxn5OAJV0wI80jVAKzqY9Q
Frame ID: 4E32088C9530681F80B43DE397BECAC6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js
Frame ID: E795184EB35D39DB645ABD25C17999FC
Requests: 14 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Frame ID: 77D02130ED7E0427C1CDB08C3FEE1C5C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CDEA39121E62751E52E6BB7E41B0ECCA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4724D22AD15922C42959145BE0915D91
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL Shortener

Page URL History Show full URLs

https://t.ly/8SJ81 HTTP 301
https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Page Statistics

141
Requests

94 %
HTTPS

34 %
IPv6

17
Domains

35
Subdomains

35
IPs

7
Countries

5474 kB
Transfer

9579 kB
Size

26
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/TLYShortener
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TLYShortener
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tlyshortener/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://chromewebstore.google.com/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QCq6ulxIaRjQbNGZ6RzkIQgo1J0dNWj6I5awrT7OHlGfHaxj1w862gxARlUqJeBi4Ylmnnbvhj6kS362Q43IkoSVLLcmC477vJSxMsSs4Pse0wEEJnMXbWOUruZnP3wTS2T-nlHpqxE4EEZMhtI4ARcjDSKgVhAFQ3MWlMG0pWbPhAhPvM-3N8VV3f2EwMYCd_psWKsYtLRlHjBEQmL1FWXBG_YvS9IWX3mIlLqRf1h3pWgBOYhQpubbyBpdJo7itPxPCXzsAV1aY2dyu64Nvn21mMeHTceFYIF1WwvzFT0Ddza3hIsqCzGaBPPq5GU1HQ4AxgfGU9Tdq7FeXXtLgXCjxkAQ3PYPDxKXm9HxuYtOyMyAKs5ZgW1Yv59DfjxJiZjl8Kbt_LXpTxWYQ_5qtWGdI2D_M-d72850px7ZgEBnkuUdBIV-T4fp9Co5XYJJny0RZowZBMj9QV6xXpdlkk2V6HD9eF02V3qd_K5W0LX_01K716FQR96lapUoxzNgAToMY5gicIod00sN4_DIygkKAf_Jb_91TTVsBeRytxTkoL7Dm0ZYm0ouvOPGzVJr0n0iabtIp9UksjVkkq07jVilCurB2Oqq_PMsCipT-cqWoy69m5R_JQ4Wo0RC7poC4cfUBHvauB9ptVHnuYILYmtjeGzPX92MkWuM5lnpqN6L4PB9dyu0iR9SFBG7ObPIfvDWzGLA_EFecVYdZwBpU0Rmz-hB84q0h3N6Adjnha1d2u-J7Go4dfP-za4ofmgzQZ7VjzaqpVlYVaHFZYMq6Zh5ESiyPEmI84XgNJy0V5ll2towc5DMVY_IcBvX0AowDgZXVsqaEby1tyiBLwlOzQIz91MJK2brMYuZrkxFPWt6_0knm1yEfAFpPjvLYnD9XFgPJBxeb52oonRjJ1KsUeHj84I2uigEqL-4G7Ehf6Sg5fLDE77afyndIooPeVcuq7VoEB67msf3XVlmPdwfs4ZgnV4FoxR03Glq0NL9OFFLkfILPkyJS9WtJWOFrym-Bi7-9Vp7McQJ_0-JA9w2UeFpHRnqi_1BNEHKnqHM9VoLqwiLcp73z5KYof6OJvCzxr9SKylivgxE7yRhPc_uQhgueSHSHdFMpsLLWxYaDEDbev5Wb04Nu2I1dtFt1JrJpOF0kvwpDxU18bFD1-QvWsLflPgcGFpbg4BRa-D_nLbNZDuWLAzG25ME-QCvAKxsmjtUuIxMSCqMJv2m3zBSHVVOW6A9t7Qeyh2ZO_NmquFgjYdttnFPkUoCBLspDeCTC4_Bdq1zuPcxGKgvxldKdKEQPfYEBqSD5p9fqzAQ0L_4xbjDBne5Qr0pR2xkBLGizIWgX9zuiTijhRbHrW7L5ZLHmSC8viY8knxTrtvqRGjMC23J3Gjx_wgtWuOwmAAQUlX7hFPcvwSApZ1quuWPOLpai_sYgbAvIdq1cuF1aSe7Ef63CGHI6DxLJ93Krxq4DxmBbtn1r601FyXjTjLmAlIcMNT1VSBGv5S0dGgDwdD-gLBxJBx6vkit9szKdBDidbGLwnamiR9kti-Ru27iAoZpDZN33S4fzeYDEnhS1c1lo1e_BMiFHuyqlm1aOkyEoE9y6s2geiWpJh3vdKfpLS7e-DSU3oHsyWXj0H0GuKQtQTJPyOsg4SNMbP9Q18JN_yYda9Zbn9gFnQelGsMA22ju58nf75okVx5P0NXb20QqOCEQXmOUq-oKxFm3VPj_8wYp5mAzRxH0QKhIrWBVVptLr24uWsWhebjRe1sc4Lvf4lDRtpIv6i5c-1Yo3fj0O-ztDhp1Cq6QK7Y7NhzwnbkwwvRmr2KdSJv0ZPOysKV32CrcJpWU72qug8zFFTqip0bwkcheTEitZjlt3WEI9dKUhDd8Fvo6LJWReuVJU1voQ5Maw-RibeWiKrV8Jag4MvxHRrSPRhjB_YUO5cmB5_stumZ5d4eC8Tbz5Dp4V4-tqJ0HXRoaNHw8e-rui7VBi13Qjgt4weY-w144AwA68AEf6rlD0s9GYQYQio1FQiVhF8kcCViwoqo1-5I-VxUVlAPjKXrgbZtCnURJsNcj2l3I7krMw&opi=122715837

Search URL Search Domain Scan URL

URL: https://cdn.mediago.io/js/officialWebsite/policy.html

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=e8a4d72d36f70558e76277f73d94c706&acid=31136&data=Sj3_BYzD6cWh9ZdysO79beO_C5Fdyn1jVw8pOpQDoNuDSvMSkGclBjc-MLtpr41-CJ5IZjhkqryqNCmwEs-7wNn-aRitD06H5scCAJAbdRD6TyysZJwoEkrEt-_uKT58aROyKVjfkMYQDZ1UYUuFco-tAIDk32k8F_2eFkAcBlEEe_3uaFoALuFXpE18NZtaHCPDC3d35xM2dSlyG_XKs8eYCSACyxfaCOv1MhgCDpUQrzRKVAAhh63QEjO19TNV2FZG51u4bLIX-DsictJe2weCyzMrR-SyZ-S8tyvhUqS7QIuCrD0oypEL8VWQXAC0jQwb3cQAvSirYidNUTpK-2kfxAN54sXJPGutXen_sRKtkpYtcwjorjUUuzjiB4q-ixr1zLBXqY1yvP3AhSxNwcY6SFAtqEQxTiVCvjfFslEuDZVMwa5CzuImNkdereRcoaG8vZm4Q___SUso6wVlLojW3WDFXkfwfmgERV6nA98g5NH7oxmyEluwB6hPDNtjf_D529T4vyBv8oyOc1H-DkZ35PHi1XI4Du7i4KGGZ9cfhXq_HjsbFIWQGHScpEngQS2_v6H_Uvh19Dr-KxhXyBc4uBAnLjKhNq-t8BQwOz27cqVDBXPrWQ4YC6bddeZabIF5HekMKwM2SSh_Kl7jfw8tJx3Afa9oUfIZSVh03nXiw44gtr3QFf9Pz4MfYBYN9VHlOchnDSFgY_9SWvplMY9gQqWnyyaTJn__7CYuUCrIo_mBuGWBz6Ftjs3ZDh08XdpdGO5btHX6iOFPWN4IKt-9r5A7AOCHvdm22ercKFd5zciKitiKNMUa2VHt8w_4EX6sYNNwWxwUjDWBLKEB_73QEfvIAfu1zQv0MkA3sqcIDqizNy7imViXA73OkzZ7Ngmf8ifylSLrmA9vZtkiP77mG2pwjBAMzqYU0W-VM1UJNKgprVlLPAfy4OxD1lY_Zo5Nun3HNnBYtO6dGyneNgF9YQ6efaKzp6SFymFAMs0Ib1gyNPO_Bv_hQdKLRucOrZBIFanKvuwLn77WQcJbfmLJNtYkqvlxCxU7SO266bmA0kMmblPCTcO6CuwORhGGzewTUqg7n5rDfllWeBbyuPDIl6Ot5yyh7x2bp2_bbdloTHEX7rSJYydeXWXJKJ-1OLbssXJ91rd5QXQHBPZhCt4-n2EwVJGXACQ1S7PeWpooLZXkaSE5PrNBVKoTtrkCluDOHg3CKPtaR9vXgP_ITKCp9nHFGj7r8tACSB-tY_wEYV_teIkry4z17Cx_Vs9navdYZQ7J_EkpXDw3LHWB4JY1xqwV8N8Lq1jOiUKencCOP2UnUY8YbpYkjl6fE_R4ALLaFHlfJjQENxFLyjUwCtSoVeGlkhmRgaBgNyv4thJla007gAw7trIytYpHmPZH2lYTYA-sTOTnJin2HeOzlcZjBQBg1f45Cwo561QMohHpM0yaHgkapg4BpvE1uBqnl6nEW5zKPsC54zlBueNoFeCa6S_wE2SCTefeKC-4Q4HLGE7shcZCuDXbKTKnpEccAMN98ETbgi1FvJONqNao5Q44i7_7EFr3PbFNFFHeFNLgGyzT6MyOj9qjgGu2MCrF_xoGuKvEcYsRSY60u1LY7snXPBwv37p2Mwbz9xKcnoudCGZoDPQQ78ZlVEe0Xq7tmRPxdfelLg_nZkgBuPnaXHs24Q4fvRafNufUTMbadwIVOhJd1U35jSzq2MfnuOw7asoMTlz_o1i9FNfkG2OWGSNRxbh8OWP1wQ_eK-kfey9lhiLJMvYQET8ocW3LZDTHZQJdiiklTUzkz8RB5L6aFXhd_Ej2n8ZsHXXvBQyXrNkPsRcT2-x9W7abh6O-hc1iXWaH2WJSzXOzJXKTBCp_UuYu5qkO-A9Toj4Dr-ysJws6kYh7DwMD5ffP3_A-yeBA&uid=000010e774850191&mguid=&ap={AUCTION_PRICE}&tid=4&gprice=n1kU9vOwRnmAERfDDPe7ncM6-r0ODEGKnk7SvsBbPjY&campaignid=3396397&google_click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ByeBcIzaPqeDu6essUPiJuUiQibhIOKcuS-mIi1EcCNtwEQASAAYKWAgICYAYIBF2NhLXB1Yi01NTYxNzYzNTgxMzE0NDQ0yAEJqAMByAMCqgS6Ak_QAxRbJOiRsj8E1qyuxI_USXIkF00zkfdvbTFCUjYeMZ78kFTwOYNGyo1fP49B9Ox57veGkWavVUXYQJOrMd9OgJrr8JpDf1t4lmrrHau2QHKLH7DsfS_81wHTjzru2A2Y7-r3HfnCAQXvv9pJRPvvrQAyIVC7-HZS7SZdRFmyaVmO4sx4Q2WlBYsZ1GgKvi7ncMl9JdN86ByGQQBlpKhYY63W-iQ0Na6lD4X97TTpRSDp0JuDGpw7zqObJOVLu6wkEOxZWH715cjVoComZNErn4iDwhAynPBDv688RgJfQxrR25QTHpNbvWwVV14uECfpIIVHWwesx-zoiNns62Bz-LvXvJm7B9G1xFVbvmItrMNR4GGjvGJxJ4H_n25yzSHqDnu8iJLQA4mcf8tBgHDukh3RqvRlFwh9gAbfj92SnO3k5VKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7ECqAetvrECqAe_07EC2AcA0ggmCIBhEAEyAooCOg2AQIDAgICAgKiAAqADSL39wTpYkYmRmvy_jQP6CwIIAYAMAaoNAkFV6g0TCJSRsZr8v40DFW6PrAIdiA0lgdAVAYAXAbIXCRgMQgUIhY_4Lw%26num%3D1%26sig%3DAOD64_3BQT3xge30yAe_zWlPyeSNbh8n2w%26client%3Dca-pub-5561763581314444%26adurl%3D
Title: 11 Retirement Blunders Australian Millionaires AvoidFisher Investments Australia®OPEN

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/pcs/click?xai=AKAOjstbahvrAtovGmfdK_ygrjBtj7R9bc15ngv89lgSIEaagD2bQoPnrg1rbuQtJn9HrfHKfNNhgY1VmBs-4h09uxkBjlC1Eu17izjB0JZZ3tpsb6OFdOlbIaEyZ-iCil_4Q-6n4HIZzijTyIkvvsdCbJuCHYNV848qQhR6Y5Fay-Qdt0qMtQ-bMa7oPCHrl-vwksHIHxWnEiaVfYxIrhdKeXtVx-IEonnrZSF3nI3Y1JEXHyZLmt15kCsIuYWl7SrtO0eH3BCGLzPDdHDA3rnU9jfdjJj6G4_zRb58zZYSMIDzd1th7J71H7Y76Xya6VQAvpdZOynhvkn2PPR68HsNuOlkifaJsbDFc8uD4GoFhhVVR0i8iTm8sk6ahet5pvCUx7y74XC4BzuEtLt7ih4AEhiFUpw_kou9kYdDNqv-Dy3_RHqAVr-k4fY7FgDcc_E2UeklNPsaMZksJwcuoIR6jmEA8zo3GBMMAn0diwIs8culHBdjV1uE9XslFdHAOMA4PEUyYI-shwgkT0_93kB560f1-Y6r1PQDcJjHKGY3KjhHfhmqQbbGJY3Rr2IJ1burBgWZFp1H6zlkeGMQ4Awsg0X1hB2aEHr3QMZmuHE0fz8gZ4LFC5_oaAu9-lpoio06NseOL8X2R4Qn3Aha9FoXcCOvfllPbtUBWHeoRpb9oAjmdv6RAwIt3pdlJadgpAw25bM4efbylIv4EtxlaN7PfEoJ_TEEnKYJ_11T3TD7EHtqFsyN7bJ9KB-tjBvzmTf-8Bts62NoprcskSEVQcHq338j_t5Z28yGV60Kcrrb--xU0aFMbAGcrUvL0k4z5WQ47g-UOV2lpxG1ts08AVIdriQvXAhP6EZlsIJeZfLTuttI0gEuR5XTfUAJa7751MgU89-UFZSd8b91UEWkOyINjwGMwAySYl5tQqb0yRvBemJ7ur1aG3OI_5OxtcVSFzUMjyLlT6SVMfVbG1iacUxXkCd3pxTR569em-33QvJb5C4LGMOCF3BsEi_QU7_5pSPZPAU4QL1kGqcyb3kohTqwwiVDitu_4SmT4frU1bEgGrOg20RspxYfLKT6Jehg8elkO-8xOU_gRUVhwhY-iMxQJUgE90tYMYvRS_dM4_m3Y-PYgXLFCgx5gRd_5G4-unfC_AgQKoFwRLekjo8QYwA8aBWw6n4PqMPwcZf-McjgN8i0y_y4-sQwPeGGZfXIm2a3fTo2MQbTx4I-MjheBV00TrqDzjmuug-C-32YYnK1lqsf_XhqU049cQNFyMsfXOxy8qg3FliqVp5HuWWMyXMhBn6b8ghxibP-D3IjfzV1okPgldODgDdDmchF4p_vj7SF&sai=AMfl-YSHARBtaGSFflDbzDXIfkRmq0iu6gPxVErMgPQOkcuYQ8zGV4Zx4Eye7Fq_ASTuftW3Y_tHThhrDefnNZQXUQLmGLnFrPq_vWY5fRs2m97xWIDt7TzKG0LldtBeh_hgjTKE7t29i1RvDvMFvi_nDbpppCR5wtTVSmPMltAFhnaGiv9SNI9TnxRbwU68BGfa3MOecT65gkToQCHqrf8diFLlEre8cFZ9Gix-S5Zs60O4Y6x-fw2tvRTi__Qxn9w9aNrEzSynF1dS0hnB0w4lRgPaiIY71TRHz7tW_dB0xggaYJ-ZDI29l5HdRx0eotaAhojhz9P7VAAeJ7UwKtClcg&sig=Cg0ArKJSzOj_WDKJITVM&fbs_aeid=%5Bgw_fbsaeid%5D&crd=aHR0cHM6Ly9maXZlcnIuY29t&urlfix=1&adurl=https://www.fiverr.com/categories/online-marketing%3Fsource%3Dcategory_tree%3Futm_source%3Ddv360%26utm_medium%3Ddisplay%26utm_campaign%3Ddv_ge-au_crt-all_dv-desktop-performance%26utm_term%3Ddv_ge-au_display%26utm_content%3Ddigital-marketing-sma-mar%5Esma-marketer-green_160X600%26dclid%3D%25edclid!%26gad_source%3D7

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QAnlQt9-yTDTGDT4gbm6oJ5dlgYrH2EWtOYlkE0W9-3OkxRGD6SXdJMWAadRSX-irHgE_7GGICa_XRLHvNjO2zAuYe2fHqYNz3Kjgmah97eT9AxDnnIWeDST8GKcV9MczWdbfiHSTCTG4sRucqwCvCp2f9KQAo3aq8bRC7UjKjxhy8PSGW2s8mQ4id0D0OAey_LcQAV82rWaMTYPFglybIKtfwKZnz56ltBd_fwlk4qwUSvDxf-334xxVvQ2a66h7eyg9s8Sj1aYYI9HB0MfxMDSQA5GKBaBKL0hQCAazOpIwbT9cfi8pAZGlrTFxSslsAyylyxb_Bskbd3Eu5WIDiu5cM6hrJJ63ZYujZ6K8gFoPnQU3lr1RjE7b4PgyGGvl9AvWP_43jiV24CCSuRupaoI52AgKg7HfVnXMV6HXtKPxh0YkvQJx_xEGHqOr-ZhZIyxYakdTRlL_yzaGxAHgCMYKxUTdw84Wcb1oRDrLVBpglSR95aYuzgBYSwMlr1Mt6TF3sRQPkLXzlm9vUYtvStnRh9ut9FpWj6_97vGp1Fbim7ttThOTljH71sBMjpeMQ_QpyytfOn2ikufPVGrDn8yH3z0sljXUAJNNcOMJLj4o_gmt3z-idw8GYNJqvMI6yOYpY7iD831qSl7363UTo_R_MWhDcIZJ1tSf9xkCnFZ4JeZIqgF9DEJw5edoDdXXhTz43-XVDHLDhatm4vxscbDHCFceSI6Y1YXmRszqXCv1jCuXoschqfIuPvbvLeWY1ZhfaKdKtD92tD8fI3igIgYssD8j-bzIowiu1f4jovnlai1HGePNDmvfg7XBA74nLpKPI0ZB5Did1oNAEOELVL8V4UiKVMw2U2sSUM_Z2VwIfnTWUHyx1i2-XIjW08aj_bXqbV58kyu2swnwMhT1enpidhDWFIu25_G8_wGcWLV1T1xOzLend-_WjRRUURwjFZbPzxjJv6GS5SiiFGhz0iDoXSEvx7UbQJPj1Zn827JrXVwyY20aNqFBbEg1A4oEFZ6j1SY0EOJsIYkPuuSc0FWGgs-NQ6eWHSDJ4Ruu6_asPODB3_3p9oN3EyGWUXje06Bn6EWRQ4XkR1_H2_WnAUqxyI1xJoNhOOXR3Fy3zJj8jrmNwRppt6aXM4dGy3CEMwda22MgjIaeNmn9MN5aPKKjn-MoXxzdRdckh8yNcVJoh-2YyUwG_0a1h0Om3PPc5YoxJgRC7xeoLyiCCmvTy54RdlVkG6x0fHARPzHRpvDZg-3gAoSh9gZR7JadjwI83BGThze3_4gN5BhIbqzszTB7PI9YUuykG0PFhqX5wttngNHQ5ptuwSeaxELv7xm5A0fp-JMIgtDaOQphYLsQ6b-rIbP-95DNhtEfWd3Qz35e1gcKp05ZGpskssNJKIjEB-awaUpGAOYo1PQsFVysZE-TuX43OxGUegU0Qgd1UWnv_P2xWFCGvtW-Cy3YXhxlJw6aSKeh8yJiR3I1P9VxaKx-kw7nU2_M_TCBrbLBo0M4uyYkQvwDBJ4Vy1kXyFSYOYMclMtsBqi2_YGT3I_qgeSsuiu_JWfzR_ogLCSYcE7KCUwNfea4m3xd1ZaPg6p6YvlftTS6M6ry50OeXj5rVwXWxGYfHLTVfTQJwDjyy3gtBqEFt7tjPQEZvHeNXFl-XILZLSPfVbOOx0Iq7KEHJYcfqOzPvzG7WXBbrKc9afMMStHghZNerY9zpl1VNIVjbI7HvHKUOJpI56e6U-GoRvwFt_FFBUi889L1UuKUVML7K2hvUiZLOEnidv-XhP1E9Ioow1QCN5xR8hs12jLH0V32TjWuLm1DpzwZz4mxHG_hHrUbP8rQJYeTSPPP7O02kG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.ly/8SJ81 HTTP 301
https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js

Request Chain 27

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js

Request Chain 51

https://www.google.com/recaptcha/api2/aframe HTTP 307
https://www.google.com/recaptcha/api2/aframe?hl=en

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwuvE1iDdq3sgsbFQmKErQ&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDPCB4sFVWQABZXrAOJAnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOW7UPHX2JQQaw12PZzrIBM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOW7UPHX2JQQaw12PZzrIBM%26google_cver%3D1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0ODcwODI4NTE0OTI5MTcwOQ%3D%3D

Request Chain 120

https://gcdn.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/32222BFC5978D7312B728D05C2BB8F46D8116A2B.94B9C3E59898A124795E3F6F080C4338A63B2C2F/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-ntqe6n76.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/1929B343BAA706570DED5A84179334E088E50C70.39E65551F0D2A2DD8841AE009C1A897A7E489FF6/key/cms1/cms_redirect/yes/met/1748222472,/mh/ls/mip/2404:f780:4:def::2e/mm/42/mn/sn-ntqe6n76/ms/onc/mt/1748221278/mv/u/mvi/5/pl/48/rms/onc,onc/file/file.mp4 HTTP 302
https://r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/20E76A5752F9DD8B42A83A6AFD988CAACCDBEC2B.3EFF76BCA1B541DDFEA09E21126762386C09DD74/key/cms1/met/1748222472,/mh/ls/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-ntqse76/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351660/req_id/5af02fe08a93a3ee/cms_redirect/yes/ipbypass/yes/mip/103.216.220.74/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1748222194/mv/m/mvi/1?file=file.mp4

Request Chain 137

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBCtxZ6PGRjCgc-gAiABMAE&v=APEucNWhnP0VdbuQ996wKHf_1eLBmhi7_EFqheD9ovCopVXE1W4TMZrHKq9x398I5RJN6nQPMbV4MF7wdti-yBQr8WRfAF9YRyBysZLfLBkAGp2fpUqn0ys HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDPCB4sFVWQABZXrAOJAnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request url-shortener Show response
t.ly/free/
Redirect Chain

https://t.ly/8SJ81
https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

66 KB
18 KB

565ms
565ms

Document
text/html

104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e4a2ff4723939e347b2d46e19e29d3536dbb6632e86aebd873007181bec2945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 945974369db9d730-BNE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 May 2025 01:21:08 GMT
last-modified: Mon, 26 May 2025 01:21:07 GMT
priority: u=0,i
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, public, stale-if-error=86400, stale-while-revalidate=600
cf-cache-status: BYPASS
cf-ray: 945974318fbcd730-BNE
content-type: text/html; charset=UTF-8
date: Mon, 26 May 2025 01:21:07 GMT
location: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81
priority: u=0,i
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS" cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 301
x-frame-options: SAMEORIGIN
x-whom: tly-app
x-xss-protection: 1; mode=block

GET
H3 200 speculation
t.ly/cdn-cgi/ 128 B
376 B 25ms
25ms Other
application/speculationrules+json 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/speculation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743a3fead730-BNE
access-control-allow-origin: https://t.ly
alt-svc: h3=":443"; ma=86400
content-length: 128
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=4,i

GET
H3 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 16ms
16ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"682eb544-302c"
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743a3feed730-BNE
expires: Wed, 28 May 2025 01:21:08 GMT
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 05:25:24 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 app.css
t.ly/css/ 299 KB
57 KB 28ms
28ms Stylesheet
text/css 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/css/app.css?id=9834b9d71b9fb9ea6f7e

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4991ced4b5821e37addbf5298c7f3426ea754d84d14d60af46aca7d8f7d0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-4ab48"
age: 907631
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:13:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: text/css
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743a3ff2d730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 tly-logo-sm.png
t.ly/img/ 10 KB
10 KB 35ms
35ms Image
image/png 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

cf-cache-status: HIT
etag: "12cea601-2770"
age: 907628
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:14:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: image/png
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743a5844d730-BNE
x-whom: tly-app
accept-ranges: bytes
content-length: 10096
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
905 B 24ms
24ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"682eb544-4d7"
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743a4829d730-BNE
expires: Wed, 28 May 2025 01:21:08 GMT
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 05:25:24 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 59ms
27ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9459743a8df0d72d-BNE
access-control-allow-origin: *
date: Mon, 26 May 2025 01:21:08 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 42ms
25ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 271908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSe8JrYRFBp%2BjLPVagoc7W4bcuXLEclLeKQL5lwJ0fk6BVOron3wUVQTFFTbJeAUkz9TZuRRleVUhlJ%2FRw5CWDnQoIJqe0Wc83F3NYxJI5wtdXJopnpx7Eqwsl45vTDPVNXudOnn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 01:21:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=4,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9459743a7f0b487b-BNE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H3 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 153 KB
153 KB 40ms
39ms Font
font/woff2 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?fb8184add5a3101ad0a321db81c70285

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=9834b9d71b9fb9ea6f7e

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=9834b9d71b9fb9ea6f7e

Response headers

cf-cache-status: HIT
etag: "12cea601-26350"
age: 907630
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:13:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743ab94bd730-BNE
x-whom: tly-app
accept-ranges: bytes
content-length: 156496
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 normal.woff2
t.ly/cf-fonts/s/lobster/5.0.18/latin/400/ 33 KB
33 KB 320ms
320ms Font
font/woff2 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cf-fonts/s/lobster/5.0.18/latin/400/normal.woff2

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743ab94fd730-BNE
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 33896
date: Mon, 26 May 2025 01:21:08 GMT
content-type: font/woff2
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 115 KB
115 KB 28ms
27ms Font
font/woff2 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?8d3cabfc66809162fb4d7109aefa44dc

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=9834b9d71b9fb9ea6f7e

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/css/app.css?id=9834b9d71b9fb9ea6f7e

Response headers

cf-cache-status: HIT
etag: "12cea601-1ca7c"
age: 907630
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:13:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: font/woff2
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743ab951d730-BNE
x-whom: tly-app
accept-ranges: bytes
content-length: 117372
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 28ms
27ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/js/sweetalert.min.js?id=abedaaba10307a01ba0d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-9807"
age: 907630
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:13:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743b3aacd730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 app.js Show response
t.ly/js/ 947 KB
288 KB 28ms
26ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/js/app.js?id=5764b63af4ef45fc37a9

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2248eba37f1a509e4c4c9e61f241f88d472ce5e2896b56e3346ce9ffb814b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-eca6d"
age: 907631
x-content-type-options: nosniff
expires: Fri, 15 May 2026 12:47:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743b3aafd730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 173 KB
53 KB 283ms
161ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

bec56f85c6c2a1ebb047a22e9244572f8bab60c5caaa0b6e425543971579e852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://t.ly
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 17985985423076889562
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 01:21:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54304
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 289ms
143ms Script
application/javascript 2404:6800:4006:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

386f75b973c93bb45246d68fc1dcf69bb50fb397d3008802bb2797af4510515d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 01:21:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 93305
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 136ms
26ms Script
text/javascript 2600:9000:2774:6c00:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:6c00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d809e56c153236ba79e52c12b94d181cb6c164bec6efb594b30589457030bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"3fcc9d6bfc0d7bb3f3d622bbd4f30a0a"
age: 927
via: 1.1 721ef19e45939954cd82c5c6b7f5854e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: SijWu_lUx3gEyI_iSNl6_3HyxRBgCXX-ulhO3EwrHFZRCwHSr2Re5w==
date: Mon, 26 May 2025 01:05:42 GMT
content-type: text/javascript
last-modified: Thu, 22 May 2025 15:24:55 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
112 KB 280ms
135ms Script
application/javascript 2404:6800:4006:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34e6fc6cf75ce2f509b981a8188323d44a40f155179f763907c8ff710a7d6d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 01:21:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 113691
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 8826.js Show response
t.ly/js/ 1 KB
1 KB 36ms
36ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/js/8826.js?id=8b2afb73de973631a615

Requested by

Host: t.ly
URL: https://t.ly/js/app.js?id=5764b63af4ef45fc37a9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae8a73a58f02b165d3477be50458267072a7a73bbec3865cbc0c7aa7a9a8b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-45b"
age: 907628
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:14:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743da93bd730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/ Frame 5040
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

8 KB
4 KB

19ms
19ms

Script
application/javascript

104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

Protocol

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b661fd32107724e41dd0976d4de86e8a587ff459a66bb974bf692ed260060cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743e0a7bd730-BNE
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
speculation-rules: "/cdn-cgi/speculation"
x-content-type-options: nosniff
cf-ray: 9459743dc999d730-BNE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 favicon.ico
t.ly/ 15 KB
3 KB 26ms
26ms Other
image/x-icon 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-3c2e"
age: 907240
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:14:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: image/x-icon
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743dc9a6d730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 96 KB
33 KB 121ms
120ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

34f164441ac1e14cd994906eae839ca5327e2955ae82a4264eaefc7e1bb5ac1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 6771535362270972688
age: 50014
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 11:27:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 11:27:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 34153
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 461 KB
155 KB 125ms
125ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 17257031994529967950
age: 69629
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 06:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 06:00:39 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 158476
x-xss-protection: 0
server: cafe

GET
H3 200 T.LY-Go-URL-Shortener-API-Client.jpg
blog.t.ly/wp-content/uploads/2025/03/ 29 KB
29 KB 37ms
32ms Image
image/jpeg 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/03/T.LY-Go-URL-Shortener-API-Client.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f7ae87b007d72f174428262ffb8bf8ada6ae258899c59ec7cf5e2c34b03c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "67cef68c-7303"
age: 3692
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=29443
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: image/jpeg
last-modified: Mon, 10 Mar 2025 14:26:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743e0a7fd730-BNE
accept-ranges: bytes
content-length: 29435
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 204 rum Show response
t.ly/cdn-cgi/ 0
133 B 19ms
18ms XHR
text/plain 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 9459743e0a76d730-BNE
access-control-allow-origin: https://t.ly
date: Mon, 26 May 2025 01:21:08 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 4010.js Show response
t.ly/js/ 155 KB
46 KB 27ms
27ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/js/4010.js?id=ecc220059f351ce56f97

Requested by

Host: t.ly
URL: https://t.ly/js/app.js?id=5764b63af4ef45fc37a9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42d49467f2e747aa93781cbcf0c373d1f8e0adc2546ef60c4156445c58a887d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-26cc2"
age: 907626
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:14:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743e1a8fd730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

GET
H3 200 1166.js Show response
t.ly/js/ 19 KB
7 KB 26ms
26ms Script
application/javascript 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/js/1166.js?id=19bfd34c537a6d4aa0c4

Requested by

Host: t.ly
URL: https://t.ly/js/app.js?id=5764b63af4ef45fc37a9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb72efb1dbe2b505518ae93c7ee33765323617ed040c136f91291fd51b47efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12cea601-4b67"
age: 907627
x-content-type-options: nosniff
expires: Fri, 15 May 2026 13:14:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-transform
speculation-rules: "/cdn-cgi/speculation"
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
cf-ray: 9459743e1a95d730-BNE
x-whom: tly-app
x-xss-protection: 1; mode=block
server: cloudflare
x-do-orig-status: 200

POST
H3 200 945974369db9d730 Show response
t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/0.6374122218231055:1748218199:oPGh382Sf6DjPPto8HswPA0OKFTngZsGZ_POuDAzaK4/ Frame 5040 0
602 B 25ms
20ms XHR
text/plain 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/0.6374122218231055:1748218199:oPGh382Sf6DjPPto8HswPA0OKFTngZsGZ_POuDAzaK4/945974369db9d730

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 9459743eac33d730-BNE
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Mon, 26 May 2025 01:21:08 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js

47 KB
16 KB

34ms
33ms

Script
application/javascript

104.18.95.41
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js
Protocol: H3
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 9459743f4e275745-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 12 May 2025 13:39:20 GMT
vary: Accept-Encoding
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/g/6fab0cec561d/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 9459743efde05745-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:08 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 365 KB
124 KB 135ms
134ms Script
application/javascript 2404:6800:4006:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5834ca5000f7de99111fbf1218da1c17d61ce2c440c169ba72a478e0163fc574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 01:21:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 126480
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 174ms
25ms Script
text/javascript 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
age: 3157
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 02:28:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 00:28:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 342ms
168ms Fetch
text/plain 172.217.14.68
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?tid=AW-10875945736&en=page_view&dl=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener&scrsrc=www.googletagmanager.com&frm=0&rnd=1481285450.1748222469&dt=Free%20URL%20Shortener&auid=1488930346.1748222469&navt=n&npa=0&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&tft=1748222468949&tfd=2184&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lax17s38-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 5 KB
2 KB 258ms
137ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1748222468943&cv=11&fst=1748222468943&bg=ffffff&guid=ON&async=1&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&hn=www.googleadservices.com&frm=0&tiba=Free%20URL%20Shortener&npa=0&pscdl=noapi&auid=1488930346.1748222469&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

61c121e3fd27df388b455a6d619f011c832d91efb53ef9cfee95e4daa260f217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1928
date: Mon, 26 May 2025 01:21:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10875945736 Show response
td.doubleclick.net/td/rul/ Frame BB33 13 B
523 B 278ms
130ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/10875945736?random=1748222468943&cv=11&fst=1748222468943&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&hn=www.googleadservices.com&frm=0&tiba=Free%20URL%20Shortener&npa=0&pscdl=noapi&auid=1488930346.1748222469&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 td
www.googletagmanager.com/ 0
371 B 122ms
122ms Image
text/plain 2404:6800:4006:813::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=AW-10875945736&v=3&t=t&pid=510584950&exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&dl=t.ly%2Ffree%2Furl-shortener&tdp=AW-10875945736;88461834;0;0;0&frm=0&bt=0&ct=3&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:813::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgtc:45:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:45:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:45:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:45:0
content-length: 0
date: Mon, 26 May 2025 01:21:09 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 TLY-Node-URL-Shortener-API-Package.jpg
blog.t.ly/wp-content/uploads/2025/03/ 26 KB
26 KB 268ms
267ms Image
image/jpeg 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/03/TLY-Node-URL-Shortener-API-Package.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b5eab0f5e64d247540ee1c49a9121c1f62e526691898be54c80b86a2d93b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "67c5b2b6-67f7"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=26615
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: image/jpeg
last-modified: Mon, 03 Mar 2025 13:46:30 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743f5e01d730-BNE
accept-ranges: bytes
content-length: 26607
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 What-Is-My-DNS.jpg
blog.t.ly/wp-content/uploads/2025/01/ 76 KB
76 KB 257ms
256ms Image
image/jpeg 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/01/What-Is-My-DNS.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621e889090eb5199a83dcbeece2d6b36d5a4057bdc9440ad3424dbc209d0b398

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "679cd8a9-1306b"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=77931
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: image/jpeg
last-modified: Fri, 31 Jan 2025 14:05:29 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743f5e06d730-BNE
accept-ranges: bytes
content-length: 77923
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Bitly-Showing-Ads.jpg
blog.t.ly/wp-content/uploads/2025/01/ 236 KB
236 KB 255ms
254ms Image
image/jpeg 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/01/Bitly-Showing-Ads.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6203b19318a9f38c0117a286d50171f5cec5f2b6788ae3746abc1c2e9637f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "6799090d-3b076"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=241782
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: image/jpeg
last-modified: Tue, 28 Jan 2025 16:42:53 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743f5e08d730-BNE
accept-ranges: bytes
content-length: 241774
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 What-is-a-top-level-domain.jpg
blog.t.ly/wp-content/uploads/2025/01/ 87 KB
88 KB 702ms
701ms Image
image/jpeg 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/01/What-is-a-top-level-domain.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b014e8c108cbb8a8e9023e7b77817113000919169af9af829e63d8aa66db5373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "677eed62-15dfc"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origSize=89596
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: image/jpeg
last-modified: Wed, 08 Jan 2025 21:25:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743f5e0bd730-BNE
accept-ranges: bytes
content-length: 89588
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2024-August-23rd-Google-URL-Shortener.png
blog.t.ly/wp-content/uploads/2025/01/ 11 KB
12 KB 699ms
698ms Image
image/webp 104.20.7.133
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://blog.t.ly/wp-content/uploads/2025/01/2024-August-23rd-Google-URL-Shortener.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.7.133 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8e2d03bdf493a223cdedef7d9c3a1f080a4ea116169dfc7477ddfc1ff0e5db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cf-bgj: imgq:100,h2pri,csam-hash
etag: "6775c7bb-35ba"
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=13754
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 01:21:09 GMT
content-type: image/webp
content-disposition: inline; filename="2024-August-23rd-Google-URL-Shortener.webp"
vary: Accept
priority: u=3,i
x-frame-options: SAMEORIGIN
last-modified: Wed, 01 Jan 2025 22:54:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9459743f5e0cd730-BNE
accept-ranges: bytes
content-length: 11522
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/55j0/ Frame 9910 3 KB
2 KB 170ms
26ms Document
text/html 2404:6800:4006:813::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Ft.ly

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 77817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 03:44:12 GMT
expires: Mon, 25 May 2026 03:44:12 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame 56A3 8 KB
4 KB 146ms
28ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 44318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 13:02:31 GMT
etag: 7658452531946828944
expires: Sun, 08 Jun 2025 13:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFFE 393 KB
97 KB 845ms
740ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748222467&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14172876740403959&aiapmi=0.16&aiact=0.5855296252670694&aicct=0.7&ailct=0.6697513670900843&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222468786&bpp=7&bdt=609&idt=236&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5985093623993&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

fbf08c5fac3bf57d0adb94715bde8ff531f88f1d13226a2c85fe136ffb51dece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:09 GMT
expires: Mon, 26 May 2025 01:21:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 294ms
173ms XHR
application/json 142.250.71.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250521&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

3a9dd037758f3135d9c6a0a414eb6042ba5f25e616186f5e55c5b56745dd13e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13250
date: Mon, 26 May 2025 01:21:09 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52C5 826 B
429 B 607ms
523ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222468793&bpp=1&bdt=617&idt=269&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

d24335344ec3938175dab44d47d4afc527deca2a363867f0c7a0ff93fa2cf228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:09 GMT
expires: Mon, 26 May 2025 01:21:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 158ms
157ms Fetch
text/html 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
442 B 122ms
121ms XHR
text/plain 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=247062244&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&ul=en-au&de=UTF-8&dt=Free%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1686890153&gjid=1261316418&cid=1328869968.1748222469&tid=UA-89207177-8&_gid=812804377.1748222469&_r=1&gtm=457e55l1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&jsscut=1&z=2024488778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 1
server: Golfe2

GET
H3 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
64 B 200ms
200ms Image
image/gif 172.217.14.68
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1748222468943&cv=11&fst=1748221200000&bg=ffffff&guid=ON&async=1&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&hn=www.googleadservices.com&frm=0&tiba=Free%20URL%20Shortener&npa=0&pscdl=noapi&auid=1488930346.1748222469&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyztAJSW8ZXgmLOmvDVZ7TRmZEcWa-ZcA&random=1088516131&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 01:21:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/10875945736/ 42 B
64 B 352ms
181ms Image
image/gif 142.250.72.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/10875945736/?random=1748222468943&cv=11&fst=1748221200000&bg=ffffff&guid=ON&async=1&gtm=45be55l1v888461834za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&hn=www.googleadservices.com&frm=0&tiba=Free%20URL%20Shortener&npa=0&pscdl=noapi&auid=1488930346.1748222469&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyztAJSW8ZXgmLOmvDVZ7TRmZEcWa-ZcA&random=1088516131&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 01:21:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 124ms
123ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je55l1v878425165za200&_p=1748222468596&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=1328869968.1748222469&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1748222469&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&dt=Free%20URL%20Shortener&en=page_view&_fv=1&_ss=1&tfd=2570
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:09 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 276ms
131ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:09 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 511B 13 KB
5 KB 168ms
25ms Document
text/html 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:04 GMT
expires: Mon, 26 May 2025 02:11:04 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

aframe Show response
www.google.com/recaptcha/api2/ Frame 0F97
Redirect Chain

https://www.google.com/recaptcha/api2/aframe
https://www.google.com/recaptcha/api2/aframe?hl=en

829 B
568 B

362ms
191ms

Document
text/html

172.217.14.68
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe?hl=en

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f4.1e100.net

Software

ESF /

Resource Hash

ab446ad0b4d35be2a3f1b450ac7ddd169643bc7ae70cadc775774b87a12a4e71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DKckzMysTzVCwfEqPbeTIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DKckzMysTzVCwfEqPbeTIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:09 GMT
expires: Mon, 26 May 2025 01:21:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Location: https://www.google.com/recaptcha/api2/aframe?hl=en
Non-Authoritative-Reason: WebRequest API

GET
H3 200 kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 511B 54 KB
21 KB 149ms
30ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

sffe /

Resource Hash

91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 84048
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 02:00:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 02:00:21 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21069
x-xss-protection: 0
server: sffe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F97 0
17 B 124ms
123ms Image
image/ 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20250521&jk=604812573179158&rc=

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe?hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:10 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 511B 0
40 B 25ms
24ms Image
text/plain 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?YWVeUA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 26 May 2025 01:21:10 GMT
cross-origin-resource-policy: cross-origin

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 185 KB
62 KB 27ms
27ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

a0543a5036c2902f28bf1d53b309c0d1cd204ca4921334027f7fefac118f3f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 4880483191758669950
age: 45361
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 12:45:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 12:45:09 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 63580
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 201 KB
65 KB 324ms
174ms Script
application/javascript 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?href=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbd57f3a0fb0e3099e6e731fa25cd520200b83d0e1dac255adccd7ce56f1583e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t4D7sqyTq0COaN108gQzaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:10 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0JBiOHHrNtMFIG69eY51MhAbKlxitQfi--susT4H4g_1l1l_AHGRxBXWBiD-VHWDVaD6BmsS-03WAiAOdbzJGgvCaTdZU4F4zcZbrJuBuEn7NmsXEJv53Wa1A2IhHo62lvMH2QQW_P9wilFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDI1MDUyEDPwCC-wAAA7QpE1g"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t4D7sqyTq0COaN108gQzaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 158ms
157ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&hl=en&pvc=604812573179158

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:10 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 162ms
161ms Fetch
text/html 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

POST
H3 204 AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 257ms
135ms XHR
text/html 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DAuNo6ZJv6ExCAVM4FSyag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:10 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBi-FB_mfUHEJv53Wa1A2IhHo62lvMH2QROnPm0lVnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRqYGhnpGZjHFxgAAJzEJ5A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DAuNo6ZJv6ExCAVM4FSyag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXkoypX6v80t3nE0phxrTui4t1nGqE9ZE7-vXdvojMyprptXbvdfr1YCPbd35mpYNLgHREvVoCt_lnmPwNs4zwXMXJqOrw6_OxXRbuB51o8Q1hQauca1XLxhoL21Yj_Er0j5V9llw== Show response
fundingchoicesmessages.google.com/f/ 2 KB
2 KB 142ms
141ms Script
application/javascript 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkoypX6v80t3nE0phxrTui4t1nGqE9ZE7-vXdvojMyprptXbvdfr1YCPbd35mpYNLgHREvVoCt_lnmPwNs4zwXMXJqOrw6_OxXRbuB51o8Q1hQauca1XLxhoL21Yj_Er0j5V9llw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjIyNDcwLDc0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5L2ZyZWUvdXJsLXNob3J0ZW5lciIsbnVsbCxbWzgsIm9hSzdhRm9fZi1VIl0sWzksImVuLUdCIl0sWzIzLCIxNzQ4MjIyNDY5Il0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyNSwiW1s5NTM0MDI1Myw5NTM0MDI1NV1dIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

914a3855310371617d18aa0750f7991094dc06a5ed940d93fa60989cdf71bf93

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-daw1eAt_2pugtAZEmJs_6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:10 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjNxlusm4G4Sfs2axcQm_ndZrUDYiEejraW8wfZBA7M_9rNrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqYGpkoGdgEF9gAACvhD9J"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-daw1eAt_2pugtAZEmJs_6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 88DE 436 B
236 B 519ms
519ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3617422784&adf=1957998420&pi=t.aa~a.4962273~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&to=qs&pwprc=8670500221&format=1200x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222470309&bpp=1&bdt=2132&idt=-M&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db124da15d28540b6%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MaesCV7KccK5l-GC6kmjofv_rhi6A&gpic=UID%3D000010e775ef2672%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MYxwBUXDyUdPkKto8Ci2QYA0STyTw&eo_id_str=ID%3D09232f25a0e55c65%3AT%3D1748222469%3ART%3D1748222469%3AS%3DAA-Afjb9aJT-3gkwbk7kDbOpfPPf&prev_fmts=0x0%2C1110x280&nras=2&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

3f953348e258927dbd5709e82a3b83ae900949c5509ce105132e8dce94610c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:11 GMT
expires: Mon, 26 May 2025 01:21:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 222A 436 B
237 B 615ms
614ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=3422485851&adf=4089986722&pi=t.aa~a.2817915557~rp.4&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1748222467&rafmt=1&to=qs&pwprc=8670500221&format=1110x280&url=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748222470309&bpp=1&bdt=2132&idt=-M&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db124da15d28540b6%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MaesCV7KccK5l-GC6kmjofv_rhi6A&gpic=UID%3D000010e775ef2672%3AT%3D1748222469%3ART%3D1748222469%3AS%3DALNI_MYxwBUXDyUdPkKto8Ci2QYA0STyTw&eo_id_str=ID%3D09232f25a0e55c65%3AT%3D1748222469%3ART%3D1748222469%3AS%3DAA-Afjb9aJT-3gkwbk7kDbOpfPPf&prev_fmts=0x0%2C1110x280%2C1200x280&nras=3&correlator=5985093623993&frm=20&pv=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95353387%2C95360609%2C95361620%2C95360955%2C95340253%2C95340255&oid=2&pvsid=604812573179158&tmod=1217486143&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=449

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

3dcb5b79a6ff331082b051dbc24d5bee2262316524377d002c1e76ebdedeb408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:11 GMT
expires: Mon, 26 May 2025 01:21:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame B480 8 KB
0 0ms
0ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 44318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 13:02:31 GMT
etag: 7658452531946828944
expires: Sun, 08 Jun 2025 13:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame 4328 8 KB
0 0ms
0ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 44318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 13:02:31 GMT
etag: 7658452531946828944
expires: Sun, 08 Jun 2025 13:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame A15E 8 KB
0 0ms
0ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 44318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 13:02:31 GMT
etag: 7658452531946828944
expires: Sun, 08 Jun 2025 13:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 style_banner_d854f3.css
cdn.mediago.io/js/template/style/ Frame 9746 2 KB
2 KB 87ms
29ms Stylesheet
text/css 18.67.93.102
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_d854f3.css
Requested by: Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-102.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a896c187a5496d2429f8cf2d9ba18630c1c578700b82814253d37bbae709bd75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/

Response headers

x-amz-version-id: WwXpB9L4GP2SeurJHamFb2ATurZ6FUMG
etag: "9d99d76b8f0e83676aa712736f35eaab"
age: 11416
via: 1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1769
x-amz-cf-id: kTcJE8aClU7EhZ2j6qI_2FrX6K3WuCg0h2hCsy2vlJjcX3iYxG5m3g==
date: Sun, 25 May 2025 22:10:55 GMT
content-type: text/css
last-modified: Tue, 20 May 2025 07:19:42 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 cfc70a11e7604a587ffffa64e0cd83d8__scv1__622x368.webp
images.mediago.io/ML/ Frame 9746 15 KB
16 KB 94ms
28ms Image
image/webp 34.111.60.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://images.mediago.io/ML/cfc70a11e7604a587ffffa64e0cd83d8__scv1__622x368.webp
Requested by: Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.60.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5cfe69f7ec8bac07256d009bb1aa59b645fa638ec074993bdd0b0e526d8d248c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
x-goog-hash: crc32c=TtOYZg==, md5=bLnpK+CE82MgSQb2c2XVHQ==
etag: "6cb9e92be084f363204906f67365d51d"
age: 2850
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 15594
date: Mon, 26 May 2025 00:33:40 GMT
last-modified: Mon, 31 Mar 2025 14:10:37 GMT
content-type: image/webp
x-guploader-uploadid: AAO2VwoldilxHvXsIdDofu_Bo6em7Vv7eMHJW7h5dYswBE5XfnZrZmMrqjlADLrH2i7wXELXUjOBXOwCQ6lh9g
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1743430237468869
content-length: 15594
server: UploadServer

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 9746 3 KB
1 KB 210ms
63ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 33598
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 16:01:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 16:01:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 9746 19 KB
8 KB 174ms
27ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 3000748235154339481
age: 20535
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 19:38:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 19:38:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8100
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9746 221 KB
68 KB 27ms
26ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 81102085050987160
age: 324
x-content-type-options: nosniff
expires: Mon, 26 May 2025 02:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 01:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=GB2312
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/ Frame B480 15 KB
6 KB 205ms
58ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a600e0549bec34387965d5e6a9b8a00dec77d990fe6ab15804df2a024f35ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 13402901166089415448
age: 49951
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 11:28:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 11:28:40 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 6396
x-xss-protection: 0
server: cafe

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/ Frame B480 22 KB
9 KB 199ms
54ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f28ed95f41a899e6edea68ef4b6f1ff865d8a688249f307480c323780dd18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 14839120528210523766
age: 33974
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 15:54:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 15:54:57 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9421
x-xss-protection: 0
server: cafe

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E32 624 B
246 B 127ms
127ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQ6dfVlAYYkcb_swIwAQ&v=APEucNVTTvnJdLNQ23ASvh_B-ZLaEwNJZ4lfajkSoM0FyECG1tseceuIFOappRQKB_6x6CQP7ORfQxn5OAJV0wI80jVAKzqY9Q

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:21:10 GMT
expires: Mon, 26 May 2025 01:21:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame E795 21 KB
8 KB 27ms
26ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 33129
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 16:09:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 16:09:01 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/ Frame E795 8 KB
3 KB 31ms
31ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250521/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

1657584221779c9f6943c52bb7fba23376c18be3e021da4168fab39d8bb7863a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 567199331036499589
age: 33129
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 16:09:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 16:09:01 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 3211
x-xss-protection: 0
server: cafe

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E795 41 KB
14 KB 136ms
34ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
age: 2535
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:28:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 00:38:56 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13937
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame E795 3 KB
0 166ms
166ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 33598
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 16:01:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 16:01:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame E795 19 KB
0 130ms
130ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 3000748235154339481
age: 20535
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 19:38:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 19:38:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8100
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E795 221 KB
0 0ms
0ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 81102085050987160
age: 324
x-content-type-options: nosniff
expires: Mon, 26 May 2025 02:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 01:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=GB2312
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E795 42 B
63 B 167ms
165ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bbb6f_Z72JgXbvbRgi6sSLlorQxAO7mBMVX1wzyVQOldH1D8-oy6XY-hDccpAo3FetAk52eLxfrtBVcUuWEIlXijo28d1HmYs_IoyaBrFqEGn91Ks

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 369646407147278652
s0.2mdn.net/simgad/ Frame E795 50 KB
50 KB 181ms
27ms Image
image/png 2404:6800:4006:809::2006
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/369646407147278652

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2006 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e82402a1c8bdb7a204f77658d7660625a6a4dd85eab083b946abdb1d4787fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 118269
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 16:30:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 24 May 2025 16:30:02 GMT
last-modified: Wed, 12 Mar 2025 09:35:43 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 50930
x-xss-protection: 0
server: sffe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame A15E 21 KB
9 KB 137ms
47ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 34564
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 15:45:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 15:45:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ Frame A15E 21 KB
2 KB 498ms
165ms Stylesheet
text/css 2404:6800:4008:c00::5f
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c00::5f Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3f6fbbaf241f43869963e04386efe736b3f15a0e74cf2ce39d6ca186a193e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 00:39:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/ Frame A15E 15 KB
3 KB 179ms
26ms Stylesheet
text/css 2404:6800:4006:810::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 113742
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 17:45:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 May 2025 17:45:29 GMT
last-modified: Mon, 28 Apr 2025 10:38:15 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2920
x-xss-protection: 0
server: sffe

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/ Frame A15E 386 KB
134 KB 179ms
28ms Script
text/javascript 2404:6800:4006:810::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4184e9546a3763fa242af235ca4090e944fddf77ae8e36eca7d67e3b3a35de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 37770
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 14:51:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 14:51:41 GMT
last-modified: Mon, 28 Apr 2025 10:38:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 137089
x-xss-protection: 0
server: sffe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame A15E 19 KB
0 116ms
116ms Script
text/javascript 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 3000748235154339481
age: 20535
x-content-type-options: nosniff
expires: Sun, 08 Jun 2025 19:38:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 25 May 2025 19:38:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8100
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 220ms
219ms Image
image/ 142.250.71.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20250521&jk=604812573179158&bg=!xMelx4jNAAYA59AtIOc7ADQBe5WfOEnx1rfDdeMW5NE2eJuE61FAVmu670vmYxEJI80dlKfmExePDRYUuE8etqY9TJuwAgAAAKFSAAAAA2gBB34ANmLh13PCw50JeWIUKrOwQn8tA6_yY9XW9N1KvEZJTbXnw9l6UCRK5b9MXYcmI6bADU4UCnBpopkCXBysZ98EXEZQYouEOmBJ0oPV4I1NjLTpeGin5VTdTAPW_tzXt7rsE2oNNiLVAx6lW_0SbveDAvgeVM-4rKSoL_Iu2uSTzEjUxWit3Dl3Z1PrshiXcFG8tIrMoEVyMLjkq3FKor4NOcQF3ZjIq7DXNoQUsN8PbHBkTHz3jtRe2jPUpMlUOeXl5KZZl7fx-jQ4c7PJid-utIB9N06X0pe6iJT0Uxh77R-NRTzCEdcZFqCwhvVIQSUe6Ao9zERzaghOCnp-xehL15wr_7OHtu0X0xUnO11855V3Y-zuvdyrOefEX21AY1ciZC5w7hpFE_BpKL_5MTEMU2zxkils5z3tweg4uJXjdOHcp6yb_cbeVzvFALUkFFeCxgeVMn0zFjlBlX408ngTNm_sqF2byvuuh_C_pNW6gufWkOI_DVLJWdr163GddPQeVMTRMJTvJfv8KB310DPskqq76m1Ym_BaEyvuQUy3ow4osCi0XEpbMbop2VS_jSsiRPQzW9ldVYheRi8r8z0AgL-3G7rTGwH8w7XC2eHkXAZ8g11sFoLbVBPwc-rDSG6MF9vCWEdtBgcTr0KtUdYSs4JJP38tATrwCFEmeeN9E1u3w-g0pF7x6sSgwWSZ7z-6PisefuuF76d_xyunx-762LlqMEYp1jOcwBmWsNgG6NAHka92vxJiNxNvNFdM-KMpT3GBle1cRi6iiH2BUbDEWwsHmQGsLlUy4UcN_DBPJMP8efxvBKBvuw75FmwKcaWpdcA7J8Y3Utnp6771gs6Nn3terMUO74bIjmo3BcMBX9JZbjTIUs8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/
server: cafe

POST
H2 200 c
gtrace.mediago.io/ju/log/ Frame 9746 0
197 B 644ms
212ms Ping
text/html 35.208.249.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://gtrace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=e8a4d72d36f70558e76277f73d94c706&mguid=&c_sync=1&app=DISPLAY_NONE&ext={%22msg%22:%22template%20init%20display%20none%22,%22time%22:1748222471032}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
content-type: text/html; charset=utf-8

GET
H2 200 cookieSync.html Show response
cdn.mediago.io/js/ Frame 77D0 9 KB
9 KB 83ms
28ms Document
text/html 18.67.93.102
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-102.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6615dfb85cbfac582b1002ca0331a3f63a3a9092cfbb119d7aee17d1debf459

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 38321
content-length: 9270
content-type: text/html
date: Sun, 25 May 2025 14:42:31 GMT
etag: "8bfa5e2e147c95bab729f3b9c1727e6f"
last-modified: Tue, 13 May 2025 09:43:23 GMT
server: AmazonS3
vary: Origin
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
x-amz-cf-id: wwBqJ2DnIyeKugntBIW4fd48pFIUqdVMZFnPVyJxarXJzeGku9gXlA==
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: jTK5XD59YGH97H1hKf_6.dh1DIcTNYuL
x-cache: Hit from cloudfront

GET
H2 204 ic
trace-jp.mediago.io/ju/ Frame 9746 0
194 B 588ms
195ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://trace-jp.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=e8a4d72d36f70558e76277f73d94c706&acid=31136&data=7dj3LY8YFiteCspF64KIgmM3hsa8sDodkho5UrhY-Kx2-0lZLijAxjJapM0ZcpGLKtsuCEEgy5c1RqVt-3C_V1-CLwhmR4750iAPvJ1O0GU3s4pKkg0T-rRjqVDQFzsgZ61JTWZSVdahGIfoqv1cNRxR4VCxZiqdf6pNhjElLhc16Jg4m-VVwZSFlW-GA_Jbmla0gG2zGTyoiaMX-qje9gsVOO0qV-1d_zuUpHz_lx_lcBcoDUwqW1DHEM9QuSkhaGfjbY1nthpHRtPOgjxwUfmpBFQHZnLYQbo0Qb7-GsIqV7ajg1JCtUM7gCVgRbVnJJKbMn1tHKVBCKM1GHYRdF3kKwkRY_l_Pn3w8WSk_YuGD7QA3mMGdWsm5Zg1uL0-F6bAxnes3sJ-kJgM1LqxG6OSkYMVzn3PnIxfaZC0JoX8l9_mDQMWhq5_EAXC2lUMu2v9FCVo9rMeMct2CJFxKBkHwoqaAY5DbHcY8jqQ0xlvy5hKOYUs1GFnmpOMGGsyV8SWVaxNoF04D5YYTw_RnrYBVFP9F1TZkhGS9eOzKNuR4BiyThUiUnwV5oieU0d1F9yUyVTawwfVHUA8Vfjob0DgTwLGq3qpetmTdI1-K5AZwpRteeOcCOtqJc5YD-kXthXgSmhQrqx4NJMegZ8rN7u8McI1xcOaUIHegbzpOXOL0youSzLawFXbRedJ_q1p8HCYS1zxT-QwwbToym_vMaGZJkFsh6WqzhiUco5EA_MwWnRMJG9LZFxpXku3nVhb-dMiciXq1izDVbXz0qAo3_S0_Fyf4THV5yHZKEWUTAGqRJRg0UtM4EYUadC23-CCYNeBiR4tvLctzuoxyjty0INNuiKWe5kWXCyMl1ql5RwErdQRnAlM_-1afRq58fSD0hnAGc9x2JVnmSg6ABsz-0TAItq_Ndc1fD52GsbyIME3i4HvRc1zgIHaKswC-2bVCQwMqzjlJLNLRcQr3s25ZTU_SYIOnRp4b8GoPQReXXVFU3kGRG6Rk7xhNC15OfsRBGvdfsKjRWENojy_NaQ2TpWmbc8UF5CM-UG54-n9jflsGRA_M6Och-qdRs5iznxtehwlfHclKrkuyb7RBe2NAjmVt8Q0qSAWrGWvH7MIZ09mW5cIBFqaKNj3ldhfPvpWp1IqToVgjcwDcdKS_c_1xMPbfcGztj3Cdm9bV7VYZ80YBkrDN03VAQbLLYxa1CNxvTjLkLOXyLC8eIC5M0yuCYWHtfZiX7lm5wy_sF_VFV0PcXgF5EKqrhUkU-6DppbBigV4Zn4bCKteOebbYEUVCVPtKKUXE2ONVDWXlll8T6EB5PM8Oih6YTlLRTHGHfMHbzTvZAKywQObzu-2LVHlMJZUHXnA9DzsCtc0fHAxN29eA5-hcue_99U1yorHLSgWXBUZZdxA6Edz0xGhjc4Jnc3hzFNS0HlJPi28b6TlUGmlH-X8mTmhrlwtfwQwMFl4m6bDAdn-GekpgMbzYsSe85tv_np_lZpUxB05kor_P6pgaWfO_eQD2uzGZLYHMxJ8&uid=000010e774850191&mguid=&ap={AUCTION_PRICE}&tid=4&c_sync=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:11 GMT
content-type: text/html; charset=utf-8

GET
H3 200 AGSKWxV2fX0Dq4YjjZENpktEItgKRszXOKfii_-Zq2wqOUjhX16KxsWFvAUt95RA9Gkto8ns9trKf9JteyCQ6IlKt3N3wS8e4tR8g36jzEftTq8gPho5R_QMeesaS7diTBfMshrWCH4Www== Show response
fundingchoicesmessages.google.com/f/ 10 KB
4 KB 156ms
155ms Script
application/javascript 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV2fX0Dq4YjjZENpktEItgKRszXOKfii_-Zq2wqOUjhX16KxsWFvAUt95RA9Gkto8ns9trKf9JteyCQ6IlKt3N3wS8e4tR8g36jzEftTq8gPho5R_QMeesaS7diTBfMshrWCH4Www==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjIyNDcxLDM4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly90Lmx5L2ZyZWUvdXJsLXNob3J0ZW5lciIsbnVsbCxbWzgsIm9hSzdhRm9fZi1VIl0sWzksImVuLUdCIl0sWzIzLCIxNzQ4MjIyNDY5Il0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyNSwiW1s5NTM0MDI1Myw5NTM0MDI1NV1dIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

df58bcca1c1e316b5f78f4046a1573c400eb234b4dc3cdbb634ea6ff513ca631

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JJYe4NUAHxOUBUbstob4ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:11 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBiOHHrNtMFIG69eY51OhAbKlxidQbi--susT4H4g_1l1l_AHGRxBXWFiD-VHWDVaT6BmsS-03WEiAOdbzJGgvCaTdZU4F418ZbrIeBuEn7NmsXEJv53Wa1A2Ihbo72lvMH2QRW7FhroaSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqYGpkoGdgEF9gAACgv0P-"
content-security-policy: script-src 'report-sample' 'nonce-JJYe4NUAHxOUBUbstob4ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4E32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwuvE1iDdq3sgsbFQmKErQ&google_cver=1

43 B
765 B

139ms
138ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwuvE1iDdq3sgsbFQmKErQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQ6dfVlAYYkcb_swIwAQ&v=APEucNVTTvnJdLNQ23ASvh_B-ZLaEwNJZ4lfajkSoM0FyECG1tseceuIFOappRQKB_6x6CQP7ORfQxn5OAJV0wI80jVAKzqY9Q
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4veB7qDBBjbO4IHxx8hik%2B9s62YcWnqOh1wZnrjLABnQ5zuf1o5VmjUu5L%2FhbOF%2BWabiI078rHxiZVHPOr80aFNP9ZYanpHAPMYStkmEsc2wmtr35%2BC9MayK5OJ3i6rN4U7ioq%2FHhgLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 26 May 2025 01:21:11 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=2,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 9459744e0c1aa80d-SYD
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwuvE1iDdq3sgsbFQmKErQ&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4E32
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDPCB4sFVWQABZXrAOJAnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1

43 B
764 B

135ms
134ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQ6dfVlAYYkcb_swIwAQ&v=APEucNVTTvnJdLNQ23ASvh_B-ZLaEwNJZ4lfajkSoM0FyECG1tseceuIFOappRQKB_6x6CQP7ORfQxn5OAJV0wI80jVAKzqY9Q
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHFjy8EFQcwMS%2Fr8K7Oji0StZoJMXec1c2YlNnJkBCJJYniyIs4GUIinNOK9Tc8SS6aS8J%2BE3v2Faq5olpvkRzVMEdE9LSjRF%2FhLvG3cz64JqIOPineI5%2FreRAusBPtM0nqA37l6rt8eew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 26 May 2025 01:21:11 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=2,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 94597450ae29a80d-SYD
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

bounce
ib.adnxs.com/ Frame 4E32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOW7UPHX2JQQaw12PZzrIBM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOW7UPHX2JQQaw12PZzrIBM%26google_cver%3D1

43 B
1 KB

240ms
239ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOW7UPHX2JQQaw12PZzrIBM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQ6dfVlAYYkcb_swIwAQ&v=APEucNVTTvnJdLNQ23ASvh_B-ZLaEwNJZ4lfajkSoM0FyECG1tseceuIFOappRQKB_6x6CQP7ORfQxn5OAJV0wI80jVAKzqY9Q

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.216.220.74; 103.216.220.74; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 66bf075f-403c-496b-9e34-722ce4f696ac
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOW7UPHX2JQQaw12PZzrIBM%26google_cver%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 103.216.220.74; 103.216.220.74; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 02994f45-9aea-4494-869a-1fe7e8814036
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E32
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0ODcwODI4NTE0OTI5MTcwOQ%3D%3D

170 B
188 B

125ms
125ms

Image
image/png

142.250.71.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0ODcwODI4NTE0OTI5MTcwOQ%3D%3D

Requested by

Protocol

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-store, no-cache, private
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0ODcwODI4NTE0OTI5MTcwOQ%3D%3D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.216.220.74; 103.216.220.74; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 2600d235-c474-4af5-bd6b-2920f3fb05aa
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9746 0
0 257ms
256ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9746 0
0 250ms
249ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E795 0
0 379ms
161ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E795 0
0 377ms
161ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E795 0
0 205ms
205ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9746 0
0 353ms
168ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CDEA 38 KB
13 KB 26ms
24ms Document
text/html 2404:6800:4006:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 01:20:38 GMT
expires: Mon, 26 May 2025 02:10:38 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 eplist Show response
gtrace.mediago.io/ju/cs/ Frame 77D0 153 B
496 B 433ms
216ms Script
application/javascript 35.208.249.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://gtrace.mediago.io/ju/cs/eplist?tn=41b6e88a2b85b0e731ef8e73e5558712&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fcdn.mediago.io&mcb=mmgg_1748222471247_819
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 4ee3aa5ec709ee84f32e8c70ccac4ae06fc8021372a05bedc0171bf57722092b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://cdn.mediago.io/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https%3A%2F%2Fcdn.mediago.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
date: Mon, 26 May 2025 01:21:11 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Content-Type

GET
H3 200 kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js Show response
pagead2.googlesyndication.com/bg/ Frame CDEA 54 KB
21 KB 26ms
26ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

sffe /

Resource Hash

91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 84050
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 02:00:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 02:00:21 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21069
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ Frame A15E 0
57 B 1627ms
602ms Ping
image/gif 2c0f:fb50:4002:80c::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~mb4eis7m&c=2559801839144&slotId=1279900919572&qqid=CL21kZr8v40DFW6PrAIdiA0lgQ&fb=outstream-lima&sei=44752538%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ Frame A15E 39 KB
39 KB 151ms
26ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/

Response headers

age: 157886
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 05:29:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 May 2025 05:29:45 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A15E 0
20 B 162ms
161ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cf5OeBcIzaP2eDu6essUPiJuUiQjeo4Guf6X-rMn1E8CNtwEQASC5nckPYKWAgICYAaAB_qqtoj7IAQWoAwHIA5sEqgTkAU_Q4dJMkKSWbD_A7VcxtEWltkVJXMwn9t7kZEphXMP-oY_BBfV9S9CxPhfThHpirwCs_L_v5meR9NYOyzAlFFU2PA2XdPouXpfbqxK056QxiT3lr-Yt46Uyqq02sZb_x1PRxlHoGYsBJECnheRV-D21GtIusGtI3OkUDkorbIYE467lK8hDcsBgUhW7jKGIWJ5a-_Wdu74Q91vaHIRCvMlXjOjMzT6u_NgTwoaPWEm16-nvCxYxNwr8pn-OwMKjylTkbiJrXtzYrvt2JL8lwNfD5JjHIG2MolEPy2ZCz7AxaNPc4cAEvrqqoJUF4AQDiAWNnLXkU5AGAaAGdoAH_uL9gRmoB9XJG6gH2baxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH4L2xAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB8LIsQLYBwDSCCkIgGEQARifATICigI6DYBAgMCAgICAqIACoANIvf3BOliRiZGa_L-NA4AKAcgLAeALAYAMAaoNAkFV6g0TCJeRsZr8v40DFW6PrAIdiA0lgfANAbAT8vroHNATANgTCogUBNgUAdAVAfgWAYAXAbIXCxgCKgBCBQiFj_gv6BcBshgJEgKFVBh2IgEA&eventType=clickstring&clientTime=1748222471522&ai=Cf5OeBcIzaP2eDu6essUPiJuUiQjeo4Guf6X-rMn1E8CNtwEQASC5nckPYKWAgICYAaAB_qqtoj7IAQWoAwHIA5sEqgTkAU_Q4dJMkKSWbD_A7VcxtEWltkVJXMwn9t7kZEphXMP-oY_BBfV9S9CxPhfThHpirwCs_L_v5meR9NYOyzAlFFU2PA2XdPouXpfbqxK056QxiT3lr-Yt46Uyqq02sZb_x1PRxlHoGYsBJECnheRV-D21GtIusGtI3OkUDkorbIYE467lK8hDcsBgUhW7jKGIWJ5a-_Wdu74Q91vaHIRCvMlXjOjMzT6u_NgTwoaPWEm16-nvCxYxNwr8pn-OwMKjylTkbiJrXtzYrvt2JL8lwNfD5JjHIG2MolEPy2ZCz7AxaNPc4cAEvrqqoJUF4AQDiAWNnLXkU5AGAaAGdoAH_uL9gRmoB9XJG6gH2baxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH4L2xAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB8LIsQLYBwDSCCkIgGEQARifATICigI6DYBAgMCAgICAqIACoANIvf3BOliRiZGa_L-NA4AKAcgLAeALAYAMAaoNAkFV6g0TCJeRsZr8v40DFW6PrAIdiA0lgfANAbAT8vroHNATANgTCogUBNgUAdAVAfgWAYAXAbIXCxgCKgBCBQiFj_gv6BcBshgJEgKFVBh2IgEA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame A15E 0
57 B 1601ms
597ms Ping
image/gif 2c0f:fb50:4002:80c::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~mb4eis85&c=2559801839144&slotId=1279900919572&qqid=CL21kZr8v40DFW6PrAIdiA0lgQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1x8&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A15E 40 KB
19 KB 417ms
145ms XHR
text/xml 142.250.4.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A5k5TIMvPCB3rkgM7ujfTVayDlmrb7YAb0w510gv50ao4XBKFbGCbWHfrFX8IHGI-W2fWZrvg_ouGjp2Y718fxXpNMYA&cry=1&dbm_d=AKAmf-CH1xZ9-exvQbW9D7uIiSMZa0mo09PfbsgHqkI1WN_7vTYRMlzjILfJGsNlZ9lMCSfXF7Snq_QCPVx4BQWfutFsttuyb5s4lz7CEuJChto63-OhOmtGxemj20-v-tjyOMxmyl1tUgwIH3FIUmCKf6caRsANu4GuFKOuK7yggoHyKED9LF29kHuWy3ssMYMvEo4Bple6LhXUdhLDBJy8F4O56Jfkgvukp81jI6NG5Nuw2OOEgMdqhUaWkdz5pjyThS6JsoGd2DaawbKog4wD5drN403hkkbWF9visrYz5sMgjxrpiqV9flkLVtsSFCrzl5Lbq--iuBrVKMmRLbraeizjn-D3auZKvMEwlwlc5yk-8hMjLjpzpyfhc8N8PBWYnZCIpcBffO-qEx8UbhVNQbBXVYPxRMZ-bJlx1uUW0-RpznZOODcb1-5gXQzz3VQ114weCWQYqGFCZmZUfBHPJmjxhFb4pFxx-7kshtVQbu5b9diF7cFbfbKX3S9DWStt3qiY7MvBWiH9f7UWv6zLcuZAehO_z96f2f_qn4xWtxkgs3pxSquFe9FyB2jy5OetZNQMmR5uY7HGaWLavz5b2E7QGt2GJPRg3u_SeOSOvuFM1YwdN_YR0d_vntEmcahW_PCuWmMb-JU36FdX0Q3bRGfKDsADD5Z9B4IHT6zIcLyZTx9-YCvMVnmvMSY0znGH0T2GRfGgcKKC62kkQI5AdukTk8W-b_y8zOYvqNhvxkA_G9xLOYw684PwKIHgxHpgbR9_xSoulo5qOc2Epf6PhNFM2v17ghIXtN46ZnQzrRGwoaREess5pX2F7CbeK5w1NURWK_y4ZsSyJGIjf2QbVkT4ZT23Exrbf_6axbA1x0vJeq_s8crYRECeytxuNYcfCbbDGFCmMgb9o7Y36k9epDC7uM-_cCCkvbmNnvZ5C8Uh00Z4PwgVyBdDYagzRgC8Ut6g2Cbz-XLRwZhuY-w-AmsFjRlUG3KHxTvAt8qHqaAn2LvU-him0XBQCR4w42bOnQcrcyNzz9oyPwGFxT8sSmhlkwMF66ljRed_zZLeatZHgb08tmW_vY7AKMw1SgUDlxxuevnT2ekOrUzzpJ-4gldX9jAoRINJv3W0EGAan2gDHmw7_PWQCc3sGtaVqQIwsF_J8KdG1D99BJ7mtc8dh-W62gqLX18WfQxvNtwndS4tnXPz0RvtSZdyE0sA8KaUop0kyPkDVXlvegXnmfU5OSeLgFxw5UnSA4QSFa4o57M4dLfGL9_vB_2YRh_7QRk1S1Tmta6OWa3EYwmDFs09J4TWz5EttV2RU4XymN6i--cXTFhfchoO7VwfIz8t9BhzdyYcd_xT1WOlX3s9408qydocfFh2_ZE9_o91CSEaqtLZM1IQapLWXkX9NlN6QjmUao_adBAOCUWvMswY_FELoypk8uU3rt1DihOgpT7pn8nvyvecqqUXJTAragWLApUzNS6z8fws031DOFyqiW3914xIDk62Eg-D9iGOeLwtwkmij4gTD9ahR5qJeZOi_xONqmjm6TNwiDglNtzuexbaMVUszGMLs7JG2GdesIeN5xj9FT_72T7PWuUMaKvhK9JdTOdRk2Tkqx8S3C_fQ5UsCt2uYhWTF-wZ3fSNXZAB1kDyTRT3VstrdXtRdzedGaDPlb4DJfMtMtet5DWE7g8uNu6vyDSplL12NAcdS8VXdJpW-eFPgqFrNozNs0HmV0rziPJ4nvAz_K2AzdwjwkCvcP97CDzbjdnFn_brUYAYbzwREQQxOIhN4rLcxnbKZQD-nhITNw4L3ItS-3e8qI3NLN6ZPhUItb0BegnmnMORxAvAiMece-lJeWL5uyvXjgLSrJvhaM3RS4HrnIjIh7-mQqdASRITxRKaG8LfXZ2fXFCBj0YC1ETwb4ML8CliceHo3p0GjaiG0pFnmmaQAFph_bYRTrxADX2at-ZBdoShDDePwKQV0Cus9MGda9CAmd-tQ0i_ueINCYGMk3jNYlui5_j_uCRN-jILasp-n5U0SOqiRX6bJaXX7WIzEToXsmrE6805glsPDn3tPGcK0RF4xVhHfPLBUB4mt8V5dMm0Y1xU9DxYmmACnQu32aLmA6Hh1MBW1BN119Hk6_7ULdj-GoswdyfWw7RZOCI9IoHWhsPeKCIzm2_IX12mpfG3ooIn_ZaCw0wDSg0Zh_rmK0HynZSBHvKDUnqAz6t2EVzIeL0QsOgXKb4FxERwOROLCaP4h94HDVAJ0VcPCmXC6VQTc8To1D_WugOgG-aUuZDH8aPP1FZvu8CjwLdqOFv_pPrGa5zZgYqVxRxS9Z6lYyBUdsUdCLEtu_iOF255jpbGQtT_cmVrSWnJTX2q6xl9qIXlsORzSR6Ps4GGEDArXolymvgfHFs0zMz84AnZreYyaHCqn0r9l_mtuUYR6nK3F2LP5hLl08s2AA9DS5Z-5OvAicSEHeEf8cvJKP_eqPeIYdCb5H2NMUSpWt85hsnJdh4JtpyZboFiWxsib-tRZ0yi34nuKr8FL547BHmSbLgdV48lndrAhRqnVi7dYJymMKzyeAGLX5QWVM6WVAtbkwbtYsSYx6kmhrEo4GAktVA-dlkb0SmxP9k_NQOz-6WKVAsp7M_Q0WIMtgpJgSK8WmTbJ4jN68DDuXHbdaHo-YGo0BYJ_ED9H-3wZx_iEEX6cCbjNaO6kvYl6xsW2dN5qKzqmYX7LZqKkL-hLDKTtvfRIPHDhQWliQ3R22j4s0QEIQmU2h_TxsFp-dt1OHsa41HPt1HIKImE3iIVXGzpr9tOUokJorGbtb0sASwFOocp7BX540mnJXHjpnt_LtlX3Js4m6h333pLldJ5_-DPAcXkU_o-fOGoEhUq9Uxmq6jNr2C8JZHZew75S_LWDxlShQncXd_5H9L5wkLGasG7hmfgcZW_3xJdq8h8eKAo6D5qglIUXkZZbAhfSieJfKWzIOB3qkRroPXAkftjM5-t-9D6sL6syuXWoeB1UqCE25JxKiEK46z3K0mxJXxigQJjMTQHJjse5kQNawo1LUX06E_Bmh_kYulp-wPzKiIAg4S1Ty_EOqWpCNd6GsbXIRyb0ZEKi9O1hwWFHYOBFJ2YxW9cftCy4AJL6zofn5cm3kHvAVqCNwUmVtV3xUATnZG6jxkBGx_Cz7vajJ7cg8qtARM0aUmpkxABCwdXqanQAJKvzaSWcwH08vaAu5mszSqxjXFK5NeBm0kP4a-nz54jlTH_59edTqtCDFEA5uOhK44W1f9a2Yd8jwk41--r0E339OHlppjD7K2yNfo1ufgw9CsrqJOJVJHsLkzmrqmukLWU_priSeeA7gv2ehgjfYceZpRCv8ndPK_RRdrB8SN8ZC1bSCmLeKgz61V8ElYyFnZs_S990GTR5H36hoH-MCONnfhZn1KDbE9Ws1KcnhKBQGfHOfMWImy6pOu1lub0vWdAemJTF7NHoVjmwg_rML31YNY8i9kZHUZ6-tE8CM_gJUyq6B1mFgBGjxJQ262p8hRRZO8Kq1EjooJ95gdsmrDphwOvQ75jFs5EsgoxxjxYmMMRYtOoc8UH1y3btsVFHvfKsA7sn-kv-AlXu3nGgVyTjJVWNkhloAyYvDJMlZSYe1LticEjVdOZ4kgKE2WcVmNdBuKt2VA52oNgsodFkc35D3TpsjRC74BpOJfHYSr8j45OCQywBOnUeaPh2LgZaC-n5AwzUpm9wxfH9hx42WIV8xdTyIZrLEiQ3UVG3AMfeV84ZWbJ8LE7QLQvYpQZXSnLliUdhCk0xxgSiGsTRpRJ5FZeAQGQsx7Z9QOqBS9atlKVD0MzS6r68gqrcoHZPlitxUjBsPdSnsGSYHGR1U07zW85YqVEzx6Gw3cuKsfp5TYOu38-Xk_VIWXC5J-Xe1ZQxjGoJ85RxZXKZPTeIE2tuNHvB3bAMPAIQ66Mm1wn-vTgfd-_aSIaOfqjZK0tPuqV7E3BZdEnhS8SkFcHDX-KvII8e9ZVJ99Qaqipzl5inCmpr_S1GcTeoN5ob-6Htj0vdfe1OAopvUivxoUXIAKxsINs5DARHsxLjxyfLGcj_eKB2qCkIQZ1RYWpCglvwovotyZ8IsRUVHDOB7z9CqdQZfqUwJ2K89zdZpBqrSLnTkhZexjDIN3HUdpSKPk9PKrvlFporfjjtny_6DcOetqX9b0yBhztcDCGfp6WlvDv4hR7zIc30zCK8cc8FaAx-lfbzmLy0A9sLdIjhvfXLt_e_h87hYoz7dCWrSLZMPEhLxB_pQNuO9tSHuXdQTGTBQLwT0ETnujv5N96qZPrbmjaVu58Qxl6MUtgzjISx72Bv9NvKSYscNQ4MMZblyCo03flmw89G0V6T1A4H268KdKzCdSMKRuk7wJfj3miMfrDVPqA-G4hYNBlvnul5gaqYCdYmC7MzNoqvPGWB7u4xH_znSawR4F8SYZ4vAbbXYK_AMYdXTYjr8TJ9ddmlmSsV8icHC0ZtoPyE-8A2eibI4EXgPGLCbroND2NEbwuRDARCPJpjvTjv3OL34lc2ft30432OSi_F9gOotfOvqKoHjSwRHvPTvrQXKKhgPXFdO0olRP1JIED68lLVU8&cid=CAQSTgDZpuyz3cXGgtAFKRVms8S69VfCPzqt7z2RSWixXHh5nH0xE_WJjKCIF2sI3Bj1BQdH57vowX55r4o2u00L-asmlsxUnWlhrsbLAqSb4xgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

ad84629bd3ce7d3150f340632e1a0de60e8fbd564d2146b0a4a30a5f917bc5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 01:21:11 GMT
content-type: text/xml; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://googleads.g.doubleclick.net
content-length: 19744
x-xss-protection: 0
server: cafe

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A15E 0
0 127ms
126ms Fetch
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwQmiBcIzaP2eDu6essUPiJuUiQjeo4Guf6X-rMn1E8CNtwEQASC5nckPYKWAgICYAaAB_qqtoj7IAQWoAwGqBOEBT9Dh0kyQpJZsP8DtVzG0RaW2RUlczCf23uRkSmFcw_6hj8EF9X1L0LE-F9OEemKvAKz8v-_mZ5H01g7LMCUUVTY8DZd0-i5el9urErTnpDGJPeWv5i3jpTKqrTaxlv_HU9HGUegZiwEkQKeF5FX4PbUa0i6wa0jc6RQOSitshgTjruUryENywGBSFbuMoYhYnlr79Z27vhD3W9ochEK8yQ-NGufFVA_OSqlEYvrGraFtN56WyErmj4Z30vfxyHPDffy3jK0vQSQGw1g8bMBdrRJDMf8MdTQRrXpVd5DfdDkTwAS-uqqglQXgBAOIBY2cteRTkgUGCBsQAxgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf-4v2BGagH1ckbqAfZtrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAfgvbECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcKEKGuFRjCgc-gAtIIKQiAYRABGJ8BMgKKAjoNgECAwICAgICogAKgA0i9_cE6WJGJkZr8v40DgAoByAsB2gwRCgsQwJDl5pWD6a_dARICAQPqDRMIl5Gxmvy_jQMVbo-sAh2IDSWBsBPy-ugcyBOcju3mA9ATANgTCogUBNgUAdAVAfgWAYAXAbIXJwoaCAASFHB1Yi01NTYxNzYzNTgxMzE0NDQ0GAAYAioAQgUIhY_4L-gXAbIYCRIChVQYdiIBAA&sigh=Gr2yPHY-yrw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgDZpuyz3cXGgtAFKRVms8S69VfCPzqt7z2RSWixXHh5nH0xE_WJjKCIF2sI3Bj1BQdH57vowX55r4o2u00L-asmlsxUnWlhrsbLAqSb4xgB&vt=10&nis=6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
DATA 200
OK truncated
/ Frame A15E 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae688d8886caae87168351f65ca2c80593ed231c97337da8c765f829b804a6a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 77D0 170 B
243 B 124ms
123ms Image
image/png 142.250.71.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=06b4a7e65a5ee72028ow3s00mb4eis9m

Requested by

Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://cdn.mediago.io/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDEA 0
20 B 163ms
163ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHsVLBcIzaPueDu6essUPiJuUiQgAAAAAOAHgBAI&bg=!ZGelZyjNAAYA59AtIOc7ADQBe5WfOMwjHSYCiPCorSmVGru5OY6j3Mcm_b7LWngP4hLuo8RItrZeS-MkOR7zHcfi4Ee2AgAAAIpSAAAABGgBB34ANQ1PpjuNx79MUTjFP2b1zXJ-5jso_btXka1fba475ED8JzJpyjdoHTkODs99fXiFh9SDjGE9CgAwqzw7-CICcajHjTXrDwqbfTPxgGbBehZ6Io7n7lwi0WDe7JgBAugEm0EaKXnwY1C4mQKfCuAqzIkC0n9cf_6rG7FmxW4qAxJvJk37src6zaRI6cMglSqE8lvGkNNgV8EkYeAODcG0VOzGl84cTBrhKKl7QifQOTLIXQVaEPBps7UzUARk982t_tgeDIDaUtZeb19mi1lsO7aD1YQw7FNcsfxK3sozGbQ9VK2hbUPJ0MYH6o4bm2V-Y_fhXieTuTzYSdpRT-A1jBO8rJ7qafVHB2Y4Y6Vna3uP8SqIG4lthOWefUmyfutoIMDeIE-4wPKZ_wnK7nxl9XLUiesTgFTrWWvVHGoRdH_XtZ9ss2HJsYn6f_f5n-kEcnlaRAA4SYHoF12PdwjP83dKEkrbATgiZN83-XML0ZJBKA5CnBS7GyE6NmQujqMOibqv49IXF2DwbZcuIC3VjRZ9Bjp2DrCkJSt11vYxjaQE5VBk6ReoJ3egp3jhXQkVu6-110FP9AuqNrsO28O1otflZomLHPDvVcFKFjBP8q0-UrUYUnyMAnr3uGpRThMYr6NR5EeXfe75BXfXaRLdLtGEhGFgmC9XpwAYPymL38VATPGNIN2IpgPJxa9BFGe8yLdeVfHgVngOBqOVmNv_Eg50hZLtfuV_CKBHiH7GrGeIw0KLmPr-up-OAPxFSXisd4kP3QRih88gKEMF57OiEcqwrnc1BHlX7T6V9BKcmeBeKIbj3mT29-7L9ROp0wARqBMJnIe9MbTcujs3aHt4RfyNrWvMPRRx2DD0u7l0NOdHX-2oiugLbaMZYoQ0m1jMfwO2EgVs-PIBb2gD49ghOGUE0WigPtSm9kOCiEINykNyMGwFX9MIo4WBup1AiPuNbXw1nSfyjrHHIlKP5E-VO6Ru13f_rau76plZ3VW4ELLN60thltnQL0yFw0OsQlQR5uHAhGSDRle0iLA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 redir Show response
fundingchoicesmessages.google.com/f/AGSKWxV4Ig59x_mifSS3tCJD-wYR17NuvMH01NdlO1lssuTZpn7LVkggTEadGo1GGbx1_9_oLLttzN1gIJxyfhQ-8ETZaP8sKaisc7OOAz807SQluNZn3uVCZueOe-PnhxUe8mm8D0sM8yR86F5GdL1Mv04fDibGl... 54 B
109 B 132ms
131ms Script
application/javascript 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV4Ig59x_mifSS3tCJD-wYR17NuvMH01NdlO1lssuTZpn7LVkggTEadGo1GGbx1_9_oLLttzN1gIJxyfhQ-8ETZaP8sKaisc7OOAz807SQluNZn3uVCZueOe-PnhxUe8mm8D0sM8yR86F5GdL1Mv04fDibGlnzvKpi5S40dmJnseBaJBEQ0LKPkCfPM/_=%22this.href='https://paid.outbrain.com/network/redir?%22][target=%22_blank%22]/bnr.php?_affiliate/banners/_728x90_/siteafs.txt?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

8493916ab15ac82ecb56ecd6e594d61e748048a0e8695997ab7ed6229cb18eab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M2v-b1HB0Gno_SnQUSytgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiFujo6W8wfZBH6s2cujpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpgamSgZ2AQX2AAAH_9Pvw"
content-security-policy: script-src 'report-sample' 'nonce-M2v-b1HB0Gno_SnQUSytgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 251 KB
79 KB 27ms
26ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

69aadf1302439c3c5bc3c371b057bbdf2923a7cde078e901393e0ce5201e35c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: br
etag: 5749300307176127947
age: 3522
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:22:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 00:22:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 80898
x-xss-protection: 0
server: cafe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4Ealnc0u_mxLlhvktPBkiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBi-FB_mfUHEJv53Wa1A2Ihbo6OlvMH2QR-_DnJq-SSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDUyNjPQMzOMLDAB1SCcs"
content-security-policy: script-src 'report-sample' 'nonce-4Ealnc0u_mxLlhvktPBkiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6myoJChwMiafrfGtff4dsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBi-FB_mfUHEJv53Wa1A2Ihbo6OlvMH2QROtJ_TUHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkamBqZGRnoG5vEFBgBIgCaX"
content-security-policy: script-src 'report-sample' 'nonce-6myoJChwMiafrfGtff4dsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 csi
csi.gstatic.com/ Frame A15E 0
534 B 1124ms
596ms Ping
image/gif 2c0f:fb50:4002:80c::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~mb4eis8q&c=2559801839144&slotId=1279900919572&qqid=CL21kZr8v40DFW6PrAIdiA0lgQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A15E 41 KB
15 KB 164ms
163ms Script
text/javascript 142.250.72.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.161 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: gzip
age: 2688
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:26:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 00:36:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 15407
x-xss-protection: 0
server: sffe

HEAD
H3

200

1
r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,i... Frame A15E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/ip,ipbits,expire,id,itag,sou...
https://r5---sn-ntqe6n76.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,exp...
https://r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,exp...

0
0

84ms
37ms

Fetch
video/mp4

74.125.152.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/20E76A5752F9DD8B42A83A6AFD988CAACCDBEC2B.3EFF76BCA1B541DDFEA09E21126762386C09DD74/key/cms1/met/1748222472,/mh/ls/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-ntqse76/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351660/req_id/5af02fe08a93a3ee/cms_redirect/yes/ipbypass/yes/mip/103.216.220.74/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1748222194/mv/m/mvi/1?file=file.mp4

Protocol

Server

74.125.152.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel04s04-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 23 Oct 2024 12:55:54 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: null
client-protocol: quic
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: null
content-length: 2861371
server: gvs 1.0

Redirect headers

cache-control: private, max-age=900
location: https://r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/20E76A5752F9DD8B42A83A6AFD988CAACCDBEC2B.3EFF76BCA1B541DDFEA09E21126762386C09DD74/key/cms1/met/1748222472,/mh/ls/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-ntqse76/rrc/104/fexp/24350590,24350737,24350827,24350961,24351658,24351660/req_id/5af02fe08a93a3ee/cms_redirect/yes/ipbypass/yes/mip/103.216.220.74/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1748222194/mv/m/mvi/1?file=file.mp4
timing-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:12 GMT
access-control-allow-origin: null
content-length: 0
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 02 May 2007 10:26:10 GMT
vary: Origin
server: gvs 1.0
content-type: text/html

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A15E 453 B
588 B 124ms
122ms Image
image/png 2404:6800:4006:810::200a
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5561763581314444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

age: 0
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 02:11:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
content-type: image/png
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 453
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ Frame A15E 0
57 B 1110ms
598ms Ping
image/gif 2c0f:fb50:4002:80c::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~mb4eisly&c=2559801839144&slotId=1279900919572&qqid=CL21kZr8v40DFW6PrAIdiA0lgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=836&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2an~atrd.2ay~videopreviewvisible.2b0&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EH-jR7NGj5rUSzxQpHO01g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBi-FB_mfUHEJv53Wa1A2Ihbo6OlvMH2QQWPP_to-SSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDUyNjPQMzOMLDAB0_Scv"
content-security-policy: script-src 'report-sample' 'nonce-EH-jR7NGj5rUSzxQpHO01g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LikFaN1zYR8aoaacJlb6Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBi-FB_mfUHEJv53Wa1A2IhHo6OlvMH2QQW7Pg-g1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRqYGhnpGZjHFxgAAINlJzk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LikFaN1zYR8aoaacJlb6Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWdYRUKSC4_FmIToOV8rBPg5qEquwJONM-hnklRq2YRqnqLjGI_pMu4T1YcLdfkZij2F1ZzIvS6De6z2uWGXjbyiN2Q5ADZF0kJPIx1qELFPv5FuBYa_T7G1uhdDiNb171Zp-Yb2A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 147ms
146ms Script
application/javascript 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWdYRUKSC4_FmIToOV8rBPg5qEquwJONM-hnklRq2YRqnqLjGI_pMu4T1YcLdfkZij2F1ZzIvS6De6z2uWGXjbyiN2Q5ADZF0kJPIx1qELFPv5FuBYa_T7G1uhdDiNb171Zp-Yb2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjIyNDcyLDk0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3QubHkvZnJlZS91cmwtc2hvcnRlbmVyIixudWxsLFtbOCwib2FLN2FGb19mLVUiXSxbOSwiZW4tR0IiXSxbMjMsIjE3NDgyMjI0NjkiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwiIl0sWzI1LCJbWzk1MzQwMjUzLDk1MzQwMjU1XV0iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

48e82c8ba1e820985021db50c9024161c90e02e00705cb6deb67fcaf8625696c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YfRjBLm-03nga1Lhk0zuGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://t.ly/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjXxlush4G4Sfs2axcQm_ndZrUDYiFujo6W8wfZBC6c-BiopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpgamSgZ2AQX2AAAJoRP4Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YfRjBLm-03nga1Lhk0zuGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4724 23 KB
8 KB 163ms
162ms Document
text/html 142.250.72.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.161 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 00:42:10 GMT
expires: Mon, 26 May 2025 01:32:10 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxU-IBpUP9mUQvf6IMAbRmbj3y4RK97USM8csN1dIc-vROtpOCfWrIprfWb1c5kr5Tvg4m1ZpqA2Qx-xkFqR0tYZNS6ST5EDMpis9AKn3yHkxLl1G2VhjVY4uMMGC7NG4PvT40t-Bg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 138ms
136ms XHR
text/html 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-IBpUP9mUQvf6IMAbRmbj3y4RK97USM8csN1dIc-vROtpOCfWrIprfWb1c5kr5Tvg4m1ZpqA2Qx-xkFqR0tYZNS6ST5EDMpis9AKn3yHkxLl1G2VhjVY4uMMGC7NG4PvT40t-Bg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3szS7ZgU9Rn61SgavyBmOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15Bi-FB_mfUHEJv53Wa1A2IhHo6OlvMH2QRWnG2YwajkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA1MjYz0DMzjCwwAb5Am7Q"
content-security-policy: script-src 'report-sample' 'nonce-3szS7ZgU9Rn61SgavyBmOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoFXtLVnDDvrNy7kUHEZ2hTrFT06upWCbvVm37Be7HARlmsQ10dyJ4kSaCrOX-zdkBLWL7KkSCP6FprrkSmpniETJaVKHB7kw0eXKEU4cKB5sLnCslOAGGqUOL_22phqxRySo4GQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UeBrEx5xQI7Mxxt6QOQpTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://t.ly/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:12 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBi-FB_mfUHEJv53Wa1A2IhHo6OlvMH2QQO9F76xKjkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA1MjYz0DMzjCwwAkLonZw"
content-security-policy: script-src 'report-sample' 'nonce-UeBrEx5xQI7Mxxt6QOQpTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://t.ly
content-length: 0
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ Frame E795 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2ff39cd1e34858b5ef679d9ad033355d57d32234c6968eea3a8e314e76f56f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame E795 0
0 364ms
181ms Fetch
image/png 142.250.72.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6wP6Rzyb_Yh2zLdGav3rk9pIxqvSHImz8jBaZQcxzaaDgUA_yqkiHiSdGjV2Ht6epXdkBsSTXoX0d5PngtqlOTYE8LDrg2HjZVTLIRTZWkIB7J3BfoUkG7WItlFJS4tnFUGtNpq78nOMqaWm7Rn7CLorscEgAjaNpwk1oNnR_gXSIQb9kMl6WFKS8PbZt6iIbidHLer3FciEnA5EUX7GyUpaKlfraZVxIiji-LS3gtT_i0cJtLxaTCaUXKM2k_RrthJazmP2yaqqMTXZtFOxh8uNEP6CES8G4LcdGW8ES7usR6jTRBK2VEUwP2KJvgNLE1ORdJ8r1-jStb7KYDaYHSZAOo9zBBGr-BbLSqwt1bSUtqA50h5yO55RuYiVsPrbDjBJAV_CWgtxMW1Z4BFMcEmKa3tlVzMFWofR5_dhfEyKV4tTCMHF466icZx0w8efkbtWBbvs4g9XJ2AQcsMTk_GWaWMNhGgH7D2CFcJA9rEduuu3XJE5vSTfrMs2V3UBkkMf-q56wVq614v6fy9EPTHjw9X7ezySLJyYwAbF9Z5VWGby7cpzgCpwvVfirwbKUBeSjoc5zfboQp7aPENV6y7nQ52f0h23fhnGJDB-g0n6CafQiwDripxY_Pp2tzNASORxY3nuG97F3-hw8j68jOREau3jmrndbmwwY_M6t2OBWia7BRer-mb3z0H9Obx4H1RzfO6B-KVd706uCestVfwnRJljo9hnkeNp3lZNvkvH2leCs-Rz_0vio4jjp6nfKd3hSBDGnrQVIQwPVbBMwUjoEpt2ywUEnhGNKc0cTglYmTxyrrEtHEBcXU7geuraBz69aRW_6yJc3YFBQ4Xz9hfW7f_ubgy33hDIumxpbJdDQUw5IZlLL97SWVk8QzHi0mIbKdwxyvhy8SLv1jhZ9_aQ1XPF-Kw3wbTfAuA6exe0fstexSSnK5PUIZc4v0jOj19o4KEJIkVHoRYoaCdSdhBLAIwPfWaQOk1hQVv1hgRvyqtJUSRFesdkuCDV9sVdAH9Z30Q8tjB_1VXocEUy1qZ8yC4HdsPz-BgcBvPxO-Al07XCZSQZdyWMdmQ53Q7YmZN6TpF3ycr1g8jeEe25cFxDYz4WASrJ0FhjN9d7GkjrhvLkDtpNU7B0vkvoINOAu82dxHOchFFVAOlptWPYgQgL1NZ9_MxZy5W_Bblm9IM8Y306A4ZB4O3XOfv7q22YdyOxF7FLdyljxPZcsRrcbK5yTw-ql0UuMwAqVpeaOyZKZ8dKhjpQLLJtieHBiCpHLbUckXbdSrZrUPSAVKMICXdRifUWjgjWcBAynbTtC4MS2ktYxeiO2WQf-tPpy7-q6KvbOF30MeNA9gl_jmDyFupfC8FkOoCBGqhSiqTY3EyBie3lhsKW-bJR8qFIHpXhGtEqjnxvwiHL7mhn7ONzM3uX7PZeNBk_G9nqHg7kHrpHIfqqofNOUg_MeE8rGg1To0E7GyWcJINw&sai=AMfl-YQoFE1O3OL1Nlmu_jRMR88KvI0eesoa4DE-koFPX_ElsCj9kX0KWsikHcBlJGFKY64joVNSnGLEx_1Q8VYWgH85LgU0To2H-t-zI-7aTwweZ4IecTyuV1cTesUJe05tTD8WxUUJB-LiU8AsJ_ib6LqefGUYvMuvFAWqU0fPruxd01NxW9vsaEHmb_URgYxLYm1JbZuQvaF-ZALS6F2z5ej0_SrAUAQ7fcl7TUe_3CskaBY9iLKZA0mXXUldfpQdp-1wAi4Qx7YAzmQctSuXXP8_-Pra6aNQCoGQx4bTfc0nJ1dOWprUEHbAFGTh-EzeJkVL_8fdcjkbdMgsH-wp8cofvjrfT0uOCT4uAtwl-HTZYzS1XwC4ouvM9Gk6ovGI9J3M0IcM5fLSTY7z7bycqnr_x15GYWeqV-YwEjDs76oD8Q7x1a1w8BggV_BHvBgnH_7_rS7yRG2M2qzoB2KeWJl57um8HfijA5cUnzyrAGJWhv9k7-kyGCDBjfGePUvTi3qj&sig=Cg0ArKJSzC9K1wu6zsuxEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9maXZlcnIuY29t&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1345&cbvp=2&dett=2&cstd=0&cisv=r20250521.51578&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Host: t.ly
URL: https://t.ly/free/url-shortener?ref=expired&url=https://t.ly/8SJ81

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.134 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 01:21:12 GMT
content-type: image/png
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"908768196":"0xf567174bb4283550000000000000000","908768197":"0xf2fd68cac2d16e60000000000000000","908768198":"0x2c19a8f33e9fd0ce0000000000000000"},"debug_key":"17647241912672830684","debug_reporting":true,"destination":["https://fiverr.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["8023643","8016204","8062705"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9053352"]},"max_event_level_reports":2,"priority":"0","source_event_id":"12769122482451879193"}
server: cafe

GET
H3 200 kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4724 54 KB
0 26ms
26ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

sffe /

Resource Hash

91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 84050
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 02:00:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 02:00:21 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21069
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4724 0
20 B 163ms
162ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BrQ_0B8IzaPqjNrCcmsMPh8fZ2A0AAAAAOAHgBAI&bg=!Xl2lXRLNAAYA59AtIOc7ADQBe5WfOFrgph6KCsNt20MRQ8269wJWEyD7YX8kpYiqwdQdPxqzy7NCpHnLwGB2F5jZ0llNAgAAAGVSAAAABmgBB34ANRR8hhvGuTTejM0pjgz9PF344qD4TV-uKjNLpkNwVUnxD5-swiien_zct2gtKIIA764cmjx7CgC7Pz89CVrtJpK5Mqjxpo15dYTPdccn9azUMSc6q7saBnBiMZikj2dQeMLxaDxTHnUVWccOP2SgJhwusANXjLzY8vHw2f1ELMDBB59tg8zogc7jZQPndi_9jF623VPrPrKP9acSvDypId0tO4j7hiKc9FbOGKlLEkfcCtkjc3VLLdR7JMZiB1FUOeVT2PesxdSMb8CrDRLwPo61251ub2C0kmypA4X0oHi4WIsbMW7bgtRUxN_ySgaxWTtFbJkCgO-5aM8xQpZjTSyuhOYqEbnJfJWyLSXVL6gT2sU4LyY3bdfDJNxK38Qyql7Oqh6KMcQAw4h-HpzCplb1CgoYAvf00YFj2f3fY-6pixXA014_IdAxEIY_GbBR56HKkGk6DA88E855i3ItudrvFF1oBz09tVLCxsf1jaBC_IyAr8N_HFLYUXh0Lc4T7MJa-8aLllMeTPVbaEg90Kw_F1U2UEopKd3-UkbCp46CWXEqp9VYTq2U5WJcbuD64bymX-KNB4dqydFxPVyw5sZ3eccKXNRXn2tfThKs0dCu77nIi4Mv6dlNTAvO7Gy22g9NtAM4VQG_eLVa1wFpb0OXZ27_kXTaMFLd3UEEXClqm7VSyieAcxI9kkqdJK6ApOYPqPJokb7oClM7N4eqSTlagfNeNJPBzYtOm_TDM6Ktq72gGMlFAXy8rHgc-YTr3THhG_oYo_mvEeWiwnrDa7orQfCrDoc7AhgHW0hMuKx7bAauExi16BudcO2mNVCbKFr3xxNwGTP9p9aQW_-GwbzluHuvNZUvpBB6REgG9TquRceCSOubRUBfATo4xMWf9YPPMS5tuKOB8hqFFpQxnXh9DOHeI4pWdh0d5tqojY9JoWP0zRGAeTZsSpiXiwlJLtWPAQAuKt1-wkS3h-AlVRPGCf-KW3xGdnsS5L4YbkM2PgWsQ8T4wyr6xqWmec1j3WU71VelB4xQKtAu-LsZaAbv6gm8NhBdP1lzAyVZ7n50Ljz7l4d6ychIy5ygv8y99YjLGyKEqiQRd1crslySuoQfKOgxIZSEgB0lu0-HIseFT2j4RQ5duvny0XomKNu9hGk0CPHxS1-7NuMF3AyH7XEoFQw-Ruk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 206 1
r1---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/6520941814a7efcb/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1779758471/sparams/acao,ctier,expire,id,i... Frame A15E 3 MB
3 MB 38ms
37ms Media
video/mp4 74.125.152.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.152.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel04s04-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

9fefa8dfffb406d7eb57901f1fae1e158d2f435c6ccb1f80d2e1e58c48fcf90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date: Mon, 26 May 2025 01:21:12 GMT
last-modified: Wed, 23 Oct 2024 12:55:54 GMT
content-type: video/mp4
vary: Origin
cache-control: private, max-age=86400
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic
access-control-allow-credentials: true
Content-Range: bytes 0-2861370/2861371
accept-ranges: bytes
access-control-allow-origin: https://googleads.g.doubleclick.net
Content-Length: 2861371
server: gvs 1.0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame A15E 0
0 179ms
177ms Fetch
image/png 142.250.72.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssIAvEZIaDGDhy2uR3zmEC1QamMB9mTGTyUHKGw0jqrHpx5pDyReDtZZgfR_xAqpzhr1iPQXU0Gw3ZMkkkGMxWh8-drXe0ja7xTCUb1UFLPDWW7JB3au_Mg4sDujXk191oQWszk1qL5OUcs05AO2mssq6LT_7nFSNMasvBIjItyyzyJMGVeVXGa39CA1oeAC3K-D9qImwGCY9p1Tw_mtHypAewHRys8bvaxctc43NGUTi_b_5o5h3aDdzhs9LIo49UEdWuYb-ECU3XG2ufNkx9mJ3NmoRqH7S71voooYVYegv5GMHKip-uXzdTE-XTxntKX7Iu_cWBZnV-AfObRQQvq4iGO6iyZModfM5MFMsHjr1S64qs1gtpByEVxI3itdzLEDqi0LCb0UindxXnVqAmwkc1ik47k27MA_OwrQNIiHTgC9poUTm8DVOnlc4u6uz2wJrhqI7-njKYszbIF25q2xyPvaKC7OnZM0eWDIA1oknvAr81DcrNh30vtJLa8A9zvXAAXF2-9qOAzs_0w2vfLb3dffwLR9YlBMF3Cxj3itDx5eIgJYII3RDcU6x4XJKGW3rLqSVZmgNVAJG0cnd8Qcz_RqoHmQ82YpcZPubaqwy7qKYj-zOhr-ZbJgucTFI2pZEKXB_xM2JTOR8xtmIJO24ubPpL_L9IzIlJlGC1LHl0FIVJdZcGkp9fKc5Ou9tOVnrPUfCLZ0rEVa9LUHQHBLNrBFc3jruTL7JFeywhL1_YltQ7FE0Ri5Nvc4s0HcXxx0extUV1w80e5DFls9BUhYZ5PnY5vZIlekHZT-LELiTJInp-_29sGrB-qWsxKmy1jkMHz6qNipTw-Zsq-NPXQj2tjna4bEB8LbFOM4qFMuLtTEm3Mug6c5Ep9m5fp32IksWtL392hBujD8KCOB3hh0zxB4lDtasUxMnd6Mg7c5ZGHr7NlAA2qjInw1uL_vc0WQrwnG31NMzVQShTFi-K5AIkKeSqgr4t_uGaPRU7QCPxaitbFhLYixpUHHP00hpYrbHOfGYVIZUWzuBKAQ5xY1jfndHSGzcdhHGreJVLpUYUBFAq-fCgiiMvL3O9mUwNF6i7qeNqqvTMcisRW3GQf8RBbGTeUOLrwf-2NUNdNLjRoKx0spBY_KUceBgVLyXnIM-LbWZtPJK8WdIOw2hc5xAOUGwio6wwyIxxOUeKsf1BKFgRFGk_Es7OoNaA4q8O2np3WuYqmUNwMuSYkK9K2StCUUdFutNWrlxec8YI5pNY5l0LPGkSc8lDCqbiKYMS7mC2hqSiErDXy8TJ9kX3e2s5i2PE8MsKwZ8j8gPiPCYPr1HMqaZqmc1vbNtwtA1-DBSuui2Ymr4H74Lj8lyg1Kc708a6iPuZkK_vDdiVjeiN7b34JJeIZQBrgFxyxUxMEe11ISuRCwJXRjrluAQdtPYVnDyc5mdgBQCFgo-7CUQ&sai=AMfl-YREQszt2FFT9OAaWrAmV_ely1kjR7gVHyW1rytftGVNP9gAp2EbiByGteAGxLBF5DZ0rxVOy9sj4W2jwEjo2QrWyzxdDstk9NEb-UPq2Wh_Q1qmU7iW4F5n_kACdwNW9GeAgzmJL9iZXUb24Nz5mf74_ikranzj0ottycCeShfmQUs4zx9dNRl8W5ynwUkSLQHjCHXE4t7WhZXWw8uaAhedMhQqWZGLk70nGl5IIU_QrjQ-CCmAL0sgpeHZX3jV4GFbFKxbtFTA143zUZpvhORQx4R2mqt9OdsAjQ1nifwFmamtfOv-tlsVXxiaAw&sig=Cg0ArKJSzMWFkqMvL9qkEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9nb29nbGUuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&nis=4&adurl=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.134 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

x-content-type-options: nosniff
expires: Mon, 26 May 2025 01:21:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 01:21:12 GMT
content-type: image/png
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"38626140":"0x6f8e4d308ed388a40000000000000000","38626141":"0xfcbea597a5f0c2a60000000000000000","38626142":"0x9d7f447db4161c410000000000000000"},"debug_key":"13474134379650180877","debug_reporting":true,"destination":["https://quillbot.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["110350123"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14895710"]},"max_event_level_reports":2,"priority":"0","source_event_id":"3279468224219208248"}
server: cafe

GET
H2 200 dc_oe=ChMIusOzm_y_jQMVMI5mAh2HYxbbEAAYACCOp4JrQhMIvbWRmvy_jQMVbo-sAh2IDSWBSABQOljwqwFglqjLD2jKwv7BAXjelI0HggFyChMIvbWRmvy_jQMVbo-sAh2IDSWBEhMIzYmzm_y_jQMV-IusAh1z4Q5IIhoIjZy15FMQwoHPoAKoAq3Fno8ZsAK...
ade.googlesyndication.com/ddm/activity/ Frame A15E 42 B
404 B 313ms
164ms Image
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIusOzm_y_jQMVMI5mAh2HYxbbEAAYACCOp4JrQhMIvbWRmvy_jQMVbo-sAh2IDSWBSABQOljwqwFglqjLD2jKwv7BAXjelI0HggFyChMIvbWRmvy_jQMVbo-sAh2IDSWBEhMIzYmzm_y_jQMV-IusAh1z4Q5IIhoIjZy15FMQwoHPoAKoAq3Fno8ZsAKcju3mAyjdAkAB4AEBgAIBmAIBoAKl_qzJ9ROoAgbAAnbIArmdyQ-aAwRn2NxK0AMD;dc_eps=AHas8cBkwmG-KJibrYzftq_VC2WcDNBx2kJl91WjCjdCasXWqX1EA0SUwj9yB8M7U8du3uh7RZ-xXei0JUdLYCGzn-g;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A15E 42 B
64 B 126ms
123ms Image
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cf5OeBcIzaP2eDu6essUPiJuUiQjeo4Guf6X-rMn1E8CNtwEQASC5nckPYKWAgICYAaAB_qqtoj7IAQWoAwHIA5sEqgTkAU_Q4dJMkKSWbD_A7VcxtEWltkVJXMwn9t7kZEphXMP-oY_BBfV9S9CxPhfThHpirwCs_L_v5meR9NYOyzAlFFU2PA2XdPouXpfbqxK056QxiT3lr-Yt46Uyqq02sZb_x1PRxlHoGYsBJECnheRV-D21GtIusGtI3OkUDkorbIYE467lK8hDcsBgUhW7jKGIWJ5a-_Wdu74Q91vaHIRCvMlXjOjMzT6u_NgTwoaPWEm16-nvCxYxNwr8pn-OwMKjylTkbiJrXtzYrvt2JL8lwNfD5JjHIG2MolEPy2ZCz7AxaNPc4cAEvrqqoJUF4AQDiAWNnLXkU5AGAaAGdoAH_uL9gRmoB9XJG6gH2baxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH4L2xAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB7_TsQKoB8LIsQLYBwDSCCkIgGEQARifATICigI6DYBAgMCAgICAqIACoANIvf3BOliRiZGa_L-NA4AKAcgLAeALAYAMAaoNAkFV6g0TCJeRsZr8v40DFW6PrAIdiA0lgfANAbAT8vroHNATANgTCogUBNgUAdAVAfgWAYAXAbIXCxgCKgBCBQiFj_gv6BcBshgJEgKFVBh2IgEA&sigh=5b09_NqPKLc&label=part2viewed&ad_mt=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A15E
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBCtxZ6PGRjCgc-gAiABMAE&v=APEucNWhnP0VdbuQ996wKHf_1eLBmhi7_EFqheD9ovCopVXE1W4TMZrHKq9x398I5RJN6nQPMbV4MF7wdti-yBQr8WRfAF9YRyBysZLfLBkAGp2fpUqn0ys
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDPCB4sFVWQABZXrAOJAnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1

43 B
774 B

144ms
143ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQ%2BY%2Budk34ed3b7rJw9jXEyV5ebGel3oT%2BcK2aFL05rhdZkVpacZG7ZAtPLHk3jihQ%2FWpR66Di%2B8TKO78l6%2B0bkaQeAmMABoo%2FdpWLTdwITCze%2FFrpCzf8W%2F9g%2B%2BW75UTTPcFgGSi37RDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 26 May 2025 01:21:13 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 945974594f25a80d-SYD
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8PcN6CRtnZzEPXposrN60&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Mon, 26 May 2025 01:21:13 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A15E 0
20 B 163ms
161ms Image
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame A15E 42 B
64 B 128ms
126ms Image
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 26 May 2025 01:21:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame A15E 0
57 B 603ms
601ms Ping
image/gif 2c0f:fb50:4002:80c::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~mb4eismd&c=2559801839144&slotId=1279900919572&qqid=CL21kZr8v40DFW6PrAIdiA0lgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=836&mt=video%2Fmp4&vs=1280x720&dm=22000&ple=0&umsem=0&event_name=first_play&asset_bytes=196496&video_bytes=300&cached_data_bytes=8100&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=1&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.2to~ff.2u1~videopreviewstarted.2u2&faa=1&alp=1&arpa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20250428_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:80c::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E795 42 B
65 B 128ms
127ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul5SSi4pRt2Wj2vdHobmnU3VEMy2JkCuOh-CfJhLfw_0D1Eqbl_IGQ3TsGqqDdKu0odlADfPrpg2aqzahb8HnEPQiO0qk1X1PgHoDzpRXd8l7U2SG51OgssHr1QhmybtSyj2eZI8OjrMt4EVprV_3oD75ZhSLKEaOVVQWue2Ggppk6YB2OOgjlioLLevqYz36tmBekmi3o&sai=AMfl-YT6f8SMhcP6B9QKy7Kvg2MZfZZ7-FCRm_fS121Tof279SlpKPtyD5mqYUTFeA1co2YjNN17Qj6YNlD3cIeVJG3-4dOi1ClNSD37ZGEkFZCHkdS-wCeUDqhEXLzFknPpGyltERHM0whxc4fpGJR9&sig=Cg0ArKJSzL7ewjf6MMw8EAE&cid=CAQSTgDZpuyz3cXGgtAFKRVms8S69VfCPzqt7z2RSWixXHh5nH0xE_WJjKCIF2sI3Bj1BQdH57vowX55r4o2u00L-asmlsxUnWlhrsbLAqSb4xgB&id=lidar2&mcvt=1000&p=0,0,600,160&tm=2107.3999996185303&tu=1107.3999996185303&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4415527100&rst=1748222470906&rpt=1349&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 01:21:13 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 126ms
125ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je55l1v878425165za200&_p=1748222468596&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=1328869968.1748222469&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEIIAAQ&sid=1748222469&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2Ffree%2Furl-shortener%3Fref%3Dexpired%26url%3Dhttps%3A%2F%2Ft.ly%2F8SJ81&dt=Free%20URL%20Shortener&_s=2&tfd=9466
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://t.ly/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://t.ly
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:21:16 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

116 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.ly/	1970-01-21 05:37:04	Name: __cf_bm Value: DrO3FQeLUTdm_XQanLwvJGfG1fNbWxeyLYd1okwjuJw-1748222467-1.0.1.1-8IIuklJat2Y1oc7CWITQXucFfvXeqockcfW1KWCJxalYjTm1bb5j5UaNcQGvNUGgMb0WMmJNcQizAnMupHoNzq763rFUgcPHlOXTkmL7770
.t.ly/	1970-01-21 05:57:12	Name: XSRF-TOKEN Value: eyJpdiI6Ing1TkhiK0JZWXhwU0JrRk5ER25TeFE9PSIsInZhbHVlIjoicExGRW1PSFJSYWQwWWFWbUlZZnRkei9QMWlPNVVaUktDV0IvWWZXYUtWeTYwUE83azBFanl0b3VHN1p1UkVIc2xTR01abXBpaGU4djl4WVQxWHlEeTh1QVVyUHZWMDdEemNvK0dWNC9ldmFnWDZCVm4rUmpQM1hpZ04xOWFGS0MiLCJtYWMiOiI4ZTUzMjBmNjk3ZTc5OWUyZmFkNmFkMmQyNzliZjNlNzVlNTYzNmMyZGIzOWMwNjIwOWMyMmM4MDg4NTBhODkyIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-21 05:57:12	Name: tly_session Value: eyJpdiI6InNsQkNEOVVIOFVYR1RjemlRcXIzT0E9PSIsInZhbHVlIjoiNnVQcmVIWHZlSkNuOEYyTS9sT3k5N2RvSk1hU3JqWHorcFFPNVQwM3gyQlMvQ2QyZzBkT25RaWRFWkdEZVN3RHVub2Jnak5FbEU4ZjFCOVpibkk2ZkVKVEQ3R3FlVTdqR1REZmFRUnVobE1yT2pLOUNGNHk4N0xFTlJ3UmU1eXkiLCJtYWMiOiI5ZDMyMTIzZTE5ZTNkNDIxNzc1OGJmNDExYjY4NDI5NTFmYTE5NmMxMzRkNzc1MWU3YzdjMmExMDNkMWNkMzY3IiwidGFnIjoiIn0%3D
t.ly/	1970-01-21 05:47:07	Name: userTimezone Value: Australia/Perth
.t.ly/	1970-01-21 14:22:38	Name: cf_clearance Value: 4J0YfTfHKj0pK_y_M0EjEO1q0VOEqIFRGsrw.ttOyj4-1748222468-1.2.1.1-JxKBw8BG9r5O_7e2i7LQKHWP8AUW2Js2bhDTHCXhyaH.1SLH8n1KrIFp.JkCFOpNFLNtZcwdakbn3BNaQmdIUTCYUYMbFbFf8FZRfn..MPwl9gIxqMZKwqt6qJX0GT2oEWiL9yWiKp9G3k2QhFkegZCANtqlhj.1CGeybv0ohSsJ8WevzaA9DYR2tTYfPVHoF3wVzkBj3JZZyGh90HJxYlsNkhhnmbahsPUJVr.umQr21w_WQf9GCKAbUrot0Cvb2YQ3Pf7z6QXdcZnsND0NsTqovCCTF9OUzwAQhhNoiAP_DoHG1Z7CxTg0TyuhWAC4qn5ZHHm61dX29AW6dLrnCC05_WP2ThjgitlYB.pmWj0
.t.ly/	1970-01-21 07:46:38	Name: _gcl_au Value: 1.1.1488930346.1748222469
.t.ly/	1970-01-21 05:38:28	Name: _gid Value: GA1.2.812804377.1748222469
.t.ly/	1970-01-21 05:37:02	Name: _gat_gtag_UA_89207177_8 Value: 1
.t.ly/	1970-01-21 15:13:02	Name: _ga Value: GA1.1.1328869968.1748222469
.t.ly/	1970-01-21 14:58:38	Name: __gads Value: ID=b124da15d28540b6:T=1748222469:RT=1748222469:S=ALNI_MaesCV7KccK5l-GC6kmjofv_rhi6A
.t.ly/	1970-01-21 14:58:38	Name: __gpi Value: UID=000010e775ef2672:T=1748222469:RT=1748222469:S=ALNI_MYxwBUXDyUdPkKto8Ci2QYA0STyTw
.t.ly/	1970-01-21 09:56:14	Name: __eoi Value: ID=09232f25a0e55c65:T=1748222469:RT=1748222469:S=AA-Afjb9aJT-3gkwbk7kDbOpfPPf
.casalemedia.com/	1970-01-21 14:22:38	Name: CMID Value: aDPCB4sFVWQABZXrAOJAnwAA
.casalemedia.com/	1970-01-21 07:46:38	Name: CMPS Value: 4780
.casalemedia.com/	1970-01-21 07:46:38	Name: CMPRO Value: 4780
.doubleclick.net/	1970-01-21 15:13:02	Name: IDE Value: AHWqTUm7yQ0dWPDl0G8P-7i8DK62xs698zfDOoIANP9Af2W5PkvLnDuXmaCXIH7aws8
.t.ly/	1970-01-21 15:13:02	Name: _ga_W1D48QS4F7 Value: GS2.1.s1748222469$o1$g0$t1748222471$j0$l0$h0
.mediago.io/	1970-01-21 14:22:38	Name: __mguid_ Value: 06b4a7e65a5ee72028ow3s00mb4eis9m
gtrace.mediago.io/	1970-01-21 14:22:38	Name: cst_70 Value: ts=1748222471
.doubleclick.net/	1970-01-21 09:56:14	Name: APC Value: AfxxVi7w-bKauEXR6eBz0RMgqZfg1BIkqKWUeqQgaN-7MJB1dSC1lA
.doubleclick.net/	1970-01-21 09:56:14	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 07:46:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%1DuYxu!1yIE`fS1ueD1W-044)d+]Ue5HF=dW(Voe<*rsIGFK?#]@XRI-2)z`fw_M`89RFMZ9T5_m!x%wf)KleP
.adnxs.com/	1970-01-21 07:46:38	Name: XANDR_PANID Value: _pBpQ-kmgdjfQ8f2FvsXbXzKi1arO_sLYUxpJQ4yDKsE5cEVDypuIcmY4x0fU1umohNszI2qb1jr1tMZMNhhzZ-Oj-nWhebZrQug66tkj6U.
.adnxs.com/	1970-01-21 07:46:38	Name: uuid2 Value: 2948708285149291709
.t.ly/	1970-01-21 14:22:38	Name: FCNEC Value: %5B%5B%22AKsRol_otL4sN6rXYQRNFE--wwS5UGcyiOW93c1J_N84UI_r45DWDUY6V0hz2GM528YWo5grBBEsSU3H4RfqTYEUWEllu98k7hC5IgGoEIlf6BQzOsUa6JxAMlSOjDymsHRwzom4bBzOfXgWogDEFumaYnhwxl3W6A%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-21 06:20:14	Name: ar_debug Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C00FC0C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C00FC0C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C00FC0C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
blog.t.ly
cdn.mediago.io
cdnjs.cloudflare.com
challenges.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gtrace.mediago.io
ib.adnxs.com
images.mediago.io
imasdk.googleapis.com
pagead2.googlesyndication.com
r.wdfl.co
r1---sn-hxa7zn7z.c.2mdn.net
r5---sn-ntqe6n76.c.2mdn.net
s0.2mdn.net
static.cloudflareinsights.com
t.ly
td.doubleclick.net
tpc.googlesyndication.com
trace-jp.mediago.io
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
103.43.90.178
104.17.25.14
104.18.27.193
104.18.95.41
104.20.7.133
142.250.4.156
142.250.66.195
142.250.66.238
142.250.67.2
142.250.71.66
142.250.72.131
142.250.72.134
142.250.72.161
142.251.221.78
172.217.14.68
172.217.167.66
172.217.167.98
173.194.28.10
18.67.93.102
2404:6800:4006:809::2001
2404:6800:4006:809::2006
2404:6800:4006:809::200e
2404:6800:4006:810::200a
2404:6800:4006:811::2001
2404:6800:4006:813::2008
2404:6800:4006:814::2002
2404:6800:4006:814::200e
2404:6800:4008:c00::5f
2600:9000:2774:6c00:1b:348c:b140:93a1
2606:4700::6810:5049
2c0f:fb50:4002:80c::2003
34.111.60.239
35.208.249.213
35.213.89.133
74.125.152.70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1657584221779c9f6943c52bb7fba23376c18be3e021da4168fab39d8bb7863a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d5af2359f401239bb7d23e1133d8e69c6fc1c64c24cc561a619061adea11550
2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac
34e6fc6cf75ce2f509b981a8188323d44a40f155179f763907c8ff710a7d6d36
34f164441ac1e14cd994906eae839ca5327e2955ae82a4264eaefc7e1bb5ac1a
386f75b973c93bb45246d68fc1dcf69bb50fb397d3008802bb2797af4510515d
38b5eab0f5e64d247540ee1c49a9121c1f62e526691898be54c80b86a2d93b7f
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3a9dd037758f3135d9c6a0a414eb6042ba5f25e616186f5e55c5b56745dd13e2
3dcb5b79a6ff331082b051dbc24d5bee2262316524377d002c1e76ebdedeb408
3e4a2ff4723939e347b2d46e19e29d3536dbb6632e86aebd873007181bec2945
3f953348e258927dbd5709e82a3b83ae900949c5509ce105132e8dce94610c50
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48e82c8ba1e820985021db50c9024161c90e02e00705cb6deb67fcaf8625696c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ee3aa5ec709ee84f32e8c70ccac4ae06fc8021372a05bedc0171bf57722092b
53f7ae87b007d72f174428262ffb8bf8ada6ae258899c59ec7cf5e2c34b03c32
5834ca5000f7de99111fbf1218da1c17d61ce2c440c169ba72a478e0163fc574
5a4184e9546a3763fa242af235ca4090e944fddf77ae8e36eca7d67e3b3a35de
5cfe69f7ec8bac07256d009bb1aa59b645fa638ec074993bdd0b0e526d8d248c
60d809e56c153236ba79e52c12b94d181cb6c164bec6efb594b30589457030bf
61c121e3fd27df388b455a6d619f011c832d91efb53ef9cfee95e4daa260f217
621e889090eb5199a83dcbeece2d6b36d5a4057bdc9440ad3424dbc209d0b398
69aadf1302439c3c5bc3c371b057bbdf2923a7cde078e901393e0ce5201e35c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e82402a1c8bdb7a204f77658d7660625a6a4dd85eab083b946abdb1d4787fe3
8493916ab15ac82ecb56ecd6e594d61e748048a0e8695997ab7ed6229cb18eab
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
914a3855310371617d18aa0750f7991094dc06a5ed940d93fa60989cdf71bf93
91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
9ae8a73a58f02b165d3477be50458267072a7a73bbec3865cbc0c7aa7a9a8b13
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
9fefa8dfffb406d7eb57901f1fae1e158d2f435c6ccb1f80d2e1e58c48fcf90b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0543a5036c2902f28bf1d53b309c0d1cd204ca4921334027f7fefac118f3f21
a2ff39cd1e34858b5ef679d9ad033355d57d32234c6968eea3a8e314e76f56f7
a42d49467f2e747aa93781cbcf0c373d1f8e0adc2546ef60c4156445c58a887d
a600e0549bec34387965d5e6a9b8a00dec77d990fe6ab15804df2a024f35ed44
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482
a896c187a5496d2429f8cf2d9ba18630c1c578700b82814253d37bbae709bd75
ab446ad0b4d35be2a3f1b450ac7ddd169643bc7ae70cadc775774b87a12a4e71
ad84629bd3ce7d3150f340632e1a0de60e8fbd564d2146b0a4a30a5f917bc5fa
adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4
ae688d8886caae87168351f65ca2c80593ed231c97337da8c765f829b804a6a7
b014e8c108cbb8a8e9023e7b77817113000919169af9af829e63d8aa66db5373
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b661fd32107724e41dd0976d4de86e8a587ff459a66bb974bf692ed260060cf6
bcb72efb1dbe2b505518ae93c7ee33765323617ed040c136f91291fd51b47efc
be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d
bec56f85c6c2a1ebb047a22e9244572f8bab60c5caaa0b6e425543971579e852
c2248eba37f1a509e4c4c9e61f241f88d472ce5e2896b56e3346ce9ffb814b9d
c3f6fbbaf241f43869963e04386efe736b3f15a0e74cf2ce39d6ca186a193e1b
c4991ced4b5821e37addbf5298c7f3426ea754d84d14d60af46aca7d8f7d0c92
c8e2d03bdf493a223cdedef7d9c3a1f080a4ea116169dfc7477ddfc1ff0e5db9
c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d24335344ec3938175dab44d47d4afc527deca2a363867f0c7a0ff93fa2cf228
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d6615dfb85cbfac582b1002ca0331a3f63a3a9092cfbb119d7aee17d1debf459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df58bcca1c1e316b5f78f4046a1573c400eb234b4dc3cdbb634ea6ff513ca631
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e9f28ed95f41a899e6edea68ef4b6f1ff865d8a688249f307480c323780dd18b
ea6203b19318a9f38c0117a286d50171f5cec5f2b6788ae3746abc1c2e9637f5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbd57f3a0fb0e3099e6e731fa25cd520200b83d0e1dac255adccd7ce56f1583e
fbf08c5fac3bf57d0adb94715bde8ff531f88f1d13226a2c85fe136ffb51dece
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

t.ly 104.20.7.133 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

94 %HTTPS

34 %IPv6

17 Domains

35 Subdomains

35 IPs

7 Countries

5474 kBTransfer

9579 kBSize

26 Cookies

12 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

t.ly
104.20.7.133 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

141
Requests

94 %
HTTPS

34 %
IPv6

17
Domains

35
Subdomains

35
IPs

7
Countries

5474 kB
Transfer

9579 kB
Size

26
Cookies

141 HTTP transactions
3 data transactions