bitly.ws Open in urlscan Pro
185.11.100.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bitly.ws/VvJN#/VUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcm...
Effective URL:
https://bitly.ws/?banned=1
Submission: On September 25 via manual (September 25th 2023, 2:31:17 pm UTC) from US — Scanned from US

Summary HTTP 196 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 39 domains to perform 196 HTTP transactions. The main IP is 185.11.100.204, located in Poland and belongs to CF-KRK, PL. The main domain is bitly.ws. The Cisco Umbrella rank of the primary domain is 181409.
TLS certificate: Issued by R3 on August 22nd 2023. Valid for: 3 months.

This is the only time bitly.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 12	185.11.100.204 185.11.100.204	29522 (CF-KRK) (CF-KRK)
16	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4004:c08::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:48:1... 2620:1ec:48:1::38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.76.104.238 104.76.104.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2600:1408:c40... 2600:1408:c400:c::17cd:688e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.149.135.28 34.149.135.28	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
2 2	52.200.193.66 52.200.193.66	14618 (AMAZON-AES) (AMAZON-AES)
1 21	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 7	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.205.242.31 52.205.242.31	14618 (AMAZON-AES) (AMAZON-AES)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	2606:4700:20:... 2606:4700:20::681a:3be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.167.134.46 54.167.134.46	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2600:1f18:4e9... 2600:1f18:4e9:5a07:d3f7:7fe8:8d7c:7385	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
18	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
3	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	23.63.179.39 23.63.179.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1 1	54.144.174.17 54.144.174.17	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.46.150.34 23.46.150.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
196	31

12 185.11.100.204 (Poland) 4 redirects

ASN29522 (CF-KRK, PL)
PTR: v5103.vps.ogicom.net

bitly.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mp.org.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c08::9b (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::61 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c08::65 (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::5e (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::71 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c08::9d (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::84 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::9c (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::93 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48:1::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.104.238 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-104-238.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:c400:c::17cd:688e (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.135.28 (United States)

ASN15169 (GOOGLE, US)
PTR: 28.135.149.34.bc.googleusercontent.com

g.algbid.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.193.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-193-66.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.253.62.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (Mountain View, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.242.31 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-242-31.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:3be (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Mountain View, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.167.134.46 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-134-46.compute-1.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a07:d3f7:7fe8:8d7c:7385 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (United Kingdom) 2 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.24 (United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.63.179.39 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-63-179-39.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.174.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-174-17.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.150.34 (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-150-34.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.us.criteo.net — Cisco Umbrella Rank: 5260 csm.us.criteo.net — Cisco Umbrella Rank: 5069	748 KB
33	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	174 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	368 KB
20	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 www.google.com — Cisco Umbrella Rank: 11	115 KB
10	bitly.ws 2 redirects bitly.ws — Cisco Umbrella Rank: 181409	27 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	5 KB
6	algbid.app g.algbid.app — Cisco Umbrella Rank: 22469	2 KB
6	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 4918 rtb.va.us.criteo.com — Cisco Umbrella Rank: 10891 cat.va.us.criteo.com — Cisco Umbrella Rank: 5006	114 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	285 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2546 nym1-ib.adnxs.com — Cisco Umbrella Rank: 2282	29 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 87	8 KB
3	gstatic.com fonts.gstatic.com	48 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 3422	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	10 KB
2	opera.com 2 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 6648	1 KB
2	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 10923	22 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 7595	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	879 B
2	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	2 KB
2	mp.org.pl 2 redirects mp.org.pl	465 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	982 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241	1 KB
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 2038	729 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	714 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 10521	544 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 8866	464 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 7418	29 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	600 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	249 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2603	442 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	78 KB
0	turn.com Failed ad.turn.com Failed
196	39

	Domain	Requested by
49	imageproxy.us.criteo.net	ads.us.criteo.com
21	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net bitly.ws
18	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
17	fundingchoicesmessages.google.com	bitly.ws pagead2.googlesyndication.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	bitly.ws pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com bitly.ws googleads.g.doubleclick.net
10	bitly.ws	2 redirects bitly.ws
7	x.bidswitch.net	6 redirects googleads.g.doubleclick.net
6	g.algbid.app	bitly.ws googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
3	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	csm.us.criteo.net	ads.us.criteo.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	px.owneriq.net	2 redirects
2	cdnjs.cloudflare.com	ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	t.adx.opera.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ads.avct.cloud	2 redirects
2	cdn.rtbrain.app	googleads.g.doubleclick.net
2	ads.creative-serving.com	2 redirects
2	match.adsrvr.org	2 redirects
2	px.ads.linkedin.com	2 redirects
2	pm.w55c.net	2 redirects
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net
2	ads.us.criteo.com	googleads.g.doubleclick.net
2	mp.org.pl	2 redirects
1	analytics.pangle-ads.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	s.tribalfusion.com	bitly.ws
1	a.tribalfusion.com	1 redirects
1	odr.mookie1.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dsp.adkernel.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.paypalobjects.com	bitly.ws
1	fonts.googleapis.com	bitly.ws
1	www.googletagmanager.com	bitly.ws
0	ad.turn.com Failed	googleads.g.doubleclick.net
196	48

This site contains links to these domains. Also see Links.

Domain
xy2.eu
tinyurl.mobi
www.buymeacoffee.com
buy.stripe.com

Subject Issuer	Validity	Valid
bitly.ws R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-08-19` - `2023-12-10`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-01` - `2023-12-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.algbid.app R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2022-11-18` - `2023-11-18`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://bitly.ws/?banned=1
Frame ID: 2F6802B976CDDF4520A848B3CEB7CA3F
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html
Frame ID: 9EDEE3506C5DFE524A4BE868F64AE208
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1695688272&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272355&bpp=5&bdt=362&idt=127&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6386759171196&frm=20&pv=2&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Frame ID: 28B60DEC5DB094392C28732AB13915FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162
Frame ID: 8FD89DF61A7F9C3C135381B28BD7512B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4
Frame ID: A0D9BB84590A5F7870802BA4D10383AC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8
Frame ID: 69239B838F91F57015581D00A889FD2B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Frame ID: F06B956FA1E8F49D791D939F65360399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1
Frame ID: 603BCE3E2D148A74B7D19970D05BA9B4
Requests: 11 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC_yABy5U2AAVARwbl1_49jTtH_wx_bA&u=%7CdS9TAeWqbIjdkyIaf5CWRzMykjmOjLMPlZLAdkGEJuE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQdfu4XIIFzGwbtUdFw5BzJ4XS4v8rG2lrNGWEH_9JHWbBcXfXoMCtoY8iVt3w76dBehFOv8qnGv_cOzb-zQcnwUZJ9gzXlF_HoNpeqeZRSjTlD0z2GqD9M-Hx6Gh6D7dIQuAOPiDMzfHD4NmS8MCnKG7cipSTnd9t3kit9Z7BrSU7534Djda2kopdy4SwNOpmcO2FUaSMedrsfbtYCUPHalUnbyNzomItCoSOpIuvZY-3snhbrB3DrnxOquOEC-BZ-2hwnNegc0Iq2f_PWjxhh3oH6I96NRVTxiAch6EXWhz1rtWdg4RhMCb-EBR9VJUka1H92sJueIj3jEc_gr6b28Gr4xah0ATpihE7T-sspXEpV5Gwot1JLQKFfud0vT7Q0tECOmXyMxZXUAmIVfTB-DWoXuESybeGuzjdjBLSrHRC--ZXw7QukjfUxudaA2G6pTJRXCsX0aol3aV5HlmM8A6zUPWSmOLVebQtN1wjg84OcDDwYeqY9CGooGVSlehV5louS79_zNCpglMTolLjvU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6eusZkRZaD-C7aqrr4Px4CVsA6cge-wXLLtt52dAcCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBMMBT9AS0lRKwnzExT9i79rgV-KPzHXprclJMvlmIoHCeiI3APKhcCTg7Ore76LcufXD57MWfykxtcQ2HSVpyj9_yNtqbdSxoi_Td6ouvkZdwrJNA4SMXICu3v0SUIPA9rpUpJvGEkhLqu_TV9z6230RCl8wPvX897Ox8utWJkV9eWYYJMp1P07CPNeNjmKMSy6KKr2F3Xw14dDt2i4xFitY180FRUPm2WLhUflkPe0pRqXoYtE8tk0NSs0jKhY2I3W0sOjhgAaYq6DcqYOZo7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uAWeKczNUxIHVOsl46NUqoDnvUA%26client%3Dca-pub-2614556310778759%26adurl%3D
Frame ID: 49DB775EE762BA6308A76BE3ADA2724A
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3E13765D0789559C809AEA85BD15F27
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 399D6DA259A1395589B926628E432311
Requests: 13 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC9poKwSRkAAVKxru2y4NTlywSodFBJQ&u=%7CdS9TAeWqbIjoNN8s38fHqB6%2FGu3TQyxeY737sMzp2eo%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQUsKXaC7Ll2KAUnfa2rpvGORZY6L1Ue37X4-ZnSwoVqSbREQCF7Y0sxQxFUZL7YRtzAqJEEPreEAcSoSpIH1bCGbWoxO4iWEBPIu5X14EKcJAAjduznFfdu48nm-FhS5dSNyH3K7hFrOulr7HVs0sXAKd7BxHI-L8yqY1Et2TEbWbMElepQJamJ5kK0MIBopHASI-RlqGIQ6v8uVFmSyXSjyLcYOSqtc-KweXpsntuVqMGB1aVN-xY4X5r1h7i_Mlt4ETqTJqgBcQwT2eZq2kYqu44p18jN_8emKf76sQF5b55KdVa1WSXK_OfGo1A1BDnjcWSQhbj0fbJ-C-OSELrMfA_4qAwNgshiN76O0Wax4HsNtNmEO_9aALowS05oOlWTNanJqYaQMC_9qXtW5GnsPcfABHIOs0IlTKEkpJBl8ZQ5R8m_mE4TUPGZCu63Mxi-0YWV4Mm9NRPxJx82lyD54i6rZdZ821XEnDamQ6E40nx7-roVc0cc9ekWHrOkUnf2XBKSobFKy3kYdHRjW30E7UeB9qP-Ojw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN3gSsZkRZZrtC-TIhAbGlZXwAZyB77BcosqnqnTAjbcBEAEgAGDJBoIBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEJqAMByAMCqgTDAU_QTT4zuuihCL0iK7Fpo2L_5Hk0TZildy4pHDnIg1Z2PXBoCTf39kOP0NxWc3RZTy6_TLTI4vZN5nG9Om6QqeogUzoxQ7jo3cXpm6jcbuuxD7cIgkg4szI2NbKQoAl5r1VmSgpguMH3SopDbUkH18zkjVraosFZL40S2qfTT8KvlYZffHd3vQDQpY7cKv2ZJYeiSx3APusal0BqAIPW16w299h_RGnY8G7__x6mIVgY8V5l28l2oK4M8t_uZ4fzN1s9_4AGmKug3KmDmaO5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1-1c6Jsbd9SdjA4WnNMB477fCxSg%26client%3Dca-pub-2614556310778759%26adurl%3D
Frame ID: 19BDFD99986883C3B48A35E7759F2A15
Requests: 37 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 898B4828C10A432D5EDC9BE4368011D0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EAE2B713980EF785AB33040E3577BB7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAB6F64A4F3C982E0292E0F8E39ACF11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E1D623D5B4BF54E0C136445DE92B32B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | URL Shortener

Page URL History Show full URLs

https://bitly.ws/VvJN HTTP 301
https://bitly.ws/?redirect=VvJN HTTP 301
https://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news HTTP 302
http://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news HTTP 302
https://bitly.ws/?banned=1 Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

196
Requests

89 %
HTTPS

51 %
IPv6

39
Domains

48
Subdomains

31
IPs

4
Countries

2058 kB
Transfer

4418 kB
Size

44
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://xy2.eu/
Title: XY2

Search URL Search Domain Scan URL

URL: https://tinyurl.mobi/
Title: TinyURL

Search URL Search Domain Scan URL

URL: https://www.buymeacoffee.com/oconnel

Search URL Search Domain Scan URL

URL: https://buy.stripe.com/eVa8z88iQeWTaEUeUU

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bitly.ws/VvJN HTTP 301
https://bitly.ws/?redirect=VvJN HTTP 301
https://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news HTTP 302
http://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news HTTP 302
https://bitly.ws/?banned=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e8e332b-6128-4a0a-8b28-612a0e0e4bbd&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=b8505e92-e44e-4eb3-8112-52af3feaf58d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da2f153b3a90d49c986294c4a63d91d53%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=7895177833986132313 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a2f153b3a90d49c986294c4a63d91d53&SNR=1&GV=2&med=10

Request Chain 65

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmqvGt9_U0dUnGE2FpNpQf6-HG5VTWBOcsdcLXY8FIiHIdvd9Io3OwcriRo5 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmqvGt9_U0dUnGE2FpNpQf6-HG5VTWBOcsdcLXY8FIiHIdvd9Io3OwcriRo5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTZKNENsemIxUUtNQ2Q1&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmqvGt9_U0dUnGE2FpNpQf6-HG5VTWBOcsdcLXY8FIiHIdvd9Io3OwcriRo5

Request Chain 66

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEP2ZIkxNlr2dCwJUokxbETE&google_cver=1&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3bckXVvmdRniqk9xR54hQeDJsd7c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3bckXVvmdRniqk9xR54hQeDJsd7c

Request Chain 67

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBra7R9iriX22Sf21c5ajqY&google_cver=1&google_push=AXcoOmQO7WIfSdxESewl_Zzesj3p4GKw0qnuUbUSEiooIzovGfFTyg7r1TNrzqN7oT_-VyrNyW329vlP8aEGg0H2utopt5SYIrIgGiI HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBra7R9iriX22Sf21c5ajqY&google_cver=1&google_push=AXcoOmQO7WIfSdxESewl_Zzesj3p4GKw0qnuUbUSEiooIzovGfFTyg7r1TNrzqN7oT_-VyrNyW329vlP8aEGg0H2utopt5SYIrIgGiI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDU4YjljMDctODc1ZC00YjE1LTk3NzktZDZkNjJiMDQ1MGZh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=458b9c07-875d-4b15-9779-d6d62b0450fa

Request Chain 68

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=1&google_push=AXcoOmTKUtr8qaiyHq90F4tYawlmouIeQvWkL5kLx8LIYWyAR3VSysLMGpS_Jk_4xyoiRIbHlkPgsFdnA2dfqxRweWyuiwGreERtEp8B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDhkNTFiYWUtZjE3Mi00YWM0LTk3ZDctNjJlNzdhNWFkOTE0&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=1&google_push=AXcoOmTKUtr8qaiyHq90F4tYawlmouIeQvWkL5kLx8LIYWyAR3VSysLMGpS_Jk_4xyoiRIbHlkPgsFdnA2dfqxRweWyuiwGreERtEp8B

Request Chain 69

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGHf__4-2n_h8jJNeQ_Hbys&google_cver=1&google_push=AXcoOmRPkqwt116bicYUzM4LfpnKo2aa0p1BOvLBfgTYCHpKnAkHXIvP0BAlKwIH1Qsb5PGtn7qHL_zCujPMDSLgj92TryP5iYTM5tzp HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGHf__4-2n_h8jJNeQ_Hbys&google_cver=1&google_push=AXcoOmRPkqwt116bicYUzM4LfpnKo2aa0p1BOvLBfgTYCHpKnAkHXIvP0BAlKwIH1Qsb5PGtn7qHL_zCujPMDSLgj92TryP5iYTM5tzp HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=75f26999-a058-4ea7-bc2b-58ddf89d49da&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=75f26999-a058-4ea7-bc2b-58ddf89d49da&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=2c896305-f015-49a3-af02-1fa9728e2c17&ssp=google&expires=30&user_group=5&bsw_param=75f26999-a058-4ea7-bc2b-58ddf89d49da HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0&google_hm=dfJpmaBYTqe8K1jd-J1J2g==

Request Chain 70

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESED0m226e3vPu5WyokTNx9Zo&google_cver=1&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJQbQkRbhqU0SE-d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEzNzQ3MDEzNTc3NTU0MjE2Njk&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJQbQkRbhqU0SE-d

Request Chain 78

https://um.simpli.fi/gp_match?google_gid=CAESEGafBG_UvJH7fTWIac2zmjE&google_cver=1&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDhAXVPcUL17moiMS7c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=935F81D2D7054BF19659949175EB512F&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDhAXVPcUL17moiMS7c

Request Chain 79

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKp7aDcKqNybAUfH2LUPVA0&google_cver=1&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_B3YeO4paCZWFYG1TWCc2g8H05Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_B3YeO4paCZWFYG1TWCc2g8H05Q

Request Chain 81

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0 HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=b84001a9-a2fc-4d56-9907-8b3cb4a3f5f2&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=dfJpmaBYTqe8K1jd-J1J2g== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1

Request Chain 82

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpTKlH96WYO3G7fDZznHpo&google_cver=1&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rFL92Yn2IE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rFL92Yn2IE&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B

Request Chain 83

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKzq_2zlW9Vnt97sF6nU7R4&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWStWzewCVms&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWStWzewCVms&google_hm=MTA1OTQxNTUxNzk0NzUxNjE5NjU

Request Chain 84

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSTfZ9aP7JNI78jeR_OjDUDTlFyymDNZvOLxo8C-o3jjHRJV15ywZz9bAWQOR2Ge5ddFsggEDpTg65zXxvlhUf7DoHVtzCCCz9v&google_gid=CAESENDO0Pm6s5cikTkow96WiSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDO0Pm6s5cikTkow96WiSU&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmSTfZ9aP7JNI78jeR_OjDUDTlFyymDNZvOLxo8C-o3jjHRJV15ywZz9bAWQOR2Ge5ddFsggEDpTg65zXxvlhUf7DoHVtzCCCz9v

Request Chain 172

https://px.owneriq.net/ecmg?google_gid=CAESENzfWsX_jAgxHg8U_5nXUF8&google_cver=1&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E%26google_cver%3d1%26google_gid%3dCAESENzfWsX_jAgxHg8U_5nXUF8%26google_hm%3dUTc0ODkzODY3NDE4MDExNjAzMDM%3d&uid=Q7489386741801160303&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E&google_cver=1&google_gid=CAESENzfWsX_jAgxHg8U_5nXUF8&google_hm=UTc0ODkzODY3NDE4MDExNjAzMDM=

Request Chain 173

https://a.tribalfusion.com/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 174

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDJp9eUOjPElR7y_lRPnl0o&google_cver=1&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzbfvbgb97M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzbfvbgb97M&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B

Request Chain 175

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOQKz6EHMUE4czFrMCa5tyU&google_cver=1&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSMUnPXGi528qYroh2ePXfZcQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOQKz6EHMUE4czFrMCa5tyU&google_cver=1&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSMUnPXGi528qYroh2ePXfZcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NTM3MzQzNDA1MTQzNjI2OA&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSMUnPXGi528qYroh2ePXfZcQ

Request Chain 176

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEIySenxLHm85aAAv-7bivJ8&google_cver=1&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73rUOcExTYzLTkfCdtuI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ekXMWK9YUrVUlnhtIHLry85CYJ4&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73rUOcExTYzLTkfCdtuI

Request Chain 177

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRJF8wKqODJcpDYJY7zSz_tNBK183AdFGOzWwPY2KYLAOhzh2hkPhBQV4QghA9I_tDgF2NXsRFbpeasnGo8hp0ZVoOgqRO2ka1-&google_gid=CAESEOpEaBZXItFWmFjO1uygXJ4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOpEaBZXItFWmFjO1uygXJ4&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmRJF8wKqODJcpDYJY7zSz_tNBK183AdFGOzWwPY2KYLAOhzh2hkPhBQV4QghA9I_tDgF2NXsRFbpeasnGo8hp0ZVoOgqRO2ka1-

Request Chain 178

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPKIA92RoBlUDxMC0tiLeQg&google_cver=1&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlfE8p5MBG_bA68hGJ9GpK5we5uSUv3HybBRUygk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlfE8p5MBG_bA68hGJ9GpK5we5uSUv3HybBRUygk

196 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bitly.ws/
Redirect Chain

https://bitly.ws/VvJN
https://bitly.ws/?redirect=VvJN
https://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news
http://mp.org.pl/yt-redirect.php?banurl=https://ukyzdtjydzd.newszoo.news
https://bitly.ws/?banned=1

12 KB
5 KB

171ms
170ms

Document
text/html

185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache / PHP/5.5.38
Resource Hash: 2d923af816cf37df56fc0f8f9ee0a31e0f7a50f36b726ef141e7bceabd5112a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 25 Sep 2023 14:31:11 GMT
expires: Mon, 25 Sep 2023 14:31:11 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/5.5.38

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Mon, 25 Sep 2023 14:31:11 GMT
expires: Mon, 25 Sep 2023 14:31:11 GMT
location: https://bitly.ws?banned=1
server: Apache
x-powered-by: PHP/5.5.38

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 242ms
100ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8633b70d994e1e728ea36ef10424637c34e57c6c68b3072fa183fd75534f83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50787
x-xss-protection: 0
server: cafe
etag: 12701993061889918824
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 221ms
68ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8Q1W6PKNCX

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de56850c64ae053d20c43b4804b2da9d2d493b360ec6302c57b1365a3cc508fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 pub-2614556310778759 Show response
fundingchoicesmessages.google.com/i/ 155 KB
51 KB 244ms
103ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-2614556310778759?ers=1

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75afde76a806c5e0d7aeb39932d148cdcbf0d4333878998d59b2e6427ae97c00

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ux0IqmTf3VcaGtr9v8LSJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ux0IqmTf3VcaGtr9v8LSJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
bitly.ws/css/ 10 KB
3 KB 134ms
133ms Stylesheet
text/css 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/css/style.css
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 151bc681e41dd21a559a36d4afe28b98b0da1bdc67ca599b5fc8e0bf983b9012

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: gzip
last-modified: Sat, 19 Aug 2023 16:03:04 GMT
server: Apache
etag: "29dd-60348c7c43e1e-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 2500
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 194ms
65ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddccc3b074d270f15bb7619ad6324f0c4e7b2576747bb20851a8a709c62d15d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 14:31:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 adframe.js Show response
bitly.ws/js/ 16 B
211 B 147ms
146ms Script
application/javascript 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/js/adframe.js
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Sat, 30 Dec 2017 21:02:30 GMT
server: Apache
etag: "10-5619511402320"
content-type: application/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 16
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 paypal.jpg
bitly.ws/gfx/ 9 KB
9 KB 353ms
350ms Image
image/jpeg 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/paypal.jpg
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Tue, 02 Jan 2018 13:00:56 GMT
server: Apache
etag: "2204-561cab086d14b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8708
expires: Tue, 24 Sep 2024 14:31:12 GMT

GET
H2 200 paypal.png
bitly.ws/gfx/ 5 KB
6 KB 258ms
256ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/paypal.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Tue, 02 Jan 2018 13:00:54 GMT
server: Apache
etag: "158c-561cab06562ce"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5516
expires: Tue, 24 Sep 2024 14:31:12 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/pl_PL/i/scr/ 43 B
442 B 186ms
63ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (phd/FD2F) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 3ddeb05243326
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:41 GMT
server: ECAcc (phd/FD2F)
traceparent: 00-00000000000000000003ddeb05243326-c0390848ad1539d2-01
etag: "5d5637c5-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 25 Sep 2023 15:31:12 GMT

GET
H2 200 bmac.png
bitly.ws/gfx/ 3 KB
3 KB 243ms
240ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/bmac.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 54339f1c8cb089c05773b2b18fd5da6e702956decbf7dea6ef0348a64203c657

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Sat, 19 Aug 2023 15:45:47 GMT
server: Apache
etag: "c86-6034889f203e4"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3206
expires: Tue, 24 Sep 2024 14:31:12 GMT

GET
H2 200 stripe.png
bitly.ws/gfx/ 1 KB
2 KB 257ms
255ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/stripe.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: b8214bd5cbd9197f329d1df98d908dc7a1cd38c28e8010b92e49b3f35dd9986a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Sat, 19 Aug 2023 15:45:50 GMT
server: Apache
etag: "54f-603488a24201d"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1359
expires: Tue, 24 Sep 2024 14:31:12 GMT

GET
H2 200 bitly-chart.png
bitly.ws/gfx/ 210 B
400 B 255ms
254ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/bitly-chart.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/?banned=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
last-modified: Tue, 02 Jan 2018 13:00:56 GMT
server: Apache
etag: "d2-561cab088ec59"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 210
expires: Tue, 24 Sep 2024 14:31:12 GMT

GET
H2 200 wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v17/ 24 KB
25 KB 213ms
56ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courgette/v17/wEO_EBrAnc9BLjLQAUk1VvoK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:38:56 GMT
x-content-type-options: nosniff
age: 233536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:58:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 21:38:56 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 231ms
74ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 19:31:33 GMT
x-content-type-options: nosniff
age: 241179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 19:31:33 GMT

GET
H2 200 RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v25/ 8 KB
9 KB 211ms
55ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/acme/v25/RrQfboBx-C5_XxrBbg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:50:24 GMT
x-content-type-options: nosniff
age: 247248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8236
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:26:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 17:50:24 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
249 B 197ms
74ms Ping
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8Q1W6PKNCX&gtm=45je39k2&_p=1712450660&cid=896133255.1695652272&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695652272&sct=1&seg=0&dl=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1&dt=Bitly%20%7C%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Q1W6PKNCX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::71 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bitly.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 83ms
82ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4425d0b8db92ddee26b464dcd291ef37c1aaf63d3c0f368bf89394e3d044139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131521
x-xss-protection: 0
server: cafe
etag: 4281842616939371940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/ Frame 9EDE 10 KB
5 KB 50ms
49ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 13:51:01 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 13:51:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXBLf-cwZqPy6-kg2duEdneWWQ7lS7bD_ViIvOE7kof0Z52R2kN3pjdOOtVBH5RMPAWrG4gyHzNymO_4jXljaVRowB5g5ZxDeDXDF0h1Q-54z1J8bZA9D1h17yUAfMMC6x9SysuQg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 96ms
96ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXBLf-cwZqPy6-kg2duEdneWWQ7lS7bD_ViIvOE7kof0Z52R2kN3pjdOOtVBH5RMPAWrG4gyHzNymO_4jXljaVRowB5g5ZxDeDXDF0h1Q-54z1J8bZA9D1h17yUAfMMC6x9SysuQg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1NjUyMjcyLDQwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iaXRseS53cy8iLG51bGwsW1s4LCJBLWpMSGc2QUJydyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92e1dc7abf0c4dbcb5461aaab93922aefb27d3c87f869519aa1f4f16c8c1f0e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TNTfOuNOPrhabjGtHFj_ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-TNTfOuNOPrhabjGtHFj_ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 202ms
74ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bitly.ws&callback=_gfp_s_&client=ca-pub-2614556310778759

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

951a28e288295d2940b71cf80d3c8b8579ff5942d6e0201737709611328c1277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28B6 196 KB
59 KB 539ms
538ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1695688272&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272355&bpp=5&bdt=362&idt=127&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6386759171196&frm=20&pv=2&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04cd1cdd837ac0b2d6f9c7c1fb90054316750a0521d93ca68d03f692ba1ee719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 60234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 25 Sep 2023 14:31:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FD8 151 KB
53 KB 776ms
775ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c415c0efddd02f64e328b0acb2c401b33802978b5a590d172e5e009ef8329935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54049
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 25 Sep 2023 14:31:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136713b9348079a3b993ecde7edf505887e5b1b8aed6d7a90e2540eaf2a22ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53708
x-xss-protection: 0
server: cafe
etag: 10379465652205510203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H3 200 ca-pub-2614556310778759 Show response
fundingchoicesmessages.google.com/i/ 155 KB
50 KB 76ms
76ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0b0ffbfa9571a8f0cc01842f1dd885f6e851b271fee89afe59dbc8d432644c9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WTdgZfIGugPGmIFB2GZ7Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WTdgZfIGugPGmIFB2GZ7Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0D9 32 KB
14 KB 470ms
469ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f9ad00de3b9995db4b2372b01ebc70ea19238ce808aea0d70fc56968f5e066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13954
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 25 Sep 2023 14:31:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6923 37 KB
16 KB 401ms
400ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c006e8ca12c85291e5dab0082c92bf242f5525f4552ef1c0b87f5e832e504db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15872
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 25 Sep 2023 14:31:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F06B 57 KB
20 KB 427ms
427ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5dd13143e76ff9bed0aeeef1695cb445a941fc8f5a13b8e8aebc106925199d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20200
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 25 Sep 2023 14:31:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/ Frame 603B 10 KB
4 KB 46ms
45ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 09:26:23 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 09:26:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 603B 3 KB
1 KB 203ms
58ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 08:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:18:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 603B 20 KB
8 KB 195ms
51ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 05:11:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 603B 182 KB
57 KB 226ms
66ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 8FD8 3 KB
1 KB 189ms
58ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 08:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:18:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 8FD8 20 KB
8 KB 180ms
49ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 05:11:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FD8 182 KB
57 KB 248ms
99ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 59ms
58ms Image
image/gif 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.656029628740171

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Cyh9wPMv10iIFabpXCFC4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Cyh9wPMv10iIFabpXCFC4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 62ms
61ms Image
image/gif 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.934698932154642

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-gpbQTDxd_n7MVmzpzfeVKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-gpbQTDxd_n7MVmzpzfeVKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8FD8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8453818e23da5b9a2c2764ca0bfb8ea8d79b624f61f01fbdd5c204956f5a960

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 603B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 553b50e318611933f1e9e0efe2b8cdbbc822c24892ca37c888360d2f6601e690

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 6923 3 KB
1 KB 46ms
45ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 08:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:18:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 6923 20 KB
8 KB 42ms
40ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 05:11:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6923 182 KB
57 KB 43ms
42ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 49DB 188 KB
57 KB 261ms
118ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC_yABy5U2AAVARwbl1_49jTtH_wx_bA&u=%7CdS9TAeWqbIjdkyIaf5CWRzMykjmOjLMPlZLAdkGEJuE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQdfu4XIIFzGwbtUdFw5BzJ4XS4v8rG2lrNGWEH_9JHWbBcXfXoMCtoY8iVt3w76dBehFOv8qnGv_cOzb-zQcnwUZJ9gzXlF_HoNpeqeZRSjTlD0z2GqD9M-Hx6Gh6D7dIQuAOPiDMzfHD4NmS8MCnKG7cipSTnd9t3kit9Z7BrSU7534Djda2kopdy4SwNOpmcO2FUaSMedrsfbtYCUPHalUnbyNzomItCoSOpIuvZY-3snhbrB3DrnxOquOEC-BZ-2hwnNegc0Iq2f_PWjxhh3oH6I96NRVTxiAch6EXWhz1rtWdg4RhMCb-EBR9VJUka1H92sJueIj3jEc_gr6b28Gr4xah0ATpihE7T-sspXEpV5Gwot1JLQKFfud0vT7Q0tECOmXyMxZXUAmIVfTB-DWoXuESybeGuzjdjBLSrHRC--ZXw7QukjfUxudaA2G6pTJRXCsX0aol3aV5HlmM8A6zUPWSmOLVebQtN1wjg84OcDDwYeqY9CGooGVSlehV5louS79_zNCpglMTolLjvU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6eusZkRZaD-C7aqrr4Px4CVsA6cge-wXLLtt52dAcCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBMMBT9AS0lRKwnzExT9i79rgV-KPzHXprclJMvlmIoHCeiI3APKhcCTg7Ore76LcufXD57MWfykxtcQ2HSVpyj9_yNtqbdSxoi_Td6ouvkZdwrJNA4SMXICu3v0SUIPA9rpUpJvGEkhLqu_TV9z6230RCl8wPvX897Ox8utWJkV9eWYYJMp1P07CPNeNjmKMSy6KKr2F3Xw14dDt2i4xFitY180FRUPm2WLhUflkPe0pRqXoYtE8tk0NSs0jKhY2I3W0sOjhgAaYq6DcqYOZo7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uAWeKczNUxIHVOsl46NUqoDnvUA%26client%3Dca-pub-2614556310778759%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

80209d22a971d16e547e222da49aa2f142943b20a9e1319516283f021d90c37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ZWt2A4b3aBCeuI4eNqEnK05qAhZ-5JnsI1KyQXyMKzqGWCSyIlJ4lcFj24400I9aF5EJmpYklWJy-zqMn0GerCgFa9E8XbRL89UDgLHRXvj59wg8ooeteW6jUo965K59teDGvgd7fBRMxwWA013M2HITafGOPMyMVClTpzKWMrmFwYUhranMHszNB_3elrPwaB5Gxin8H_tbYlY0DqQ77Y_oLYYtfwI4wcYKGT93-fr3vTjMOZ2Ilp2pHj40-eDEVquwGg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66982830
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A3E1 1 KB
643 B 39ms
37ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 15:39:06 GMT
etag: 48472445140208031
expires: Mon, 25 Sep 2023 15:39:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 198ms
57ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QTnR__lR66cWuoVXheyCow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-QTnR__lR66cWuoVXheyCow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A0D9 3 KB
1 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 08:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:18:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A0D9 20 KB
8 KB 51ms
51ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 05:11:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A0D9 0
0 172ms
75ms Image
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHCzB9D7d2v6je9ENFfG9n8H8BZwYf4qw2aEf0BAzw9S_gmxeff2cSmmfWi26y_u4qMEMVTQp3rELHE4Al1XFZjtb17Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0D9 182 KB
57 KB 43ms
39ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 399D 89 KB
29 KB 247ms
47ms Script
application/javascript 2620:1ec:48:1::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 16:16:52 GMT
content-md5: QfEVvja98J3suHAdWTgvwQ==
etag: 0x8DBBB8754CA0D88
x-azure-ref: 0sZkRZQAAAAAxkGJ0tuCsQJMcCeiKdu5XTU5aMjIxMDYwNjEyMDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 97fc28c0-c01e-00ff-0b74-ef46f4000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 399D 80 KB
27 KB 165ms
53ms Script
application/x-javascript 104.76.104.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.76.104.238 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-104-238.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:31:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 24 Sep 2024 14:31:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 399D 3 KB
1 KB 46ms
45ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 08:18:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:18:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 399D 20 KB
8 KB 47ms
46ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 05:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 05:11:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 399D 0
0 205ms
74ms Image
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3Xmt1awluO3OngziTrG5VdlTLju1G_lQ_5sxgGFmSDxrH7fOYQ1AMr1S3EpSGUmJHwAALd4y3cz-UeXwLkvm5KLj-IA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 399D 182 KB
57 KB 39ms
38ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:13 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 399D
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e8e332b-6128-4a0a-8b28-612a0e0e4bbd&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=b8505e92-e44e-4eb3...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a2f153b3a90d49c986294c4a63d91d53&SNR=1&GV=2&med=10

0
544 B

86ms
85ms

Image
text/plain

2600:1408:c400:c::17cd:688e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a2f153b3a90d49c986294c4a63d91d53&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Protocol: H2
Server: 2600:1408:c400:c::17cd:688e , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE47E01F1CC74296986A7EE157E64C0D Ref B: BLUEDGE1121 Ref C: 2023-09-25T14:31:14Z
x-cdn-traceid: 0.8edcda17.1695652273.347ca16
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 25 Sep 2023 14:31:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA6DD327356C4F8B90B622524A526FB3 Ref B: BL2AA2030102011 Ref C: 2023-09-25T14:31:13Z
x-cdn-traceid: 0.8edcda17.1695652273.347c6a5
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a2f153b3a90d49c986294c4a63d91d53&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 603B 0
19 B 65ms
61ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIeOnsJkRZZXkIOmTrr4Pgu-syAaLv4iuZvG66fX_DsCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLoBT9BDSU7w7ihXrZBwwX0AV1PMR5M_MgJzBi-SG4A5pnxKGDlDQ0q9iywhL_ddfNhvby5CPMQF7ef1ocA79urdc3qWvrG2uIgwbC63ia5zTEjOWIN36HKpKv6vXsuSI4G88mld6_pkHjrBomz0A4cg46oTpcre3jf_Y4hxrNNjW0Xex06e0aT6KgdLAiFFiIFG51RZVYj_WMnPwE8GsSScjGgUTVIPyu02K3u1voP5kq4ASTfKiceNInowgAbik7mBxPGZguYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNjE0NTU2MzEwNzc4NzU5GAA&sigh=rlomhbRBzTw&uach_m=[UACH]&cid=CAQSGwBpAlJWozHq3O0joFE2SFkFdfR72B1VycfjMhgB&cbvp=2&vis=1

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 14:31:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.algbid.app/ Frame 603B 0
751 B 167ms
68ms Image
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.algbid.app/rtimp?sid=2d3c5444-5bb0-11ee-9006-c25454896e5e&d=bitly.ws&cr=rgn_gen12_ob_new_footer__1&a=imp&p=ZRGZsAAIMhUBy4npAAs3gq4vVsTvxDyzjBGwQQ&im=TTBYi3N1xavNo4Rx9hZqiKvNCu18kXaHLWEnKRnTb4dVCSeN5GAxWZO5aW129fDWtWydYPoArkWILbV2Ol5cAaEHxQEzykUsNGMI8s1Wn5lHbHV93o3vIdrgQZEPsHEh2JZ9qgGMWnXode8CAZLgqWnc310wpaHuhxeXKwi4GwOx7MkavpvwEZlD9mFqLtmcJ3QRNK00kv44CSFqdC9nJhU6OHO2EZvA0lPsgfxzB6osykulYN3Hat5_GF1jQUfiqV5PAqgXJdQCHpgYljQ45T3ZiJ5dsCTXILMLF3r5CQ-blxjvh1Ol_HZnRauDVioI&cbvp=2
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0D9 0
0 65ms
63ms Fetch
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL9StsZkRZZrtC-TIhAbGlZXwAZyB77BcosqnqnTAjbcBEAEgAGDJBoIBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEJqAMByAMCqgTAAU_QTT4zuuihCL0iK7Fpo2L_5Hk0TZildy4pHDnIg1Z2PXBoCTf39kOP0NxWc3RZTy6_TLTI4vZN5nG9Om6QqeogUzoxQ7jo3cXpm6jcbuuxD7cIgkg4szI2NbKQoAl5r1VmSgpguMH3SopDbUkH18zkjVraosFZL40S2qfTT8KvlYZffHd3vQDQpY7cKv2ZJYeiSx3APusal0BqQoH2RWqLHKL2r1YMfFcYW6-pCVE26Zr-KLP_aRAS3sdvoxPK0IAGmKug3KmDmaO5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=BNd95DfQyM8&uach_m=[UACH]&cid=CAQSPABpAlJWYPIR-bhWdBAXJBp6oCFi-d3E2E8NA7awM5nCPEQhPpr27FJYO4c4aeL7PUkKBSvEloytb_LRbBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 14:31:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame A0D9 0
0 228ms
92ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kJGPGM36RLAJmALiIp0XAgAAALLSbJQfbDEiELCZEWU_cE-PSOb15Y1wAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRGZsQAC9poKwSRkAAVKxru2y4NTlywSodFBJQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 236739
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 19BD 185 KB
56 KB 165ms
165ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC9poKwSRkAAVKxru2y4NTlywSodFBJQ&u=%7CdS9TAeWqbIjoNN8s38fHqB6%2FGu3TQyxeY737sMzp2eo%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQUsKXaC7Ll2KAUnfa2rpvGORZY6L1Ue37X4-ZnSwoVqSbREQCF7Y0sxQxFUZL7YRtzAqJEEPreEAcSoSpIH1bCGbWoxO4iWEBPIu5X14EKcJAAjduznFfdu48nm-FhS5dSNyH3K7hFrOulr7HVs0sXAKd7BxHI-L8yqY1Et2TEbWbMElepQJamJ5kK0MIBopHASI-RlqGIQ6v8uVFmSyXSjyLcYOSqtc-KweXpsntuVqMGB1aVN-xY4X5r1h7i_Mlt4ETqTJqgBcQwT2eZq2kYqu44p18jN_8emKf76sQF5b55KdVa1WSXK_OfGo1A1BDnjcWSQhbj0fbJ-C-OSELrMfA_4qAwNgshiN76O0Wax4HsNtNmEO_9aALowS05oOlWTNanJqYaQMC_9qXtW5GnsPcfABHIOs0IlTKEkpJBl8ZQ5R8m_mE4TUPGZCu63Mxi-0YWV4Mm9NRPxJx82lyD54i6rZdZ821XEnDamQ6E40nx7-roVc0cc9ekWHrOkUnf2XBKSobFKy3kYdHRjW30E7UeB9qP-Ojw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN3gSsZkRZZrtC-TIhAbGlZXwAZyB77BcosqnqnTAjbcBEAEgAGDJBoIBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEJqAMByAMCqgTDAU_QTT4zuuihCL0iK7Fpo2L_5Hk0TZildy4pHDnIg1Z2PXBoCTf39kOP0NxWc3RZTy6_TLTI4vZN5nG9Om6QqeogUzoxQ7jo3cXpm6jcbuuxD7cIgkg4szI2NbKQoAl5r1VmSgpguMH3SopDbUkH18zkjVraosFZL40S2qfTT8KvlYZffHd3vQDQpY7cKv2ZJYeiSx3APusal0BqAIPW16w299h_RGnY8G7__x6mIVgY8V5l28l2oK4M8t_uZ4fzN1s9_4AGmKug3KmDmaO5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1-1c6Jsbd9SdjA4WnNMB477fCxSg%26client%3Dca-pub-2614556310778759%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06671e876dc535d61308c19b7ef4d92237ad05d2b35998ded88fc12db0f93002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=_JqUXob3aBCeuI4etszcCflRCGNEwTyoifKbcLjAZ4Ub7RIoB6hf_VDy5Dv8o4hpdKQPHWI5FSAR4JmV5-oPdbcLVZWe6nsFX4_P9DA_NfzcNGjG5TbjeJr4BL9i5QnERhtKl0VhRDfwt64xN9WsxxkAO12G8CqXc-VhHyYCpjf7phS9pA4bFkunaUKIc7OxZWj5ta1xSZzbqrywicYlatKhfJsnnAWzwH5_a-djjtK3ydfawbbuImahI2zGF6WVoN_Ogg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109858472
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 898B 1 KB
643 B 40ms
38ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 15:39:06 GMT
etag: 48472445140208031
expires: Mon, 25 Sep 2023 15:39:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FD8 0
19 B 60ms
60ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsUBKsJkRZZHxIcWPhQbTmpL4BIu_iK5m8brp9f8OwI23ARABIABgyQaCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OcgBCagDAcgDAqoEugFP0EW3XYxAKUsrTYMDoBZ1LAyNgQJnPhOugQbwuIXlWSz2zvo7RwjO3FUtcrDO_GxMOrbEPB4OeJG2IOWbbZRtnNZYGqvmT-QbT7DHOwT0gjW5xJ2bZhoS1HwfQjhzeRUq4SCM_Vly-f3Q_yEmhKqrCqVLd4Z7BCNSxcCzM9B6TWRX5o3uk2i5qXn6wJ9b-p0C2Wyi3jU_mvmyK0r5lwA6jLjs2TFPip23fSy9-K1B_2cD_0Rf5VLjPFWABtje_8HWjrrFrAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI2MTQ1NTYzMTA3Nzg3NTkYAA&sigh=qz1xjHUE7j4&uach_m=[UACH]&cid=CAQSGwDICaaNwbB_Eu5TAB3iUBXWaPsQ-9WMYNvQJRgB&cbvp=2&vis=1

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 14:31:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.algbid.app/ Frame 8FD8 0
375 B 178ms
99ms Image
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.algbid.app/rtimp?sid=2d3bfab0-5bb0-11ee-a043-32278287092d&d=bitly.ws&cr=rgn_gen12_ob_new_footer&a=imp&p=ZRGZsAAIeJEKwUfFAASNU14q1XZn9LSTHi4brQ&im=pOfuk23DsdmNInTloLRFaH8hfH2TulmDvLKCQ7fF64NNaOBz150xT9efp2pwMvve346VG7BwUMpkHQOnZYWxn15KYS6rKnZvLc0U7Am4sFjpruv45ZtwtLMMz_3bYCV1S4MYisERfAhfZ7yooEAHyB-qceZrgKwKrG8UfK8hpvR3PnfPduALOp4r2RoOxS1xB42VDGoqtphTBwjManzA-f4gpfw6kRlklNC8Uk26LZQ5wBrhcUpQITRZIpYfvs2vsuEOCya68dXorVDtZ26uzd-zoeKh5uVF2Q7w60eHx_gRvCeIrGOJSqNhr6En1pGE&cbvp=2
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 6923 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfb3b3d60353637b986c16ce8e73d4ace262470fc6e56c50638aba4ce530f65a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET cs
ad.turn.com/r/ Frame A3E1 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTZKNENsemIxUUtNQ2Q1&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmq...

170 B
188 B

91ms
90ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTZKNENsemIxUUtNQ2Q1&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmqvGt9_U0dUnGE2FpNpQf6-HG5VTWBOcsdcLXY8FIiHIdvd9Io3OwcriRo5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 14:31:13 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-04f592273d9bc5f89@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eTZKNENsemIxUUtNQ2Q1&google_gid=CAESEKF76jGuOSaQlGlIL0z_msg&google_cver=1&google_push=AXcoOmTmIug36SltAoY70VI_oIYJOYs7RsiqISbPGJCqlmqvGt9_U0dUnGE2FpNpQf6-HG5VTWBOcsdcLXY8FIiHIdvd9Io3OwcriRo5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEP2ZIkxNlr2dCwJUokxbETE&google_cver=1&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3b...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3bckXVvmdRniqk9xR54hQeDJsd7c

170 B
188 B

42ms
42ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3bckXVvmdRniqk9xR54hQeDJsd7c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:31:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FD2D69BFB3E1425BACDD12E58F036430 Ref B: PHL30EDGE0210 Ref C: 2023-09-25T14:31:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSJT5anzUyJcc7ZjfvnWsQDkm5FuNlSnVWqwySGuNXu7-aPLxbux_qjU0opYzKIR_Xn7yE3bckXVvmdRniqk9xR54hQeDJsd7c
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGL89zagk9F9hgsiOWkg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBra7R9iriX22Sf21c5ajqY&google_cver=1&google_push=AXcoOmQO7WIfSdxESewl_Zzesj3p4GKw0qnuUbUSEiooIzovGfFTyg7r1TNrzqN7oT_-VyrNyW329vlP8aEGg0H2ut...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBra7R9iriX22Sf21c5ajqY&google_cver=1&google_push=AXcoOmQO7WIfSdxESewl_Zzesj3p4GKw0qnuUbUSEiooIzovGfFTyg7r1TNrzqN7oT_-VyrNyW329vlP8aEGg0H2ut...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDU4YjljMDctODc1ZC00YjE1LTk3NzktZDZkNjJiMDQ1MGZh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=458b9c07-875d-4b15-9779-d6d62b0450fa

170 B
188 B

44ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDU4YjljMDctODc1ZC00YjE1LTk3NzktZDZkNjJiMDQ1MGZh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=458b9c07-875d-4b15-9779-d6d62b0450fa

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDU4YjljMDctODc1ZC00YjE1LTk3NzktZDZkNjJiMDQ1MGZh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=458b9c07-875d-4b15-9779-d6d62b0450fa
date: Mon, 25 Sep 2023 14:31:13 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDhkNTFiYWUtZjE3Mi00YWM0LTk3ZDctNjJlNzdhNWFkOTE0&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=1&google_push=AXcoOmTK...

170 B
188 B

74ms
71ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDhkNTFiYWUtZjE3Mi00YWM0LTk3ZDctNjJlNzdhNWFkOTE0&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=1&google_push=AXcoOmTKUtr8qaiyHq90F4tYawlmouIeQvWkL5kLx8LIYWyAR3VSysLMGpS_Jk_4xyoiRIbHlkPgsFdnA2dfqxRweWyuiwGreERtEp8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDhkNTFiYWUtZjE3Mi00YWM0LTk3ZDctNjJlNzdhNWFkOTE0&google_gid=CAESELznGNL7iAEzRF9RbNKwoM8&google_cver=1&google_push=AXcoOmTKUtr8qaiyHq90F4tYawlmouIeQvWkL5kLx8LIYWyAR3VSysLMGpS_Jk_4xyoiRIbHlkPgsFdnA2dfqxRweWyuiwGreERtEp8B
date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGHf__4-2n_h8jJNeQ_Hbys&google_cver=1&google_push=AXcoOmRPkqwt116bicYUzM4LfpnKo2aa0p1BOvLBfgTYCHpKnAkHXIvP0BAlKwIH1Qsb5PGtn7qHL_zCujPMDSLgj92T...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGHf__4-2n_h8jJNeQ_Hbys&google_cver=1&google_push=AXcoOmRPkqwt116bicYUzM4LfpnKo2aa0p1BOvLBfgTYCHpKnAkHXIvP0BAlKwIH1Qsb5PGtn7qHL_zCujPMDS...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=75f26999-a058-4ea7-bc2b-58ddf89d49da&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=75f26999-a058-4ea7-bc2b-58ddf89d49da&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=2c896305-f015-49a3-af02-1fa9728e2c17&ssp=google&expires=30&user_group=5&bsw_param=75f26999-a058-4ea7-bc2b-58ddf89d49da
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0&google_hm=dfJpmaBYTqe8K1jd-J1J...

170 B
188 B

43ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0&google_hm=dfJpmaBYTqe8K1jd-J1J2g==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf_j5jePi_xE0&google_hm=dfJpmaBYTqe8K1jd-J1J2g==
Date: Mon, 25 Sep 2023 14:31:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A3E1
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESED0m226e3vPu5WyokTNx9Zo&google_cver=1&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJ...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEzNzQ3MDEzNTc3NTU0MjE2Njk&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJQb...

170 B
329 B

64ms
64ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEzNzQ3MDEzNTc3NTU0MjE2Njk&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJQbQkRbhqU0SE-d

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEzNzQ3MDEzNTc3NTU0MjE2Njk&google_push=AXcoOmRGw7Bnr-icHN4neyJ18XQtZRP_PBuMEqtkE_HWtK5bFuSl6rF4s8iR_2MvDA_zQwvYrdaj-DBpAGRy2bXhnJQbQkRbhqU0SE-d
Date: Mon, 25 Sep 2023 14:31:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A3E1 0
40 B 156ms
54ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2YuzY84L-KMcmyifDdR2aZiI37MQ1WtBV2ZWjSnoplLvK4nnJsaCndr1FLuR7D8F6QSpN

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 SecularOne-Regular.woff2
cdn.rtbrain.app/fonts/ Frame 8FD8 11 KB
11 KB 165ms
42ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/SecularOne-Regular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc7dce977f59400faff7e273b7a8d692c65151f0bf48fcd1b22dcf2a82ad47e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374
x-guploader-uploadid: ADPycdsUrtFDuZ6EIrSxtSsxdm2hH63FisdhPxRUEcEzZ_NGm0HtdXxnfOqo6gXqh09LiqeIqN1ALvgC1NcetSNsiUsNBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 10940
last-modified: Tue, 13 Jun 2023 12:31:52 GMT
server: cloudflare
etag: "d8e1da2cfc1b90675464b327065f29c7"
vary: Accept-Encoding
x-goog-generation: 1686659512392441
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Qk9Bcw==, md5=2OHaLPwbkGdUZLMnBl8pxw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNOVsIZNnRDvoJyU9ALEPkOR%2BBoq0zuD2FDtvg5WrkZJNq36Z8jramuUNSL8eG2sdL2u7ElKU1epn2xIs3DGDY5gO7doS58uwEcpTRRdWgJ%2FbxBdYJZhspsd3iy1lCp3tBbglX5lQGmDEIFdmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 10940
accept-ranges: bytes
cf-ray: 80c3f837fe3f18f2-EWR
expires: Mon, 25 Sep 2023 15:14:06 GMT

GET
H2 200 SecularOne-Regular.woff2
cdn.rtbrain.app/fonts/ Frame 603B 11 KB
12 KB 157ms
40ms Font
application/octet-stream 2606:4700:20::681a:3be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/SecularOne-Regular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc7dce977f59400faff7e273b7a8d692c65151f0bf48fcd1b22dcf2a82ad47e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374
x-guploader-uploadid: ADPycdsUrtFDuZ6EIrSxtSsxdm2hH63FisdhPxRUEcEzZ_NGm0HtdXxnfOqo6gXqh09LiqeIqN1ALvgC1NcetSNsiUsNBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 10940
last-modified: Tue, 13 Jun 2023 12:31:52 GMT
server: cloudflare
etag: "d8e1da2cfc1b90675464b327065f29c7"
vary: Accept-Encoding
x-goog-generation: 1686659512392441
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Qk9Bcw==, md5=2OHaLPwbkGdUZLMnBl8pxw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIKbTIMfa42KP3o%2BbNqfnuhbYB8%2Flj9lMIEXjIvyPpoR%2BuDvm%2Br2gOc3mveOsVsDWoDhGIDCXFyschXNe%2BE3G%2BdFyCf5az2w0X%2Bdl9dYQbJrknRSXlSThHkbrlnuTUYfpp6C4H2%2Bs22BAbmhIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 10940
accept-ranges: bytes
cf-ray: 80c3f837fe4018f2-EWR
expires: Mon, 25 Sep 2023 15:14:06 GMT

POST
H2 204 rtimp
g.algbid.app/ Frame 603B 0
375 B 106ms
100ms Ping
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6923 0
19 B 62ms
60ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CANw6sZkRZaD-C7aqrr4Px4CVsA6cge-wXLLtt52dAcCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBMABT9AS0lRKwnzExT9i79rgV-KPzHXprclJMvlmIoHCeiI3APKhcCTg7Ore76LcufXD57MWfykxtcQ2HSVpyj9_yNtqbdSxoi_Td6ouvkZdwrJNA4SMXICu3v0SUIPA9rpUpJvGEkhLqu_TV9z6230RCl8wPvX897Ox8utWJkV9eWYYJMp1P07CPNeNjmKMSy6KKr2F3Xw14dDt2i5zFAvKEXDuP8oN5rZtaB7AjOIBT4vwpkrPzMTE9NMPMpfyt0xTgAaYq6DcqYOZo7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNjE0NTU2MzEwNzc4NzU5GAA&sigh=fk8kaFmuquE&uach_m=[UACH]&cid=CAQSPABpAlJWSgh1ZPbnl3HoTKk18tq4_YEguUVIcN3_KqV8aeyXtsTiDDRK9UEO1e6F-1wlsVWjmcRk649lFhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 14:31:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 6923 0
125 B 136ms
92ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kJGPGM36RLAJmALiIp0XAgAAALLSbJQfbDEiELCZEWX9eYXXzGaSUkUtAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRGZsQAC_yABy5U2AAVARwbl1_49jTtH_wx_bA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 248994
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame A0D9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c753a0367d107ef0831d1f93a13197178ee69fc2870e71b442f677c2b382303

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 898B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGafBG_UvJH7fTWIac2zmjE&google_cver=1&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDhAXVPcUL17moiMS7c
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=935F81D2D7054BF19659949175EB512F&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDh...

170 B
188 B

43ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=935F81D2D7054BF19659949175EB512F&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDhAXVPcUL17moiMS7c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=935F81D2D7054BF19659949175EB512F&google_push=AXcoOmQN5NbdnBAKmtAb3JxZ3ppoq6kLgsT4nIN7x4okDVeAnOjpzKL4mX5OHka6jLZcPAzJcagdsBvP-FBZnDhAXVPcUL17moiMS7c
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Sep 2023 14:31:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 898B
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKp7aDcKqNybAUfH2LUPVA0&google_cver=1&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_B3YeO4paCZWFYG1TWCc2g8H05Q

170 B
188 B

43ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_B3YeO4paCZWFYG1TWCc2g8H05Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:31:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FEFC5552150845A0A14AEE2E61F8D8F8 Ref B: PHL30EDGE0210 Ref C: 2023-09-25T14:31:13Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQX_lHsK0T2X5XNDN5fXI3hSMoy7C1uuUBfb7mQgE3Vsc24XMw4zw4UV5_v3UjuwpU6IchH_B3YeO4paCZWFYG1TWCc2g8H05Q
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGL89zBEowv813M0LXUA==

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 898B 0
173 B 224ms
113ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDwrRNEO48f67WTfci7BoBk&google_cver=1&google_push=AXcoOmSgTajulzS3u4JsnYNczfdsdbijxch1ipnmQnh4wnwnjukvkV0cvIPNE_YkWLEbih2btkdSdnhSAZv1u5spLA1rPPT3BEqtTA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/ Frame 898B
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7hae_gJcf...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1&google_push=AXcoOmR3ETGrkPKiH52hdckSNvjpgvJS-wQBEPOXpj4DeZbDt2z__-4Y4-5aM2zk9b2630b_G7FOIkPTEQo7ha...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=b84001a9-a2fc-4d56-9907-8b3cb4a3f5f2&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=dfJpmaBYTqe8K1jd-J1J2g==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1

43 B
235 B

40ms
40ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4
Protocol: HTTP/1.1
Server: 35.211.178.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:31:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHQUTYEuksoeNBhy7BIumws&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 898B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpTKlH96WYO3G7fDZznHpo&google_cver=1&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rFL92Yn2IE&google_hm=eS1xU0h4c0JKRTJwRWZ...

170 B
188 B

43ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rFL92Yn2IE&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSXvFQhZbpGq5J0Mt9lqWQZ3mAJgahnIznvt7nfop10JiYQCp_tvN8UiuozHFFa4dwt00qHMhnQGGnjye-vcAUY7rFL92Yn2IE&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 898B
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKzq_2zlW9Vnt97sF6nU7R4&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWSt...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWStWzewCVms&google_hm=MTA1OTQxNTUxNzk...

170 B
188 B

45ms
45ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWStWzewCVms&google_hm=MTA1OTQxNTUxNzk0NzUxNjE5NjU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjD4qtKTH3gFwdWxYsB9D2d6egyLJkRz3kXQN9yDXVGP0dSgSmbj7ebUvy0ZrMq7osIrwM12A18pRj_Mp5j91NWStWzewCVms&google_hm=MTA1OTQxNTUxNzk0NzUxNjE5NjU
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 898B
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSTfZ9aP7JNI78jeR_OjDUDTlFyymDNZvOLxo8C-o3jjHRJV15ywZz9bAWQOR2Ge5ddFsggEDpTg65zXxvlhUf7DoHVtzCCCz9v&google_gid=CAESENDO0Pm6s...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDO0Pm6s5cikTkow96WiSU&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmSTfZ9a...

170 B
188 B

48ms
48ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDO0Pm6s5cikTkow96WiSU&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmSTfZ9aP7JNI78jeR_OjDUDTlFyymDNZvOLxo8C-o3jjHRJV15ywZz9bAWQOR2Ge5ddFsggEDpTg65zXxvlhUf7DoHVtzCCCz9v

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDO0Pm6s5cikTkow96WiSU&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmSTfZ9aP7JNI78jeR_OjDUDTlFyymDNZvOLxo8C-o3jjHRJV15ywZz9bAWQOR2Ge5ddFsggEDpTg65zXxvlhUf7DoHVtzCCCz9v
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 328
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 898B 0
130 B 99ms
53ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdHRRFkJx_GXHmrwgBjdX7y3XxARNcpt9KrlZA7N_HxVfgJdlH203NeYUru5GylQrzPjbyxg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976031760~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200&nras=2&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CZSc0uRDu0&p=https%3A//bitly.ws&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 rtimp
g.algbid.app/ Frame 8FD8 0
399 B 88ms
87ms Ping
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 49DB 2 KB
1 KB 376ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC_yABy5U2AAVARwbl1_49jTtH_wx_bA&u=%7CdS9TAeWqbIjdkyIaf5CWRzMykjmOjLMPlZLAdkGEJuE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQdfu4XIIFzGwbtUdFw5BzJ4XS4v8rG2lrNGWEH_9JHWbBcXfXoMCtoY8iVt3w76dBehFOv8qnGv_cOzb-zQcnwUZJ9gzXlF_HoNpeqeZRSjTlD0z2GqD9M-Hx6Gh6D7dIQuAOPiDMzfHD4NmS8MCnKG7cipSTnd9t3kit9Z7BrSU7534Djda2kopdy4SwNOpmcO2FUaSMedrsfbtYCUPHalUnbyNzomItCoSOpIuvZY-3snhbrB3DrnxOquOEC-BZ-2hwnNegc0Iq2f_PWjxhh3oH6I96NRVTxiAch6EXWhz1rtWdg4RhMCb-EBR9VJUka1H92sJueIj3jEc_gr6b28Gr4xah0ATpihE7T-sspXEpV5Gwot1JLQKFfud0vT7Q0tECOmXyMxZXUAmIVfTB-DWoXuESybeGuzjdjBLSrHRC--ZXw7QukjfUxudaA2G6pTJRXCsX0aol3aV5HlmM8A6zUPWSmOLVebQtN1wjg84OcDDwYeqY9CGooGVSlehV5louS79_zNCpglMTolLjvU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6eusZkRZaD-C7aqrr4Px4CVsA6cge-wXLLtt52dAcCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBMMBT9AS0lRKwnzExT9i79rgV-KPzHXprclJMvlmIoHCeiI3APKhcCTg7Ore76LcufXD57MWfykxtcQ2HSVpyj9_yNtqbdSxoi_Td6ouvkZdwrJNA4SMXICu3v0SUIPA9rpUpJvGEkhLqu_TV9z6230RCl8wPvX897Ox8utWJkV9eWYYJMp1P07CPNeNjmKMSy6KKr2F3Xw14dDt2i4xFitY180FRUPm2WLhUflkPe0pRqXoYtE8tk0NSs0jKhY2I3W0sOjhgAaYq6DcqYOZo7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uAWeKczNUxIHVOsl46NUqoDnvUA%26client%3Dca-pub-2614556310778759%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 49DB 2 KB
1 KB 360ms
45ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 49DB 308 B
636 B 362ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 49DB 293 B
621 B 366ms
62ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 49DB 43 B
348 B 339ms
46ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=P9uEQTIui0UmCrPnFfNbaw2n7H62l1EijgqV7avGlRpMhBlwDYcqbPK-eHxM2KVC_tdeuDFsTkhUU5GGccVlCHoW99rXZLRY2y37Y3gJi8EwMWRiVO4H1rGVAtCTxRPmniyW44WyPYa9EFEHTdk8tvZYTyT6FARUwdhiF45pAjFL_iGOAY_BuSfKJInia-wXbjMPJoqkpJ-_Mht9laeuXnRBBYWOFNgb1Yxz5QXXwLk7wYCoMpMST8tMJlu9pfwbAEB1c8fkytVwGiFukkU7Oq0n8WGpOig1ywfrrPsCC9lfM2_ORi4bSsfNB3-kCZxP2nkOwnv0DwXgiHt3Xrv5Nd7oCTYB3WzHI4FhMg_2HiFUcR3VXmIiTbxYqElnS7NrVz0OjJpFdwwb5E4aGC0NSUom6frNFu06PTOph8btIRFvO7HE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2685935
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 49DB 12 KB
5 KB 354ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1404656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MQuTnaahYFaD%2F9lYHiq4%2BY3tH0N3Exk5mDbybcKmzOeWo%2FutFOgcqcPTsNMuiam9fSZRmGtrSCVgV92VNj5q0eYZToK7GNBDrbXNr%2FU%2BNWd1zdTqh72npNoUqhqlpKErPfP8hVa4s3RFUBLLPoF8pPS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80c3f839db9d4276-EWR
expires: Sat, 14 Sep 2024 14:31:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 49DB 12 KB
6 KB 349ms
58ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 19BD 2 KB
1 KB 308ms
44ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRGZsQAC9poKwSRkAAVKxru2y4NTlywSodFBJQ&u=%7CdS9TAeWqbIjoNN8s38fHqB6%2FGu3TQyxeY737sMzp2eo%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989gjdA60o1-_XRE8sc37Q8HSzGO3mICmQQUsKXaC7Ll2KAUnfa2rpvGORZY6L1Ue37X4-ZnSwoVqSbREQCF7Y0sxQxFUZL7YRtzAqJEEPreEAcSoSpIH1bCGbWoxO4iWEBPIu5X14EKcJAAjduznFfdu48nm-FhS5dSNyH3K7hFrOulr7HVs0sXAKd7BxHI-L8yqY1Et2TEbWbMElepQJamJ5kK0MIBopHASI-RlqGIQ6v8uVFmSyXSjyLcYOSqtc-KweXpsntuVqMGB1aVN-xY4X5r1h7i_Mlt4ETqTJqgBcQwT2eZq2kYqu44p18jN_8emKf76sQF5b55KdVa1WSXK_OfGo1A1BDnjcWSQhbj0fbJ-C-OSELrMfA_4qAwNgshiN76O0Wax4HsNtNmEO_9aALowS05oOlWTNanJqYaQMC_9qXtW5GnsPcfABHIOs0IlTKEkpJBl8ZQ5R8m_mE4TUPGZCu63Mxi-0YWV4Mm9NRPxJx82lyD54i6rZdZ821XEnDamQ6E40nx7-roVc0cc9ekWHrOkUnf2XBKSobFKy3kYdHRjW30E7UeB9qP-Ojw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN3gSsZkRZZrtC-TIhAbGlZXwAZyB77BcosqnqnTAjbcBEAEgAGDJBoIBF2NhLXB1Yi0yNjE0NTU2MzEwNzc4NzU5yAEJqAMByAMCqgTDAU_QTT4zuuihCL0iK7Fpo2L_5Hk0TZildy4pHDnIg1Z2PXBoCTf39kOP0NxWc3RZTy6_TLTI4vZN5nG9Om6QqeogUzoxQ7jo3cXpm6jcbuuxD7cIgkg4szI2NbKQoAl5r1VmSgpguMH3SopDbUkH18zkjVraosFZL40S2qfTT8KvlYZffHd3vQDQpY7cKv2ZJYeiSx3APusal0BqAIPW16w299h_RGnY8G7__x6mIVgY8V5l28l2oK4M8t_uZ4fzN1s9_4AGmKug3KmDmaO5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1-1c6Jsbd9SdjA4WnNMB477fCxSg%26client%3Dca-pub-2614556310778759%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 19BD 2 KB
1 KB 325ms
62ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 19BD 308 B
636 B 281ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 19BD 293 B
621 B 280ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 19BD 43 B
347 B 258ms
47ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=iakEbDIui0UmCrPnFfNbaw2n7H5Qp9wr0KWC4xulhuBMtRztQ0z0nkckbhrEi5W-fk7Qqyr-C0ojE-KQNLogF8UTQWljIX6eq8cJnDTzcJIBpzhGT4AXRFw5FbKnOlvEdzO5vI3nSgBhLwY76eopt0H4EDTo2l-TB7HMlyXrMCt3mVXvIK4FEnqxl2DIl7ue8ZgEmZKIFUEwtK2ewSTLpqZNsib94HhXsdWxkBkQfCOmYFs4ffPY7kdiC2gYIgahgqaiF-xb89vn6MsTsG2SQmZ4Rk6yNd21cZOucYuzQmGM82EiHrz6FUQ_EfUWWFcKpaBC_qW5ge31N9a41B1z5QeX40p33CP5cOk-TZFfpoGkxfFjZjWEMyYfg0-D-OfxRo5mZ3HTq-kU7ko1NnyzyGi4HtRn0YutZjaDGsB_8ll8vWC4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3171226
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 278ms
46ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=100968&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100968%2F4725501%2F9afe0276d5a541efb731edd9b0b4b72f_logo_n_vertical.png&v=3&w=196&s=IEECmss6MlVNgUTsI-3wwTC6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d15ab5b7c8354d6cdf0a3ea071b570a3a7589c3fb5bd5cc67569e11c2c3e5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 9844
expires: Fri, 30 Aug 2024 01:30:29 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 24 KB
24 KB 296ms
64ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Fd8c3cd74b6ce434bd4cb89f438f66dd21683893414.rng.jpg&v=3&w=400&s=6wxQIVMuh-QYXBu8jTzqavRB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0052b0663dbbae8ca6b627fcaa6abe36ed63d4a31029c26520219b08c049d8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 24532
expires: Mon, 25 Sep 2023 14:32:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 13 KB
13 KB 309ms
77ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Fdb8c9bc59264badc90d42bfe6072afbb1683893438.rng.jpg&v=3&w=400&s=TBasY0yQKgvQjovVyW-vhpO3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d07eaaea8271a573e536bc1f0b0a493921e811596f07bf48c8c0a15111e69ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 13132
expires: Mon, 25 Sep 2023 15:25:49 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 11 KB
12 KB 307ms
76ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2F5aaa2536afe0a78afb11d08082aced151683893406.rng.jpg&v=3&w=400&s=EpI27BvlyVO-lD5P4Wf0dRU6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c827c008f082aa21489d6b589e32ff0095615b1e660875a6c33a16228bc3e28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11758
expires: Mon, 25 Sep 2023 15:02:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 12 KB
12 KB 311ms
80ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Ff295bf079d4dfa857df0338050b5a3a71683893394.rng.jpg&v=3&w=400&s=eRoEtDRdNJV_QqThzbwMGB3-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d1a5471c0ba67a7f25dd804dc989715be926ad30c4c60e32d5551c25870e2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 12396
expires: Mon, 25 Sep 2023 15:25:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 16 KB
16 KB 310ms
79ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2F5f878c1cec210c573ef7b52f1bbc4f331683893430.rng.jpg&v=3&w=400&s=c7KE_TssBSYst-RTLY5joNLk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

811379b2f4d4be2e59b8f112a6294899d73f831322ae6b28eb1bddb0f274a63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 16090
expires: Mon, 25 Sep 2023 15:02:17 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 18 KB
19 KB 108ms
105ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Fb64232a800c63466492aeb9f36d99e6e1683893425.rng.jpg&v=3&w=400&s=dMlx-DyjK5WO-K5J1MkJAOZg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b05fc03707f4782bf3025fd0b6d452b444e7e36bd2dc54112f3ba6fc8a2ef67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18904
expires: Mon, 25 Sep 2023 14:46:06 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 18 KB
19 KB 66ms
64ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Fda20d494a0dec7e15bed975521b187b01683893402.rng.jpg&v=3&w=400&s=rUxCsIpfZEyhtmLk7pcSFrqZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3e5f344fe3e08460b291e3578d6d9867e16005da62a217a8ba8249dbad45fb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18756
expires: Mon, 25 Sep 2023 15:13:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 66ms
63ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2F17a3dc427fa1b8cb6c9c5c680851e57d1683893398.rng.jpg&v=3&w=400&s=iiYA36241G33ZA1vsVphtttm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d70842fb44f0746a4f9aba0475f825b676c82c6635b676cff99e1477b66fffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 10382
expires: Mon, 25 Sep 2023 15:04:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 8 KB
8 KB 67ms
64ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Feaf019d5bf52f31245c6b9db0fc8cf591683893418.rng.jpg&v=3&w=400&s=kzgDy0cDW6gDC6E7dnnvFf9H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5f75b7f59f76021de71dc052eee5653d697d9f11363a73eb0e4d3d939d18f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 7886
expires: Mon, 25 Sep 2023 14:52:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 14 KB
14 KB 68ms
65ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2Fd047ef3fb951569d3c94767e14321abe1683893422.rng.jpg&v=3&w=400&s=0kXsJsDhg3OFdv6wcCH3CfOu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0a1994701b5e592b1b18561e3dab82e7b326525ceb47a162ee71eb0504bdf862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 14222
expires: Mon, 25 Sep 2023 14:50:40 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 12 KB
12 KB 94ms
92ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2F01e05e729a074f674488c3ba754034df1683893434.rng.jpg&v=3&w=400&s=FC1UqI01B-KiMOBiUwNVqCkI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b144f1caad4443faa7b61b97425d471eadb04a725c9b56ace51e5c6e4964b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11966
expires: Mon, 25 Sep 2023 14:32:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 69ms
66ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=100968&q=80&r=0&u=https%3A%2F%2Fi.gstatvb.com%2F7e68071549f73906a043871b2eb77d251683893410.rng.jpg&v=3&w=400&s=nwOApPupP15bTZMb3CgagWg2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1ee17b1af3afc30661b1fcd6a6d13b74d1c4d72a0d7b7e784d5117278d7b401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 9984
expires: Mon, 25 Sep 2023 14:36:01 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 49DB 0
127 B 216ms
73ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=ZWt2A4b3aBCeuI4eNqEnK05qAhZ-5JnsI1KyQXyMKzqGWCSyIlJ4lcFj24400I9aF5EJmpYklWJy-zqMn0GerCgFa9E8XbRL89UDgLHRXvj59wg8ooeteW6jUo965K59teDGvgd7fBRMxwWA013M2HITafGOPMyMVClTpzKWMrmFwYUhranMHszNB_3elrPwaB5Gxin8H_tbYlY0DqQ77Y_oLYYtfwI4wcYKGT93-fr3vTjMOZ2Ilp2pHj40-eDEVquwGg&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 49DB 2 KB
1 KB 63ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 49DB 2 KB
1 KB 62ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 19BD 12 KB
5 KB 272ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1404656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQkAzUfYzAurnu6i%2BM%2F%2F8KzkY5ZWMWbCjmHmtV%2BJVsCR8VQ7beDhO9zoFFD2DltTj7PtQaQ95dJyUaIhpdsvhNX4KdTmhKUQ%2B%2Bs8ZroSmXg04NpJr3fb3g4uO5sdHFQEdpf5fjgFArQasXpQN7L5lQFL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80c3f839dba14276-EWR
expires: Sat, 14 Sep 2024 14:31:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 19BD 12 KB
6 KB 255ms
45ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 10 KB
10 KB 241ms
87ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d15ab5b7c8354d6cdf0a3ea071b570a3a7589c3fb5bd5cc67569e11c2c3e5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 9844
expires: Fri, 30 Aug 2024 01:30:29 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 13 KB
13 KB 238ms
84ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d07eaaea8271a573e536bc1f0b0a493921e811596f07bf48c8c0a15111e69ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 13132
expires: Mon, 25 Sep 2023 15:25:49 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 11 KB
12 KB 244ms
90ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c827c008f082aa21489d6b589e32ff0095615b1e660875a6c33a16228bc3e28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11758
expires: Mon, 25 Sep 2023 15:02:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 24 KB
24 KB 253ms
100ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0052b0663dbbae8ca6b627fcaa6abe36ed63d4a31029c26520219b08c049d8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 24532
expires: Mon, 25 Sep 2023 14:32:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 12 KB
12 KB 252ms
99ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d1a5471c0ba67a7f25dd804dc989715be926ad30c4c60e32d5551c25870e2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 12396
expires: Mon, 25 Sep 2023 15:25:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 14 KB
14 KB 241ms
88ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0a1994701b5e592b1b18561e3dab82e7b326525ceb47a162ee71eb0504bdf862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 14222
expires: Mon, 25 Sep 2023 14:50:40 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 16 KB
16 KB 68ms
66ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

811379b2f4d4be2e59b8f112a6294899d73f831322ae6b28eb1bddb0f274a63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 16090
expires: Mon, 25 Sep 2023 15:02:17 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 18 KB
19 KB 104ms
101ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b05fc03707f4782bf3025fd0b6d452b444e7e36bd2dc54112f3ba6fc8a2ef67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18904
expires: Mon, 25 Sep 2023 14:46:06 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 8 KB
8 KB 93ms
91ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5f75b7f59f76021de71dc052eee5653d697d9f11363a73eb0e4d3d939d18f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 7886
expires: Mon, 25 Sep 2023 14:52:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 18 KB
19 KB 111ms
108ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3e5f344fe3e08460b291e3578d6d9867e16005da62a217a8ba8249dbad45fb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18756
expires: Mon, 25 Sep 2023 15:13:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 10 KB
10 KB 109ms
107ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1ee17b1af3afc30661b1fcd6a6d13b74d1c4d72a0d7b7e784d5117278d7b401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 9984
expires: Mon, 25 Sep 2023 14:36:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 10 KB
10 KB 92ms
90ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d70842fb44f0746a4f9aba0475f825b676c82c6635b676cff99e1477b66fffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 10382
expires: Mon, 25 Sep 2023 15:04:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 12 KB
12 KB 96ms
94ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b144f1caad4443faa7b61b97425d471eadb04a725c9b56ace51e5c6e4964b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11966
expires: Mon, 25 Sep 2023 14:32:07 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 19BD 0
128 B 215ms
72ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=_JqUXob3aBCeuI4etszcCflRCGNEwTyoifKbcLjAZ4Ub7RIoB6hf_VDy5Dv8o4hpdKQPHWI5FSAR4JmV5-oPdbcLVZWe6nsFX4_P9DA_NfzcNGjG5TbjeJr4BL9i5QnERhtKl0VhRDfwt64xN9WsxxkAO12G8CqXc-VhHyYCpjf7phS9pA4bFkunaUKIc7OxZWj5ta1xSZzbqrywicYlatKhfJsnnAWzwH5_a-djjtK3ydfawbbuImahI2zGF6WVoN_Ogg&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 19BD 2 KB
1 KB 43ms
41ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 19BD 2 KB
1 KB 63ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 th
www.bing.com/ Frame 399D 7 KB
7 KB 66ms
65ms Image
image/jpeg 2600:1408:c400:c::17cd:688e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8108959616830_166D29MPVIOZLDFL1I&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:c::17cd:688e , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 80199ecf667209e167b9a2a14d22b615cd4787504872ee55eb8e3dd25fd13ce6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.8edcda17.1695652274.347cd6d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6880
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 399D 0
533 B 231ms
143ms Script
text/html 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fbitly.ws&e=wqT_3QLlA-jlAQAAAwDWAAUBCLGzxqgGENmSoMqNzdPIbRgAKjYJAACA3lG4rj8RAACg5GPMrT8ZAAAAIK5H8T8hAA0SACkRJNAxAAAAgD0Ktz8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tMYFgAEBigEDVVNEkgUG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vYml0bHkud3OAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFuFiIBQGYBQCgBYqLgYb9mv-2Z8AFAMkFAAUBFPA_0gUJCQULgAAAANgFAeAFAfAFydcd-gUECAAQAJAGAJgGALgGAMEGAAUBLPA_0AbCjQTaBhYKEAURHQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe0xgXSBw0VZQEmCNoHBgFeqBgA4AcA6gcCCADwB5mChwOKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=2b2ec87c6e6251a4c8d6d732b8f8b03e7e6d69bb&bdref=https%3A%2F%2Fbitly.ws%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fbitly.ws%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-2614556310778759%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1893186479%26pi%3Dt.aa~a.1977423791~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1695688273%26rafmt%3D1%26to%3Dqs%26pwprc%3D2480099511%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbitly.ws%252F%253Fbanned%253D1%2523%252FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1695652273155%26bpp%3D1%26bdt%3D1162%26idt%3D0%26shv%3Dr20230921%26mjsv%3Dm202309140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da464d93164a71676-223b039920e4004a%253AT%253D1695652272%253ART%253D1695652272%253AS%253DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA%26gpic%3DUID%253D00000d94f7fe26f8%253AT%253D1695652272%253ART%253D1695652272%253AS%253DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw%26prev_fmts%3D0x0%252C1200x200%252C1200x280%252C1200x280%26nras%3D4%26correlator%3D6386759171196%26frm%3D20%26pv%3D1%26ga_vid%3D896133255.1695652272%26ga_sid%3D1695652273%26ga_hid%3D1712450660%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759875%252C44759837%252C44798934%252C44801484%252C44798321%26oid%3D2%26pvsid%3D4114633867098362%26tmod%3D1632193610%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3D1hSrUaaxrT%26p%3Dhttps%253A%2F%2Fbitly.ws%26dtd%3D11,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-2614556310778759%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1893186479%26pi%3Dt.aa~a.1977423791~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1695688273%26rafmt%3D1%26to%3Dqs%26pwprc%3D2480099511%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbitly.ws%252F%253Fbanned%253D1%2523%252FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1695652273155%26bpp%3D1%26bdt%3D1162%26idt%3D0%26shv%3Dr20230921%26mjsv%3Dm202309140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Da464d93164a71676-223b039920e4004a%253AT%253D1695652272%253ART%253D1695652272%253AS%253DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA%26gpic%3DUID%253D00000d94f7fe26f8%253AT%253D1695652272%253ART%253D1695652272%253AS%253DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw%26prev_fmts%3D0x0%252C1200x200%252C1200x280%252C1200x280%26nras%3D4%26correlator%3D6386759171196%26frm%3D20%26pv%3D1%26ga_vid%3D896133255.1695652272%26ga_sid%3D1695652273%26ga_hid%3D1712450660%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759875%252C44759837%252C44798934%252C44801484%252C44798321%26oid%3D2%26pvsid%3D4114633867098362%26tmod%3D1632193610%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3D1hSrUaaxrT%26p%3Dhttps%253A%2F%2Fbitly.ws%26dtd%3D11&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 , United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
an-x-request-uuid: d36b5d87-1bfc-4a7b-9cef-361b7d3931d0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.158; 206.66.96.158; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 rtimp
g.algbid.app/ Frame 603B 0
126 B 83ms
83ms Ping
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 204 rtimp
g.algbid.app/ Frame 8FD8 0
271 B 59ms
59ms Ping
text/plain 34.149.135.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=477754370&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1695688272&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652272361&bpp=2&bdt=368&idt=155&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&rplot=4&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HY68XBRPMx&p=https%3A//bitly.ws&dtd=162
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 93ms
93ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d15ab5b7c8354d6cdf0a3ea071b570a3a7589c3fb5bd5cc67569e11c2c3e5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 9844
expires: Fri, 30 Aug 2024 01:30:29 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 19BD 682 B
665 B 124ms
122ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 49DB 682 B
665 B 69ms
69ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 24 KB
24 KB 77ms
69ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0052b0663dbbae8ca6b627fcaa6abe36ed63d4a31029c26520219b08c049d8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 24532
expires: Mon, 25 Sep 2023 14:32:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 11 KB
12 KB 86ms
82ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c827c008f082aa21489d6b589e32ff0095615b1e660875a6c33a16228bc3e28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11758
expires: Mon, 25 Sep 2023 15:02:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 13 KB
13 KB 88ms
84ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d07eaaea8271a573e536bc1f0b0a493921e811596f07bf48c8c0a15111e69ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 13132
expires: Mon, 25 Sep 2023 15:25:49 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 16 KB
16 KB 87ms
85ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

811379b2f4d4be2e59b8f112a6294899d73f831322ae6b28eb1bddb0f274a63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 16090
expires: Mon, 25 Sep 2023 15:02:17 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 12 KB
12 KB 86ms
84ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d1a5471c0ba67a7f25dd804dc989715be926ad30c4c60e32d5551c25870e2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 12396
expires: Mon, 25 Sep 2023 15:25:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 13 KB
13 KB 84ms
83ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d07eaaea8271a573e536bc1f0b0a493921e811596f07bf48c8c0a15111e69ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 13132
expires: Mon, 25 Sep 2023 15:25:49 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 10 KB
10 KB 83ms
83ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d15ab5b7c8354d6cdf0a3ea071b570a3a7589c3fb5bd5cc67569e11c2c3e5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 9844
expires: Fri, 30 Aug 2024 01:30:29 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 11 KB
12 KB 67ms
67ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c827c008f082aa21489d6b589e32ff0095615b1e660875a6c33a16228bc3e28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11758
expires: Mon, 25 Sep 2023 15:02:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 12 KB
12 KB 67ms
67ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d1a5471c0ba67a7f25dd804dc989715be926ad30c4c60e32d5551c25870e2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 12396
expires: Mon, 25 Sep 2023 15:25:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 24 KB
24 KB 69ms
69ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0052b0663dbbae8ca6b627fcaa6abe36ed63d4a31029c26520219b08c049d8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 24532
expires: Mon, 25 Sep 2023 14:32:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 67ms
66ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d70842fb44f0746a4f9aba0475f825b676c82c6635b676cff99e1477b66fffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 10382
expires: Mon, 25 Sep 2023 15:04:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 18 KB
19 KB 60ms
60ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3e5f344fe3e08460b291e3578d6d9867e16005da62a217a8ba8249dbad45fb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18756
expires: Mon, 25 Sep 2023 15:13:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 8 KB
8 KB 59ms
59ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5f75b7f59f76021de71dc052eee5653d697d9f11363a73eb0e4d3d939d18f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 7886
expires: Mon, 25 Sep 2023 14:52:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 16 KB
16 KB 70ms
70ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

811379b2f4d4be2e59b8f112a6294899d73f831322ae6b28eb1bddb0f274a63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 16090
expires: Mon, 25 Sep 2023 15:02:17 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 10 KB
10 KB 62ms
62ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1ee17b1af3afc30661b1fcd6a6d13b74d1c4d72a0d7b7e784d5117278d7b401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 9984
expires: Mon, 25 Sep 2023 14:36:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 10 KB
10 KB 61ms
59ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d70842fb44f0746a4f9aba0475f825b676c82c6635b676cff99e1477b66fffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 10382
expires: Mon, 25 Sep 2023 15:04:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 8 KB
8 KB 60ms
57ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e5f75b7f59f76021de71dc052eee5653d697d9f11363a73eb0e4d3d939d18f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 7886
expires: Mon, 25 Sep 2023 14:52:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 12 KB
12 KB 77ms
77ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b144f1caad4443faa7b61b97425d471eadb04a725c9b56ace51e5c6e4964b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11966
expires: Mon, 25 Sep 2023 14:32:07 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 49DB 23 KB
23 KB 300ms
97ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 12 KB
12 KB 55ms
55ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b144f1caad4443faa7b61b97425d471eadb04a725c9b56ace51e5c6e4964b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 11966
expires: Mon, 25 Sep 2023 14:32:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 18 KB
19 KB 51ms
50ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b05fc03707f4782bf3025fd0b6d452b444e7e36bd2dc54112f3ba6fc8a2ef67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18904
expires: Mon, 25 Sep 2023 14:46:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4EAE 1 KB
643 B 49ms
48ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 15:39:06 GMT
etag: 48472445140208031
expires: Mon, 25 Sep 2023 15:39:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 399D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 997f8c24d65542777909eff5691e9219b79b0ccb49f024f075c94d59e6b44b77

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 399D 0
19 B 63ms
62ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9eaxsZkRZeOMDNzMrr4Pz8qWkAzS4Nfgbo-ktpOTCsCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBLwBT9Bs1zcmwoQGlXGwmubq30Z95-PhLZg3iKmKubr1GLi6XuovcOukQBhEIMODZT5BhJu4LklGxN-JtqPbMGVNzY8QYF_aApC0B2b08NvRpjdPb8oeQSmBsHLi3S7ZP0bnwDlouR2qlMXhl_5D7ZFYzdAqHIcomrfqZ-2CD350YfBSzcyuMxIR8QGcJSgepiCe3eA01FrMlrAOP6A7q-kHlt-TXFZ8vGo_fNhNAj4FKh5dgBcIUDYoKDUVvLyABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI2MTQ1NTYzMTA3Nzg3NTkYAA&sigh=G6sFkt8KNcQ&uach_m=[UACH]&cid=CAQSPABpAlJWThzYECtR1GiUNBVbHysB1Hfa3dDqV428oJ2XsgGr0HxDzKW0i2-CMzTepVK64pYGYfvR1oq9sRgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 14:31:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 399D 0
532 B 87ms
86ms Image
text/html 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fbitly.ws&e=wqT_3QKCB-iCAwAAAwDWAAUBCLGzxqgGENmSoMqNzdPIbRgAKjYJAACA3lG4rj8RAACg5GPMrT8ZAAAAIK5H8T8hAA0SACkRJNAxAAAAgD0Ktz8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tMYFgAEBigEDVVNEkgUG9PwCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vYml0bHkud3OAAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Yjg1MDVlOTItZTQ0ZS00ZWIzLTgxMTItNTJhZjNmZWFmNThkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1iODUwNWU5Mi1lNDRlLTRlYjMtODExMi01MmFmM2ZlYWY1OGQmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9cGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzc4OTUxNzc4MzM5ODYxMzIzMTMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpNeE9EWTFOVGM1TXpZNU56Z2pNak15TkRrNE5qQTFOamd6TURZNE9RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFiouBhv2a_7ZnwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFydcd-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHtMYF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeZgocDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=791e3942abd5f31a82f8cea539dd4882ef9e9d85&pp=ZRGZsQADBmMBy6ZcAAWlTwcBcg6zQXrnnGtLEA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjrR5sZkRZeOMDNzMrr4Pz8qWkAzS4Nfgbo-ktpOTCsCNtwEQASAAYMkGggEXY2EtcHViLTI2MTQ1NTYzMTA3Nzg3NTnIAQmoAwHIAwKqBL8BT9Bs1zcmwoQGlXGwmubq30Z95-PhLZg3iKmKubr1GLi6XuovcOukQBhEIMODZT5BhJu4LklGxN-JtqPbMGVNzY8QYF_aApC0B2b08NvRpjdPb8oeQSmBsHLi3S7ZP0bnwDlouR2qlMXhl_5D7ZFYzdAqHIcomrfqZ-2CD350YfBSzcyuMxIR8QGcJSgepiCe3eA01FrM1LIvrWKfUYSTbKsmwg_4Cm4cdlxELCbciJgEBKuIehow6LT30ShHpqmABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0230KMMxTgjiLMKbOIsxJwKuA5gA%26client%3Dca-pub-2614556310778759%26adurl%3D&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 , United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
an-x-request-uuid: 613c7d20-ba35-4fb8-93d8-63c0a7448beb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.158; 206.66.96.158; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 399D 0
556 B 31ms
29ms Ping
text/html 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbitly.ws&e=wqT_3QKCB-iCAwAAAwDWAAUBCLGzxqgGENmSoMqNzdPIbRgAKjYJAACA3lG4rj8RAACg5GPMrT8ZAAAAIK5H8T8hAA0SACkRJNAxAAAAgD0Ktz8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tMYFgAEBigEDVVNEkgUG9PwCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vYml0bHkud3OAAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Yjg1MDVlOTItZTQ0ZS00ZWIzLTgxMTItNTJhZjNmZWFmNThkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1iODUwNWU5Mi1lNDRlLTRlYjMtODExMi01MmFmM2ZlYWY1OGQmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9cGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzc4OTUxNzc4MzM5ODYxMzIzMTMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpNeE9EWTFOVGM1TXpZNU56Z2pNak15TkRrNE5qQTFOamd6TURZNE9RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFiouBhv2a_7ZnwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFydcd-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHtMYF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeZgocDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=791e3942abd5f31a82f8cea539dd4882ef9e9d85&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=3327432651654480790&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 , United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
an-x-request-uuid: 46e06502-3926-401a-b162-00ae36787b78
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.158; 206.66.96.158; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 49DB 18 KB
19 KB 41ms
41ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b05fc03707f4782bf3025fd0b6d452b444e7e36bd2dc54112f3ba6fc8a2ef67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18904
expires: Mon, 25 Sep 2023 14:46:06 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 19BD 23 KB
23 KB 210ms
88ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:31:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 19BD 18 KB
19 KB 38ms
37ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3e5f344fe3e08460b291e3578d6d9867e16005da62a217a8ba8249dbad45fb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=3600
content-length: 18756
expires: Mon, 25 Sep 2023 15:13:01 GMT

GET
H3 200 ajs Show response
fundingchoicesmessages.google.com/f/AGSKWxUeb2DQl1dleoYL3Z3N6TrICKQxM7yLi47xogCPX19kYHip8DZitPzyJ4-JKkLxY7PSBOQtsPwYKlTPnEKd9cKyu3D6XyrTbsEJvs-NTTN1PwZuGFPMKDmTElfc_bTZSwZYO2eXI5193B2KW3upNXHaGKoy9... 54 B
108 B 56ms
56ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUeb2DQl1dleoYL3Z3N6TrICKQxM7yLi47xogCPX19kYHip8DZitPzyJ4-JKkLxY7PSBOQtsPwYKlTPnEKd9cKyu3D6XyrTbsEJvs-NTTN1PwZuGFPMKDmTElfc_bTZSwZYO2eXI5193B2KW3upNXHaGKoy9rn7wPxX3VAuUeUQK5BSdFPgLOF-h4gC/_;adsense__420x80./ad/index_/frequencyads./ajs?zoneid=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c30199806058235292904a861b72909bbbcd95e3f93bb461036a9d1550c2304b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d7QKYT4bCURnGPC4ALUrTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d7QKYT4bCURnGPC4ALUrTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 61ms
61ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.A-jLHg6ABrw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxU6eUKeL_d79fGcN6oui0HyV8UWA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6031cf1d4b3e82baa68344cae060260871cf3012569af70fecc4b3cad1ac7ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50786
x-xss-protection: 0
server: cafe
etag: 12746770880170336537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:31:14 GMT

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
57ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8GAgItOEMDG2LZjnt7C5eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-8GAgItOEMDG2LZjnt7C5eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESENzfWsX_jAgxHg8U_5nXUF8&google_cver=1&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2M...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E&google_cver=1&go...

170 B
188 B

64ms
64ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E&google_cver=1&google_gid=CAESENzfWsX_jAgxHg8U_5nXUF8&google_hm=UTc0ODkzODY3NDE4MDExNjAzMDM=

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Sep 2023 14:31:14 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmReBOpHyNy44X16-ojXeyJBXGk6iMbnMY6vn4oE_AaxzxRK5lGrNBg9OWzuYDW2MYfNdkdbqL-GqO_iR2D-HxFFwRBdzXUHR3E&google_cver=1&google_gid=CAESENzfWsX_jAgxHg8U_5nXUF8&google_hm=UTc0ODkzODY3NDE4MDExNjAzMDM=
Content-Type: text/html
Cache-Control: max-age=30216
Connection: keep-alive
Content-Length: 154

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4EAE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyk...

43 B
424 B

141ms
139ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: bitly.ws
URL: https://bitly.ws/?banned=1
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80c3f83d2b8cc42a-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 102
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECws8hzsoYQscwYyNgBX8UE&google_cver=1&google_push=AXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTXbftOX_--jqo15I0BEtOx_SVl5_Rd-Q9l6ibBR-gO_fHYNNmUp53ZnbOdKtoShf0HLD1axOQBJRlwN2Oo-XabbrUYHyksS-k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80c3f83c2a85c42a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDJp9eUOjPElR7y_lRPnl0o&google_cver=1&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzbfvbgb97M&google_hm=eS1xU0h4c0JKRTJwRWZ...

170 B
188 B

41ms
41ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzbfvbgb97M&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyGjvhDli_abwc2Gbh_EjgixopSfkLWIk-kaUvSzqLYCb40SjJ4yZHD0xDv3dF8WUluf1F6vPS2yN_K--qtAaQJzbfvbgb97M&google_hm=eS1xU0h4c0JKRTJwRWZMZWJoMW02Q21Eanh4a3oycWtuV35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOQKz6EHMUE4czFrMCa5tyU&google_cver=1&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOQKz6EHMUE4czFrMCa5tyU&google_cver=1&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NTM3MzQzNDA1MTQzNjI2OA&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjr...

170 B
188 B

50ms
50ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NTM3MzQzNDA1MTQzNjI2OA&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSMUnPXGi528qYroh2ePXfZcQ

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY5NTM3MzQzNDA1MTQzNjI2OA&google_push=AXcoOmRwPUcwYFHiUJgsSAAf4idB2EZP3qwL-LQXTmSEt6n8lv1ysDR4HvknzEl-5Uo_6FOkHLAmjrSMUnPXGi528qYroh2ePXfZcQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEIySenxLHm85aAAv-7bivJ8&google_cver=1&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73rU...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ekXMWK9YUrVUlnhtIHLry85CYJ4&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73r...

170 B
188 B

45ms
44ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ekXMWK9YUrVUlnhtIHLry85CYJ4&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73rUOcExTYzLTkfCdtuI

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ekXMWK9YUrVUlnhtIHLry85CYJ4&google_push=AXcoOmRpWzDQdE3r4xJXGzcB5Xs6qJdAJlpevN6dgFMYwsSsfktHvL_j4uQcbqCYyLakVrA4X0zpMrE3VeX73rUOcExTYzLTkfCdtuI
Date: Mon, 25 Sep 2023 14:31:14 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRJF8wKqODJcpDYJY7zSz_tNBK183AdFGOzWwPY2KYLAOhzh2hkPhBQV4QghA9I_tDgF2NXsRFbpeasnGo8hp0ZVoOgqRO2ka1-&google_gid=CAESEOpEaBZXI...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOpEaBZXItFWmFjO1uygXJ4&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmRJF8wK...

170 B
188 B

45ms
44ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOpEaBZXItFWmFjO1uygXJ4&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmRJF8wKqODJcpDYJY7zSz_tNBK183AdFGOzWwPY2KYLAOhzh2hkPhBQV4QghA9I_tDgF2NXsRFbpeasnGo8hp0ZVoOgqRO2ka1-

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOpEaBZXItFWmFjO1uygXJ4&google_hm=T1BVNDYxZjQ3NWRlNTY2NDllYTg4NzdmYWJkN2MzZmRkNmY&google_nid=opera_norway_as&google_push=AXcoOmRJF8wKqODJcpDYJY7zSz_tNBK183AdFGOzWwPY2KYLAOhzh2hkPhBQV4QghA9I_tDgF2NXsRFbpeasnGo8hp0ZVoOgqRO2ka1-
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 328
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EAE
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPKIA92RoBlUDxMC0tiLeQg&google_cver=1&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlf...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlfE8p5MBG_bA68hGJ9GpK5we5uSUv3HybBRUygk

170 B
188 B

44ms
43ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlfE8p5MBG_bA68hGJ9GpK5we5uSUv3HybBRUygk

Requested by

Host: bitly.ws
URL: https://bitly.ws/?banned=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 5d45a450.de966dbc
date: Mon, 25 Sep 2023 14:31:14 GMT
x-bytefaas-request-id: 20230925143114002FD241814CB2BD153A
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-46-150-30.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time: 22,23.46.150.30
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=7, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230925143114002FD241814CB2BD153A
x-cache-remote: TCP_MISS from a23-222-3-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT6Xv8TWAxY3y-A-lrbznbkKl4rPtrVW54RqwrTTKjH8GjVMfF4ozcl_UzaTlfE8p5MBG_bA68hGJ9GpK5we5uSUv3HybBRUygk
x-bytefaas-execution-duration: 3.17
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 7,23.222.3.203
x-tt-trace-host: 01ee177315ca76aecc8c5bce6e25ece09fdc73be8cca7091d21f763faeeb6dc76cdc78f61b65cc29725c8d24d70d169f1407f94b0cd57502d8dd9b144607bac2134ea20cbb936c3ecc5e800b372509e13d5eb17a32f0a73d0fc863c462b3d5ade3ae3e76ec44a19227819cce1cf6ee6d31
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 25 Sep 2023 14:31:14 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4EAE 0
12 B 41ms
40ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1ukoajEQ86ugfJWZm16bYwXiEyIpKjqetWGejCxLm2ZSS3JIGUfwi7WGBJGtPNnLrzVy0eyM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2743202993&adf=1893186479&pi=t.aa~a.1977423791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=0&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=1hSrUaaxrT&p=https%3A//bitly.ws&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
56ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J-RSQJ8Tftqflub2r1VBBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-J-RSQJ8Tftqflub2r1VBBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 82ms
82ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--2eVgmhMZBzqx1DAYMz7Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce--2eVgmhMZBzqx1DAYMz7Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 82ms
81ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-442SH4lxv4d9E5JqR5_bFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-442SH4lxv4d9E5JqR5_bFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXcV-80vBz-ZEarYH4aIvHPSXvGf8YgW8FDclhLvLJeh_uu5GCDcN68MyVPGSLSFENib7-2KxnxxNg0MYVHSFZIarJUso77pRS8GdcXWf9Kvq6OMuU7a9vXu5rIPuoizUg6wsu9FQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 91ms
91ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXcV-80vBz-ZEarYH4aIvHPSXvGf8YgW8FDclhLvLJeh_uu5GCDcN68MyVPGSLSFENib7-2KxnxxNg0MYVHSFZIarJUso77pRS8GdcXWf9Kvq6OMuU7a9vXu5rIPuoizUg6wsu9FQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1NjUyMjc0LDUyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiQS1qTEhnNkFCcnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTgsIltbWzBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85e80c425098feddc5a7f5a8ed83ba7cfcc295b5457b3c3b5de912618d9999d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R4JvnCiau8we4U8zCUSKyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R4JvnCiau8we4U8zCUSKyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
58ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tgyl7pt4gFkgRJA1iblcFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-Tgyl7pt4gFkgRJA1iblcFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWNmeLicjl70ttyqSXixBu1BYeOdC4lsAmpGWmRRoh9DfRLXFWIbjap4iLWphPn82fEERWB4jTyI3Q7phInsEpd2lgZQPDMCFr1370mbBo7HOO78Rc9NTzEXZSZVubo30_1LB5HFQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
70ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNmeLicjl70ttyqSXixBu1BYeOdC4lsAmpGWmRRoh9DfRLXFWIbjap4iLWphPn82fEERWB4jTyI3Q7phInsEpd2lgZQPDMCFr1370mbBo7HOO78Rc9NTzEXZSZVubo30_1LB5HFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1NjUyMjc0LDYyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiQS1qTEhnNkFCcnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTgsIltbWzBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3bcea6671f7b4d8ffb3ed9b5c88b1c3d4958f13fa768cb165912977deee8bde

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bs8cjPw-UERkssLJ1co1LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-Bs8cjPw-UERkssLJ1co1LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUSIBDfnJNz9uOoayZuSThWqn8ujFuSeTzEC8ZC-Lb3lO8S2N30RWv-k7DHJKZOVl7NK0jm-K3HArGOpMDEFSBMsNHxF10zULdB7yDZsElzCRnLg8EvH8XJd7DtYMEvtlcfDFfMoA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 75ms
75ms Script
application/javascript 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUSIBDfnJNz9uOoayZuSThWqn8ujFuSeTzEC8ZC-Lb3lO8S2N30RWv-k7DHJKZOVl7NK0jm-K3HArGOpMDEFSBMsNHxF10zULdB7yDZsElzCRnLg8EvH8XJd7DtYMEvtlcfDFfMoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1NjUyMjc0LDcwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iaXRseS53cy8iLG51bGwsW1s4LCJBLWpMSGc2QUJydyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxOCwiW1tbMF1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2bcbce238890c15a2accfaa87229497152cccda5b1becc3993cd4df9e0adf33

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9DwxM1zQiPHIgPj52y-Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9DwxM1zQiPHIgPj52y-Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 603B 42 B
64 B 203ms
64ms Fetch
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpizB7tK40pAP59A15ipXDqjVT4N76S1deWoCfM9YJdQUSTCGQub0CxupQy_a3-RkmOquLp2oFFZZyPSmGru17xWBTIyu7j5Kc8bDq&sig=Cg0ArKJSzCccsUoFfMxQEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=192,827,1000,1000,1000&tos=192,635,173,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695652273233&rpt=480&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FD8 42 B
64 B 202ms
63ms Fetch
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8oBaqt0LaGPbnZ4i1hISppEV8zf00AY91CHjufjMjSBJtM271lxA8t906NSAPtqDsLbQ8mBxJIf0xioYSZv_ReuvOsF2pKhrWqTqP&sig=Cg0ArKJSzLPAW1pdqwk-EAE&id=lidar2&mcvt=1003&p=0,0,200,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=624732521&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695652272525&rpt=1213&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:31:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXnnOzmD-EmKOV-nHTpysC5dKXpQk1_-fKd4p2Zf9khXNAGh6Wz8c1Mf5qTVz-5Ofgbci8DohH7WmWfcGqcTwAhi-LXKuoAxZdebti77Q1xjRVgwBsmaAIC5dAJkhvb2bIrPIQ-4Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
57ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnnOzmD-EmKOV-nHTpysC5dKXpQk1_-fKd4p2Zf9khXNAGh6Wz8c1Mf5qTVz-5Ofgbci8DohH7WmWfcGqcTwAhi-LXKuoAxZdebti77Q1xjRVgwBsmaAIC5dAJkhvb2bIrPIQ-4Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbiQWQyxFQe96j8tIpajfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbiQWQyxFQe96j8tIpajfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOsPko6GRdCtQcujALPXsbMpYZCpT48pxGt1-9UGvZPPSoWBYL7abfJe0JmRunBdeDu0oUloLg72EtZljhWsMooa_D0aA7oZesfHDSmWCGdhhp7k6ENCP8Fj9G5pv4cCQv8aBAPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lUtqe831oInbUAlgWwH_jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-lUtqe831oInbUAlgWwH_jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 157ms
57ms XHR
application/json 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230921&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

900b32cd7087b9bb3654f4069c9df7927aa1296805d7feb138bbfd2504cf8ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11900
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 14:31:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAB6 13 KB
5 KB 38ms
37ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 208204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 04:41:11 GMT
expires: Sun, 22 Sep 2024 04:41:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E1D 829 B
1 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d17bbdccc55f48e88748b596f4bef2442e11b8a8191a641c3399d6d345f0cc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GDvChzaVShyea6XJmkFzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GDvChzaVShyea6XJmkFzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:31:15 GMT
expires: Mon, 25 Sep 2023 14:31:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame FAB6 37 KB
14 KB 42ms
40ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 02:49:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E1D 0
0 63ms
63ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230921&jk=4114633867098362&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FAB6 0
10 B 38ms
37ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g-AezQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:31:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230921&jk=4114633867098362&bg=!wMOlw4zNAAYrDsWMCw47ADQBe5WfOA4RGvLWM0vQYllpJ-JrKnJGQ9LyzAENntYLWd0hSRM3mLEL9MyQm00Y8X4Y2wM1AgAAAGRSAAAACGgBBwoANEubSvzTDa2QtvPjDQdHe2V4gKtOOFYBPCo6ReegXSOK5aNrFYnkgAU6BFsjN5XU27-XHV-ZArtTff0DAoDnIpUqQShXuCEyrDOlytvEKNZ1V2wXN6j6mbjfnmol48d8wFYfum_qEK8Do6CEFdiCdseVeOZAp4j0ncipL528qIL5IdvXKg4xYSeqTdmsmTHyYQZVQANWPykRDOuNkIBmnzuUwfvp9kTCPdgQk-iONXsMc_OVJxZwBrn0TUmBqEyhufQNfjheJEkl_aoY9RruvLG6zBY8yElTd2BMAI3UbcmdiHd4O0x98A4cibOsZZeaQwy3Rg6d6FWEoJgTTvSLmKhoN4wd7v5maqjyfx2K_2_UCA4Sc3DdoxK4gzhJX-6eSX3G3z-3yOBGGMFVIP_q-akcb0wWIgE3MS1i1rPjTfRlhg4IiX1IValtFPPSZyDsnO9p1mpcMxr-8ufBscstH_Z47lTO2CiOJb2r6VdeGBh2eT5jQh6Ue_fvDugQosR0qd85VVHgH8TX3chbmj4HXGavRprXihrrGzEOGUmoAr5ueb-kYSKKiOy1t03rhihYWjTbX_kWmYs6iBjjN-pPtwItLhJ5UXmvlLBUif_v3QTkAKndaUpxv3XQzqSnIP8p3ZEv05rI3VRhRcdOHzjwiIyPYIKW5bawDHbFbCmZ37U2ApW5HmxmghR2rtcMYHSX8JZCOb5bjJiNYeqiu9-sel0vFec4wcLG5vceZb-osyTooAgKqk1-Tz_fwzpeWxgRbVCVGEamptNL0uSDT-ByypxblAcuKnTDqzudRMItRH17T1yeIi8a6LSQYnJ5WEOhd7OhLghO1rWUUoB6Rja4J_YCf04X60UYKm74ZAHwDl5vEIBAJqXK0mhVnnBa4AocMjz_MLBuepzZDEfVCdvugwkMudbmNiwNZVr3YnaDRpI-wheHtsw2z0gOU0WYCJcgbunu190QUQuhczq4S3x6fpA4xr53rETZZSCRI9C2xHGBLi8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

POST
H2 200 all
csm.us.criteo.net/ Frame 49DB 0
127 B 51ms
50ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 14:31:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBjF2AB6N-D-sVNjo0v-D68&google_cver=1&google_push=AXcoOmS-JzfafRRrx3_OhJYXvfHAhdxUe0hx5Bm0fIx7qjOVeqen9lSacilfsJE3qj8_rCIobc-aQAO2RBAIcT7xW65oOXm1Wfle_t_x

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitly.ws/	1970-01-21 00:36:52	Name: _ga_8Q1W6PKNCX Value: GS1.1.1695652272.1.0.1695652272.0.0.0
.bitly.ws/	1970-01-21 00:36:52	Name: _ga Value: GA1.1.896133255.1695652272
.bitly.ws/	1970-01-21 00:22:28	Name: __gads Value: ID=a464d93164a71676-223b039920e4004a:T=1695652272:RT=1695652272:S=ALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA
.bitly.ws/	1970-01-21 00:22:28	Name: __gpi Value: UID=00000d94f7fe26f8:T=1695652272:RT=1695652272:S=ALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw
.doubleclick.net/	1970-01-21 00:36:52	Name: IDE Value: AHWqTUkJ4aAtdcYwJdEqx8LNDic4oqqbMPN34sgjnn-OGCAjbkSEFiVpjc4Zmh2_KTU
.algbid.app/	1970-01-21 00:36:52	Name: uid_cross Value: 2dfa415e-5bb0-11ee-9e71-0e16b1d4c204
.adsrvr.org/	1970-01-20 23:47:54	Name: TDID Value: 458b9c07-875d-4b15-9779-d6d62b0450fa
.adkernel.com/	1970-01-20 15:21:01	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 15:44:04	Name: ADKUID Value: A1374701357755421669
.bing.com/	1970-01-21 00:22:28	Name: MUID Value: 36DDDAF46C026CED3D5FC9636D036D0F
.w55c.net/	1970-01-21 00:31:06	Name: wfivefivec Value: y6J4Clzb1QKMCd5
.simpli.fi/	1970-01-20 23:47:54	Name: suid Value: 935F81D2D7054BF19659949175EB512F
.bidswitch.net/	1970-01-20 23:46:28	Name: c Value: 1695652273
.linkedin.com/	1970-01-20 23:46:28	Name: bcookie Value: "v=2&c45c16b0-0cae-4b1f-85eb-6bc6d4d1d7e0"
.linkedin.com/	1970-01-20 15:02:18	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3013:u=1:x=1:i=1695652273:t=1695738673:v=2:sig=AQGymzlIFP4jcQMXR7St9dXLJcutNJRL"
.adsrvr.org/	1970-01-20 23:47:54	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsInqbZqMP3njwQBRgFIAEoAjILCIT0yNTZ9548EAU4AQ..
.bidswitch.net/	1970-01-20 23:46:28	Name: tuuid Value: 75f26999-a058-4ea7-bc2b-58ddf89d49da
.w55c.net/	1970-01-20 15:44:04	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 23:46:49	Name: A3 Value: d=AQABBLGZEWUCEFb1-_7zj092KE1qIZ5yqoEFEgEBAQHrEmUbZQAAAAAA_eMAAA&S=AQAAAgE6FjFP-DiGMMP5is55tuw
.blismedia.com/	1970-01-20 23:46:32	Name: b Value: 651199B18670355DE35A7EC8BLIS
.mookie1.com/	1970-01-21 00:29:40	Name: id Value: 10594155179475161965
.mookie1.com/	1970-01-21 00:29:40	Name: mdata Value: 1\|10594155179475161965\|1695652273971
.mookie1.com/	1970-01-21 00:29:40	Name: ov Value: 56a1b045b602c693e0075c194781083d
.bidswitch.net/	1970-01-20 23:46:28	Name: tuuid_lu Value: 1695652274
.algbid.app/	1970-01-20 15:00:59	Name: sid_cross Value: 2d3bfab0-5bb0-11ee-a043-32278287092d
.inmobi.com/	1970-01-20 17:10:28	Name: idsp_c Value: 08d51bae-f172-4ac4-97d7-62e77a5ad914
.creative-serving.com/	1970-01-21 00:22:28	Name: tuuid Value: 2c896305-f015-49a3-af02-1fa9728e2c17
.creative-serving.com/	1970-01-21 00:22:28	Name: c Value: 1695652274
.creative-serving.com/	1970-01-21 00:22:28	Name: tuuid_lu Value: 1695652274
.adx.opera.com/	1970-01-20 23:46:28	Name: UID Value: OPU461f475de56649ea8877fabd7c3fdd6f
ads.avct.cloud/	1970-01-20 23:46:28	Name: uuid Value: b84001a9-a2fc-4d56-9907-8b3cb4a3f5f2
.adform.net/	1970-01-20 15:44:04	Name: C Value: 1
sync.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id Value: s%3A0-7a45cc58-af58-52b5-5496-786d2072ebcb.1dW37QDDC7YyDUSLEHwnlH38wrMvJAujVLQd0a7mQ58
.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id Value: s%3A0-7a45cc58-af58-52b5-5496-786d2072ebcb.1dW37QDDC7YyDUSLEHwnlH38wrMvJAujVLQd0a7mQ58
sync.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id-v2 Value: s%3AekXMWK9YUrVUlnhtIHLry85CYJ4.dRG6Ob7cvus%2B3PXiHFZy9GGhVZn1rNPO0JoUT1I2QPw
.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id-v2 Value: s%3AekXMWK9YUrVUlnhtIHLry85CYJ4.dRG6Ob7cvus%2B3PXiHFZy9GGhVZn1rNPO0JoUT1I2QPw
sync.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id-v3 Value: s%3AAQAKILeQxpnblVTYB66t2a7-cqvrKZDPx02Pe2G6VS4W6PQsEAEYAyCys8aoBjABOgRILmPMQgQ9js92.lq04SoBmEtxXE4Ns8YyjwnofT7KxM9I%2FzNSOKXZHMXk
.srv.stackadapt.com/	1970-01-20 23:46:28	Name: sa-user-id-v3 Value: s%3AAQAKILeQxpnblVTYB66t2a7-cqvrKZDPx02Pe2G6VS4W6PQsEAEYAyCys8aoBjABOgRILmPMQgQ9js92.lq04SoBmEtxXE4Ns8YyjwnofT7KxM9I%2FzNSOKXZHMXk
.adform.net/	1970-01-20 16:27:16	Name: uid Value: 1695373434051436268
.owneriq.net/	1970-01-21 00:36:52	Name: si Value: Q7489386741801160303P
.owneriq.net/	1970-01-20 15:15:16	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 15:15:16	Name: gguuid Value: 1
.bitly.ws/	1970-01-20 23:46:28	Name: FCNEC Value: %5B%5B%22AKsRol-Xw7ar_Wfm96bRwi3rGF-uaUKuURB1VrGhKk9QjO7pNjefCI6m2ka8IkJIweFCm1FERjkNUPbTeTZSygKsXxB06K_RKmLr24HguSFC58zlZlpH1MKXLwI42th4FyqSNh3u_OdjnrTJopPirMsbzXKD4zgT4g%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.tribalfusion.com/	1970-01-20 17:10:28	Name: ANON_ID Value: a0ntuJS3n0gryoxDmDmSVNVPjfLD3AiVehaPqgTZcABwWYELqgk4dFZcRM3Me9gjbOjZdOCr3Xs7ZbyahPMHk8xfZc5tV

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2951112906&pi=t.aa~a.1977475654~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1695688273&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F%3Fbanned%3D1%23%2FVUo0bEdnWGZyUnlTelg3cW9Bb1ErSUlYblVtS1NFWHQ5bmhnM3NrOTRmVnlzZnNpYWtadjFidjBhOTZQMC9va3lXcmsrTkx5LzNVZzZDM2p1ZjZGc2d3aEZVRG0vL0dsM3RXRGRYTnEwRGs1dDlrQ0lsUDdLbCtCSHZGQWcxUTVVQ3NQYjNKMWg5bHhOWkJkQ3VVeTl3PT0_&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652273155&bpp=1&bdt=1162&idt=-M&shv=r20230921&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da464d93164a71676-223b039920e4004a%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MY4VhNemwUHsUeQzhNlacIl5ETeUA&gpic=UID%3D00000d94f7fe26f8%3AT%3D1695652272%3ART%3D1695652272%3AS%3DALNI_MbTiRQyxW1YltFp0eu1V2QYTe0Vcw&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=6386759171196&frm=20&pv=1&ga_vid=896133255.1695652272&ga_sid=1695652273&ga_hid=1712450660&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798934%2C44801484%2C44798321&oid=2&pvsid=4114633867098362&tmod=1632193610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6qwNGD8hFq&p=https%3A//bitly.ws&dtd=8 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.avct.cloud
ads.creative-serving.com
ads.us.criteo.com
adsdk.microsoft.com
analytics.pangle-ads.com
bitly.ws
c1.adform.net
cat.va.us.criteo.com
cdn.adnxs.com
cdn.rtbrain.app
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.us.criteo.net
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.algbid.app
googleads.g.doubleclick.net
imageproxy.us.criteo.net
match.adsrvr.org
mp.org.pl
mweb.ck.inmobi.com
nym1-ib.adnxs.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
rtb.va.us.criteo.com
s.tribalfusion.com
static.criteo.net
sync.srv.stackadapt.com
t.adx.opera.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypalobjects.com
x.bidswitch.net
ad.turn.com
104.76.104.238
172.253.62.154
174.137.133.49
185.11.100.204
185.167.164.43
192.229.210.155
20.85.134.6
23.46.150.34
23.63.179.39
2600:1408:c400:c::17cd:688e
2600:1f18:4e9:5a07:d3f7:7fe8:8d7c:7385
2606:4700:20::681a:3be
2606:4700::6811:180e
2606:4700::6812:19ad
2607:f8b0:4004:c08::65
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::93
2607:f8b0:4004:c1d::5e
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:1ec:21::14
2620:1ec:48:1::38
3.33.220.150
34.149.135.28
34.96.105.8
35.190.90.30
35.211.178.172
35.236.220.17
52.200.193.66
52.205.242.31
54.144.174.17
54.167.134.46
68.67.160.24
74.119.119.147
82.145.213.8
0052b0663dbbae8ca6b627fcaa6abe36ed63d4a31029c26520219b08c049d8a8
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04cd1cdd837ac0b2d6f9c7c1fb90054316750a0521d93ca68d03f692ba1ee719
06671e876dc535d61308c19b7ef4d92237ad05d2b35998ded88fc12db0f93002
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a1994701b5e592b1b18561e3dab82e7b326525ceb47a162ee71eb0504bdf862
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc7dce977f59400faff7e273b7a8d692c65151f0bf48fcd1b22dcf2a82ad47e
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
136713b9348079a3b993ecde7edf505887e5b1b8aed6d7a90e2540eaf2a22ec8
151bc681e41dd21a559a36d4afe28b98b0da1bdc67ca599b5fc8e0bf983b9012
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2d07eaaea8271a573e536bc1f0b0a493921e811596f07bf48c8c0a15111e69ae
2d1a5471c0ba67a7f25dd804dc989715be926ad30c4c60e32d5551c25870e2fc
2d923af816cf37df56fc0f8f9ee0a31e0f7a50f36b726ef141e7bceabd5112a6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e5f344fe3e08460b291e3578d6d9867e16005da62a217a8ba8249dbad45fb36
405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400
4425d0b8db92ddee26b464dcd291ef37c1aaf63d3c0f368bf89394e3d044139b
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54339f1c8cb089c05773b2b18fd5da6e702956decbf7dea6ef0348a64203c657
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553b50e318611933f1e9e0efe2b8cdbbc822c24892ca37c888360d2f6601e690
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d17bbdccc55f48e88748b596f4bef2442e11b8a8191a641c3399d6d345f0cc8
6031cf1d4b3e82baa68344cae060260871cf3012569af70fecc4b3cad1ac7ebb
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea
6c753a0367d107ef0831d1f93a13197178ee69fc2870e71b442f677c2b382303
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75afde76a806c5e0d7aeb39932d148cdcbf0d4333878998d59b2e6427ae97c00
80199ecf667209e167b9a2a14d22b615cd4787504872ee55eb8e3dd25fd13ce6
80209d22a971d16e547e222da49aa2f142943b20a9e1319516283f021d90c37c
811379b2f4d4be2e59b8f112a6294899d73f831322ae6b28eb1bddb0f274a63a
84f9ad00de3b9995db4b2372b01ebc70ea19238ce808aea0d70fc56968f5e066
85e80c425098feddc5a7f5a8ed83ba7cfcc295b5457b3c3b5de912618d9999d1
8b05fc03707f4782bf3025fd0b6d452b444e7e36bd2dc54112f3ba6fc8a2ef67
8c006e8ca12c85291e5dab0082c92bf242f5525f4552ef1c0b87f5e832e504db
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
900b32cd7087b9bb3654f4069c9df7927aa1296805d7feb138bbfd2504cf8ab0
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c
92e1dc7abf0c4dbcb5461aaab93922aefb27d3c87f869519aa1f4f16c8c1f0e1
951a28e288295d2940b71cf80d3c8b8579ff5942d6e0201737709611328c1277
997f8c24d65542777909eff5691e9219b79b0ccb49f024f075c94d59e6b44b77
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d70842fb44f0746a4f9aba0475f825b676c82c6635b676cff99e1477b66fffe
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5dd13143e76ff9bed0aeeef1695cb445a941fc8f5a13b8e8aebc106925199d6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8453818e23da5b9a2c2764ca0bfb8ea8d79b624f61f01fbdd5c204956f5a960
a8633b70d994e1e728ea36ef10424637c34e57c6c68b3072fa183fd75534f83b
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
b144f1caad4443faa7b61b97425d471eadb04a725c9b56ace51e5c6e4964b3e4
b1ee17b1af3afc30661b1fcd6a6d13b74d1c4d72a0d7b7e784d5117278d7b401
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b8214bd5cbd9197f329d1df98d908dc7a1cd38c28e8010b92e49b3f35dd9986a
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
bfb3b3d60353637b986c16ce8e73d4ace262470fc6e56c50638aba4ce530f65a
c0b0ffbfa9571a8f0cc01842f1dd885f6e851b271fee89afe59dbc8d432644c9
c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d
c30199806058235292904a861b72909bbbcd95e3f93bb461036a9d1550c2304b
c415c0efddd02f64e328b0acb2c401b33802978b5a590d172e5e009ef8329935
c827c008f082aa21489d6b589e32ff0095615b1e660875a6c33a16228bc3e28d
d15ab5b7c8354d6cdf0a3ea071b570a3a7589c3fb5bd5cc67569e11c2c3e5d57
d2bcbce238890c15a2accfaa87229497152cccda5b1becc3993cd4df9e0adf33
ddccc3b074d270f15bb7619ad6324f0c4e7b2576747bb20851a8a709c62d15d2
de56850c64ae053d20c43b4804b2da9d2d493b360ec6302c57b1365a3cc508fb
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f75b7f59f76021de71dc052eee5653d697d9f11363a73eb0e4d3d939d18f01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bcea6671f7b4d8ffb3ed9b5c88b1c3d4958f13fa768cb165912977deee8bde

bitly.ws Open in urlscan Pro 185.11.100.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

89 %HTTPS

51 %IPv6

39 Domains

48 Subdomains

31 IPs

4 Countries

2058 kBTransfer

4418 kBSize

44 Cookies

4 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bitly.ws Open in urlscan Pro
185.11.100.204 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

89 %
HTTPS

51 %
IPv6

39
Domains

48
Subdomains

31
IPs

4
Countries

2058 kB
Transfer

4418 kB
Size

44
Cookies

196 HTTP transactions
5 data transactions