t.ly Open in urlscan Pro
172.67.75.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://twtr.to/
Effective URL:
https://t.ly/
Submission: On October 04 via manual (October 4th 2023, 10:13:27 pm UTC) from AU — Scanned from AU

Summary HTTP 225 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 8 countries across 42 domains to perform 225 HTTP transactions. The main IP is 172.67.75.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.ly. The Cisco Umbrella rank of the primary domain is 132437.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 24th 2023. Valid for: a year.

This is the only time t.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	161.35.255.96 161.35.255.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 23	172.67.75.122 172.67.75.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.66.202 142.250.66.202	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.93.111 18.67.93.111	16509 (AMAZON-02) (AMAZON-02)
31	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
4	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
1 14	172.217.167.100 172.217.167.100	15169 (GOOGLE) (GOOGLE)
9	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
15	142.250.76.99 142.250.76.99	15169 (GOOGLE) (GOOGLE)
4	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
13	142.250.76.98 142.250.76.98	15169 (GOOGLE) (GOOGLE)
1	172.217.167.99 172.217.167.99	15169 (GOOGLE) (GOOGLE)
1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
1	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
9	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
21	172.217.24.33 172.217.24.33	15169 (GOOGLE) (GOOGLE)
5	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
1 2	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
5 30	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	185.84.60.29 185.84.60.29	198622 (ADFORM) (ADFORM)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 3	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
14	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
3 5	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	150.95.47.242 150.95.47.242	7506 (INTERQ GM...) (INTERQ GMO Internet)
1 2	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2 3	77.88.21.90 77.88.21.90	13238 (YANDEX) (YANDEX)
10	142.250.76.102 142.250.76.102	15169 (GOOGLE) (GOOGLE)
2 2	18.67.111.43 18.67.111.43	16509 (AMAZON-02) (AMAZON-02)
2 2	50.31.142.223 50.31.142.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	133.186.161.89 133.186.161.89	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1 1	13.230.210.161 13.230.210.161	16509 (AMAZON-02) (AMAZON-02)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
1 2	3.104.241.36 3.104.241.36	16509 (AMAZON-02) (AMAZON-02)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.126.167.117 34.126.167.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.182.140.45 18.182.140.45	16509 (AMAZON-02) (AMAZON-02)
1 1	13.215.12.84 13.215.12.84	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.66.238 142.250.66.238	15169 (GOOGLE) (GOOGLE)
2	173.194.28.9 173.194.28.9	15169 (GOOGLE) (GOOGLE)
225	36

2 161.35.255.96 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

twtr.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.75.122 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.66.202 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-111.syd62.r.cloudfront.net

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.66.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f40.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.167.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.66.195 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.76.99 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.76.98 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.221.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.79.219.124 (Japan) 1 redirects

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.221.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.117 (Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.242 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.21.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.76.102 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.111.43 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-43.syd62.r.cloudfront.net

cr-p1.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.223 (Hickory Hills, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.230.210.161 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-210-161.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.234 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.104.241.36 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-241-36.ap-southeast-2.compute.amazonaws.com

ihg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.126.167.117 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.182.140.45 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-140-45.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.12.84 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-12-84.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.238 (Old Bridge, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.28.9 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s05-in-f9.1e100.net

r4---sn-ntqe6n76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	557 KB
47	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433 bid.g.doubleclick.net — Cisco Umbrella Rank: 1063	304 KB
33	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	824 KB
28	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 11 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673	158 KB
23	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 132437	734 KB
13	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 408 gcdn.2mdn.net — Cisco Umbrella Rank: 1461 r4---sn-ntqe6n76.c.2mdn.net	376 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 imasdk.googleapis.com — Cisco Umbrella Rank: 657	137 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	289 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	1020 B
3	yahoo.co.jp 1 redirects cksync.yahoo.co.jp — Cisco Umbrella Rank: 5847	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 954	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	177 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	demdex.net 1 redirects ihg.demdex.net — Cisco Umbrella Rank: 20997	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 906	1 KB
2	ladsp.com 2 redirects cr-p1.ladsp.com — Cisco Umbrella Rank: 64588	1 KB
2	ad-m.asia 1 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12125	867 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 614	470 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12235	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	913 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	869 B
2	twtr.to 2 redirects twtr.to	1 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	756 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19585	361 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	758 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1569	499 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	717 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 21612	570 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 61312	161 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 16402	397 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 8734	609 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	173 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 10521	533 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 11034	641 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 7500	647 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	599 B
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 17063	455 B
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 42718	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	6 KB
225	42

	Domain	Requested by
31	pagead2.googlesyndication.com	t.ly pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
23	t.ly	1 redirects t.ly
21	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net t.ly imasdk.googleapis.com
15	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	www.google.com	1 redirects t.ly www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net t.ly
10	s0.2mdn.net	t.ly s0.2mdn.net
9	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	t.ly googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	t.ly www.googletagmanager.com
3	an.yandex.ru	2 redirects
3	cksync.yahoo.co.jp	1 redirects googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net t.ly
2	r4---sn-ntqe6n76.c.2mdn.net
2	ihg.demdex.net	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	t.ly
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	b1sync.zemanta.com	2 redirects
2	cr-p1.ladsp.com	2 redirects
2	sync-dsp.ad-m.asia	1 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	rtb2-useast.e-volution.ai	2 redirects
2	match.adsrvr.org	2 redirects
2	twtr.to	2 redirects
1	gcdn.2mdn.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	trace.mediago.io	1 redirects
1	t.adx.opera.com	1 redirects
1	ds.uncn.jp	1 redirects
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	sync.dsp.reemo-ad.jp	1 redirects
1	fksnk.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	dsp.adkernel.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	ipac.ctnsnet.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.com.au
1	r.wdfl.co	t.ly
1	cdnjs.cloudflare.com	t.ly
225	56

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
addons.opera.com
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-24` - `2024-04-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-26` - `2023-12-05`	2 months	crt.sh

This page contains 25 frames:

Primary Page: https://t.ly/
Frame ID: 6131451D843E55812D0E9D0833B45FA2
Requests: 65 HTTP requests in this frame

Frame: https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 4BDC27A57E7D4259932CABDEBFB8B818
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Frame ID: FB8561F60D92417D9F77552AB9D770C5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wblrtffimshs
Frame ID: C9B648B7B1201E396091D89872DC6AAD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&lmt=1696428798&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597305&bpp=8&bdt=776&idt=903&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8675450739248&rume=1&frm=20&pv=2&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=955
Frame ID: 2B98A4F64D6AEE3296934455919FE27D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962
Frame ID: B4B1B00DEF9D7C9CF5EEDC11E2CA3976
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
Frame ID: 8D794ADD0C285B4566638D3F1918AC0F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E42E5C829FCABE083BC0AFA994F89178
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92CBDB28FE4A2AC7CF7F27D7543A0C81
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E35063947431A3F4061AE25A46D0EC6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58CDD03293D903EBF33ABDD7911FDCC4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: BF9725974B7C5E7B33BB22A20ECB67D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428
Frame ID: CF108A74904740720985CC9AD49919C3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: A650F41FA7C562F3E9BD95A50E664516
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 98DE415CC94392659919F728AA064E92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNU4GaCTkFPQXKmtv1nsDId_bEUHJ7EyKEpz1gPWvKN82oCXFxmQ1x9G9z1ikqbmpCmw2-ftaD74Qnd5XaDuzBECI2-0eQ
Frame ID: 5E5963E18947B00DFFE5087691606986
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FFDC81082396123980343EC8B37D0626
Requests: 22 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Frame ID: 7A1357EDEFBC570B4B3AF5107647292B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC101B1A5435FC85638ADEB9FCFDD390
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: D17EAD72C151635C0F9048528C9085AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB9CC8FBDB2F1F10AC16469DB4033CE8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97AAE5F3170F3A3A5D1C16C19274DA0D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Frame ID: F15533E49A2765308781037F0AF93DA1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C19534192F08B3FE5B0DD0AFCEA4817E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 43694BEDC7A36DF4D5BFC2A27F3070E1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T.LY: World's Shortest URL Shortener

Page URL History Show full URLs

http://twtr.to/ HTTP 308
https://twtr.to/ HTTP 302
https://t.ly/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

225
Requests

88 %
HTTPS

0 %
IPv6

42
Domains

56
Subdomains

36
IPs

8
Countries

3595 kB
Transfer

10134 kB
Size

55
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/url-shortener/oodfdmglhbbkkcngodjjagblikmoegpa

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/link-shortener/

Search URL Search Domain Scan URL

URL: https://addons.opera.com/en/extensions/details/url-shortener-4/

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ajedojkedficaboemnhahoclgfnooelm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://twtr.to/ HTTP 308
https://twtr.to/ HTTP 302
https://t.ly/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 87

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECQyWGC6rLbQiUOhN7_ZxxY&google_cver=1&google_push=AXcoOmSfvCYxx4sNOgt7KY_sdLZ8SkQak7G2_iSAXkccwaYOM5R_oNPdlrZLjF1ZL7ZaOsf2nYY4dJMv3GOe5Ywb3LFo6LpbLOIM7qKWTK8t-zhvbXKHhlilhFGDwl30bDq7TmPYuzbgJ7BR2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQxODc3MTU4MTIzMDAzMTUxMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENqfQeXeOvK7PZiP19KIhBw&google_cver=1

Request Chain 88

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKZbwNwnW63BjGmOBdjKer0&google_cver=1&google_push=AXcoOmTruUnG9twB7WBOGkho2TyIuPhq2qqldQ3jnVvoNxgOytstZIr-Otg3HTgfRArFCmh4l8yfYqfnzSQ29R3xcN8wPicKcEaTc5Qw1TexlQNNZKnQ10WUINH9A8UHiEl937LNdU54fDT9tQ0 HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKZbwNwnW63BjGmOBdjKer0&google_cver=1&google_push=AXcoOmTruUnG9twB7WBOGkho2TyIuPhq2qqldQ3jnVvoNxgOytstZIr-Otg3HTgfRArFCmh4l8yfYqfnzSQ29R3xcN8wPicKcEaTc5Qw1TexlQNNZKnQ10WUINH9A8UHiEl937LNdU54fDT9tQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZmI2OTVhYTMtYTRhZS00ZmJjLTliOGItNzAzYjRjOGI0NjNh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=fb695aa3-a4ae-4fbc-9b8b-703b4c8b463a

Request Chain 89

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEKy9r-fZtjfyhit0k0gReSQ&google_cver=1&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRmyu9Ik2ei0e-OI3UEjPbO24D1aZu1ciTJOOyizx0B3zOFYJmEUMjKv84rFu4Er19LjmCc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRmyu9Ik2ei0e-OI3UEjPbO24D1aZu1ciTJOOyizx0B3zOFYJmEUMjKv84rFu4Er19LjmCc&google_hm=XnTaInkDTwiA4hKzXM2tmqM

Request Chain 90

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK-IYUHc4EyA0T1UUpVqJwM&google_cver=1&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP59zNO-vh8RUvaASMAfkjOOgOnvogk_d-uue7uPoEol0hYxO--5QJxsZW21ocoX_DVTg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK-IYUHc4EyA0T1UUpVqJwM&google_cver=1&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP59zNO-vh8RUvaASMAfkjOOgOnvogk_d-uue7uPoEol0hYxO--5QJxsZW21ocoX_DVTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP59zNO-vh8RUvaASMAfkjOOgOnvogk_d-uue7uPoEol0hYxO--5QJxsZW21ocoX_DVTg

Request Chain 92

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEE5kad0l_EDZ82grTHBeZnM&google_cver=1&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9 HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEE5kad0l_EDZ82grTHBeZnM%26google_cver%3D1%26google_push%3DAXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9 HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A8602460848235692390&exchange=193&google_gid=CAESEE5kad0l_EDZ82grTHBeZnM&google_cver=1&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg2MDI0NjA4NDgyMzU2OTIzOTA&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR3jgPdNIA2hr4mVqFqDUgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPwvqeMz-swVPNtlKQ5LHZY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPwvqeMz-swVPNtlKQ5LHZY%26google_cver%3D1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNzgxODc2MzE1MjA1NDQxNA%3D%3D

Request Chain 136

https://fksnk.com/cs/google?google_gid=CAESEIDHAjwoCJIza9rLraX2zns&google_cver=1&google_push=AXcoOmTMahLZ74gjBBFeagjTb3REVXPcXG9U8EHcZTJHvJmPpDYjk0mZ5YdGaruB1tyLhJtqvKYKTFWfjDq3vVp-ezHCng6eiSA8Z3_gf4nFM8w7VCvhG5fbmLrXy_EsGAV8xD47QT2Kpda6fkHNzSRpBgI5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTg2NEExNDJFQzE0QTcxMA==

Request Chain 138

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBdhJKblE99VXwQsGluPpZ4&google_cver=1&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lfHXQoPF0RoWV3k0TOeWc8nuO2HjFrESSo6wjK78wp6aUiRa_IhufoRT4XNx0r-B2Cpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lfHXQoPF0RoWV3k0TOeWc8nuO2HjFrESSo6wjK78wp6aUiRa_IhufoRT4XNx0r-B2Cpw

Request Chain 139

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj8YTlHY_fvzKmA24xnhlwgUPZ3hYVpAOLXROvVxOoB6VxKiZmyeXzkv67i6CjauhGeGdQydfsj4zP_YhJfjQB_B2QTQChwGo HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj8YTlHY_fvzKmA24xnhlwgUPZ3hYVpAOLXROvVxOoB6VxKiZmyeXzkv67i6CjauhGeGdQydfsj4zP_YhJfjQB_B2QTQChwGo&uid-set=1

Request Chain 141

https://an.yandex.ru/mapuid/google/CAESEIJqaSU3xgfjsGGPmd5oFhw?ext-param=AXcoOmSwoI_DoEJCEURAzfWeGlbjIfR2juHAbSjMQAWChZw-8NFon_5AsAtJL-46VR-a5Wjhg-J6udI19RPmSohI82PetXYNdmreqC8jxjYohTqs8yhGdPidSV3hesa0B0DSnQNwVRUn9irWGJ96ego0ytbPAQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEIJqaSU3xgfjsGGPmd5oFhw?redir-setuniq=1&ext-param=AXcoOmSwoI_DoEJCEURAzfWeGlbjIfR2juHAbSjMQAWChZw-8NFon_5AsAtJL-46VR-a5Wjhg-J6udI19RPmSohI82PetXYNdmreqC8jxjYohTqs8yhGdPidSV3hesa0B0DSnQNwVRUn9irWGJ96ego0ytbPAQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIJqaSU3xgfjsGGPmd5oFhw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 156

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-bSmQix8wKt&google_gid=CAESEAGncp5MMwBT0nm7Qj5VCAg&google_cver=1 HTTP 302
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-bSmQix8wKt&google_gid=CAESEAGncp5MMwBT0nm7Qj5VCAg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-bSmQix8wKt&google_hm=Abdm9UKGFFJZks8AD7P3ynJ-isA

Request Chain 157

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEC6x02Ns3OhTKFPgo2Qkx2s&google_cver=1&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7XkjvhGU8T5GSL41fOOXEC8X_EvlC9CDA HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEC6x02Ns3OhTKFPgo2Qkx2s&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7XkjvhGU8T5GSL41fOOXEC8X_EvlC9CDA&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7XkjvhGU8T5GSL41fOOXEC8X_EvlC9CDA&google_hm=a3ExVTU3UWNPOEgzcG9VcDZWM1I=

Request Chain 159

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH5IRTQ9Q1Ppvcf0VR5Rn1M&google_cver=1&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176gpz3eOjil0yc4mX08z0io7XxxH4AlQM1Gy9r_Xv1LViibRcO7FAnWFkiRqWE6wR93cy2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176gpz3eOjil0yc4mX08z0io7XxxH4AlQM1Gy9r_Xv1LViibRcO7FAnWFkiRqWE6wR93cy2A&google_hm=AcMW8WoQH0R_u8SPfhYwONU

Request Chain 160

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTQAAM3PRVgswRq33OxQl2H9N5SkZlRn3yHtiRZ5s3lADl5eh7V04duEOaeBkUnlTANpfi4ezFU5XYiD76fYtjjZg3R_0aNtwU2OzTTzZf4m1dLnJBHQpF4njhAvmJQd371hMhm7W_yVfTagI0Fov2bhfg&google_gid=CAESEIPkHc2xXdOXxfb2tTI8hJw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIPkHc2xXdOXxfb2tTI8hJw&google_hm=T1BVZDJiZDU2YzA2ZjQ5NGIxNTliMjA2Y2EyOGNlMDIyZTg&google_nid=opera_norway_as&google_push=AXcoOmTQAAM3PRVgswRq33OxQl2H9N5SkZlRn3yHtiRZ5s3lADl5eh7V04duEOaeBkUnlTANpfi4ezFU5XYiD76fYtjjZg3R_0aNtwU2OzTTzZf4m1dLnJBHQpF4njhAvmJQd371hMhm7W_yVfTagI0Fov2bhfg

Request Chain 161

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEC6exBSdH76C40sUgXr7Wns&google_cver=1&google_push=AXcoOmTVv_wSDY7p1TiWsAh8tAieWOip882psxO7S-6gcGd-s_Xn_5xtp4mBnU7Sx6FpvSAHdMMF6BNQgshQlW0o2kkv9KPBPK9lzBhGVOhcACDCEZAPwVMC1TnoK6LNT1atBIOywUISU5DruhurFwRxx3SS8Sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=NzFiYWMxZjVhODcyYWExYQ&google_nid=yahoo_japan_ads

Request Chain 162

https://trace.mediago.io/cs/google?google_gid=CAESELI4tcOiQwG1VFUmI7pYk6w&google_cver=1&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7I3IypbLxsL0_XoSrMNe9MBE8JiV1mnYq66knHBZ2mRUNv1JNq1hiPnmaKyDpKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7I3IypbLxsL0_XoSrMNe9MBE8JiV1mnYq66knHBZ2mRUNv1JNq1hiPnmaKyDpKQ&google_hm=5bead3a079adf160130yzu00lncb1yu0

Request Chain 175

https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415 HTTP 302
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415

Request Chain 186

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 187

https://um.simpli.fi/gp_match?google_gid=CAESEMbppIVwpXxl2S1koRPmg6g&google_cver=1&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6T5-J89Uw7UWNPYhw9srZ2cqgEBjmAcgUYgW6y3J_wrvh6sIWknVD9K_QeCQ4uhzqG5h0Njg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=103F3C1622A44E809758EBE292FBB08D&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6T5-J89Uw7UWNPYhw9srZ2cqgEBjmAcgUYgW6y3J_wrvh6sIWknVD9K_QeCQ4uhzqG5h0Njg

Request Chain 188

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEK7XGx4fLJv8Sz3HpB0m7ZQ&google_cver=1&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8hyZ3-c3v3jvO97s2AXVRDylABzj6gCTlYshllZgsyu7JjVa7QhdLQQiBxr1fjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8hyZ3-c3v3jvO97s2AXVRDylABzj6gCTlYshllZgsyu7JjVa7QhdLQQiBxr1fjg

Request Chain 190

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGkZLGTohN5TTTO5O3Jj6tg&google_cver=1&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29HerdGTGnvcS-0nt_yBRbsHa1NFjW2uqyAP_9e4rS6HFA6njBTljFjglfLT4prN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29HerdGTGnvcS-0nt_yBRbsHa1NFjW2uqyAP_9e4rS6HFA6njBTljFjglfLT4prN&google_hm=eS1vdVQwTXRGRTJwSGNJMGh2d1hSY000aWRObktDSFNqZH5B

Request Chain 191

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPv52L_sZdpGRraO5_lQfKQ&google_cver=1&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl6634TCsA722-sB7yEwZKvKMG5GWMal2lpobiX2ePRwP25cCnnUOyQZP-SFsdNcHkysU55g-NGg3Mx26R9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl6634TCsA722-sB7yEwZKvKMG5GWMal2lpobiX2ePRwP25cCnnUOyQZP-SFsdNcHkysU55g-NGg3Mx26R9

Request Chain 198

https://gcdn.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/887C2D54D3CCA0B08090A731B2C3357760D0CC47.401942027FA27876058A6DA33C81A2AD70C340F2/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A2E9DAFF44BB28250903BC7CF265401915F5531.1C4BB362B179816C8AA28FD669E906AC77769488/key/cms1/cms_redirect/yes/mh/6b/mip/66.203.112.163/mm/42/mn/sn-ntqe6n76/ms/onc/mt/1696457341/mv/m/mvi/4/pl/24/file/file.mp4

225 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
t.ly/
Redirect Chain

http://twtr.to/
https://twtr.to/
https://t.ly/

62 KB
18 KB

921ms
898ms

Document
text/html

172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e705788f828e46d69e0c426b1b442b57a415111bf2cc4e8d59c82e10e17a524c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8110c564a84aa96d-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 22:13:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjKVBfIcT0Z%2B4n0j5jVyYIvVHZZodGSakQhisPHp90Bdd%2BLxc4oR0s%2BBkadfqXjqxGg9%2FS8Sd23XmdWE%2Fiy9gayDvLjjp%2FbZpSa1cIXJuX1Bwi%2BNAmI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-3
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8110c5638f5541ff-EWR
content-length: 249
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 22:13:15 GMT
location: https://t.ly/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm0HBUS98LsDbDMyGZK8cojyLfhGr3GQzZe9CiIChkaN3WoZ%2Fi7rMsZTVYWrfD5hQhvjBa%2BfD3Jzww4n10mRXI0rKCEgK1XOXdMuHbVjt%2BqMCMZkLoGE5RM%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: tly-2
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 4ms
3ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"6514177e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ7s8rkQ7eYGly%2FXaj1iBigqEWHhCKhlskGm6%2BZQuvw5GXSBTdJxR4bGuVc10zd3JGNL1z1JdNUGKvg69tG0DFwkKI45YeOvqufTW1HzsY2ZGSOSVRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8110c56a5ca2a96d-SYD
expires: Fri, 06 Oct 2023 22:13:16 GMT

GET
H2 200 app.css
t.ly/css/ 254 KB
47 KB 38ms
37ms Stylesheet
text/css 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/css/app.css?id=6512c774a5784512a841

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee9e886926518c4265b0d65595db0ce6e5e2e6cd6f93c2c95313b05f20adc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5579
content-encoding: br
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: W/"651db22c-3f718"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mjP%2BqZvNxEpfTO0wUoWcJWeYRaI2lx6%2F5QMHUsMF30KWSRHlDvuCmdYaPrVYwDUbpPI6LwHbtOc2oxJsL4G7kzCHHKC6W%2F6WRdPl%2F5FvPeoDQxUx98%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56a5ca3a96d-SYD

GET
H2 200 tly-logo-sm.png
t.ly/img/ 4 KB
5 KB 19ms
18ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5579
cf-polished: origFmt=png, origSize=10096
content-disposition: inline; filename="tly-logo-sm.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 4294
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-2770"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW0%2FSY3d%2BTy46hCe0nS1kBTC3meqs%2FfKEcZLzF7z8suTzRtIjzodQ9PM7x9V71DfbLghxL%2BIa%2Fi0CPY078MG6aGT9rFEmXRhsTYsJzMXi6ASeMGPhyw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cbfa96d-SYD

GET
H2 200 email-decode.min.js Show response
t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
932 B 3ms
3ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"6514177e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMoJ%2BKJiM1aNjUwQXPmr80JlJPOme78HLbpSGIrFTwqbOmuFV4thzzf%2FJ278Qhu%2B5uQlpbez4FB3EQFkkfVh%2BtH%2F2N2SxGLuO%2BpX1zKj28PQLfhLxe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8110c56a5ca6a96d-SYD
expires: Fri, 06 Oct 2023 22:13:16 GMT

GET
H2 200 link-shortener-extension-1.png
t.ly/img/marketing/ 46 KB
47 KB 18ms
17ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/marketing/link-shortener-extension-1.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

899a3571ca7553592fb4221f36b00d18bfb63639fcb24d7d44e74312089bb405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5578
cf-polished: origFmt=png, origSize=83142
content-disposition: inline; filename="link-shortener-extension-1.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 47530
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-144c6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWcKsljz2Ngs1wSJHSs5YJAESIHaTtI1M58bRGGzmgsfor7jf%2FNKndB55z8KFY%2FvvUF8ltK60uol0VM1D8o2ESK30WYz2x1LQLGI61FjnIlPxbdBWK8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cc0a96d-SYD

GET
H2 200 chrome_64x64.png
t.ly/img/browser/ 2 KB
3 KB 17ms
16ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/chrome_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60de181a4b72ce251389d7f66b2243f52f1779c96b79f5288c2cdd34fcf8b48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5578
cf-polished: origFmt=png, origSize=2551
content-disposition: inline; filename="chrome_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 2212
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-9f7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDlMO1TICJPtc6JvbqFot%2Bz%2BpBi6Mohe2wOVwi5Ff0AXmbgS%2BcLkPrYXtQKRFcHwiKbtbDJAWVf2QkQdjQipT%2FtNEDix8X1K0Lj0sJ2DRcQePqIEZWM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cc1a96d-SYD

GET
H2 200 firefox_64x64.png
t.ly/img/browser/ 3 KB
3 KB 14ms
13ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/firefox_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4a27a54345888d41909cf83309a3bc6ec4d324ba7e29ae6d4754aa3dd8e31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5578
cf-polished: origFmt=png, origSize=3274
content-disposition: inline; filename="firefox_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 2998
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-cca"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xexbgTjoNTQV0HK05ZKrwcbNcGFvQQP18sY78RVuJrU6qlPwzhym0BBdTofYcwjQquwM6l0Hb7FYOlLerS3SZWqDTdQxty1Hnu9ags6uuQI11TZEYAg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cc2a96d-SYD

GET
H2 200 opera_64x64.png
t.ly/img/browser/ 2 KB
2 KB 18ms
17ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/opera_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f71d6c6083aaa4869c68ec66708e5ed44807e623ab0c941bb1ed031bfe4a0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5578
cf-polished: origFmt=png, origSize=2376
content-disposition: inline; filename="opera_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 1994
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-948"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZ9VSNBGPqU6xEOtWpR9lYE7PmzLeWAona%2FHqhTrTK7jiQWdHPTBlx8KSUO7cn7Ba2YxAsA9iLz5wahKMr6Vo5xOHrOwOUlaCvX7eWj%2F%2FKjLOQVDIuU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cc3a96d-SYD

GET
H2 200 edge_64x64.png
t.ly/img/browser/ 4 KB
4 KB 15ms
14ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/browser/edge_64x64.png

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02465205a59729adf404a9d6311f5921f1f3c9a0d9a52836f7d3386612a6257a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5578
cf-polished: origFmt=png, origSize=6372
content-disposition: inline; filename="edge_64x64.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 4130
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-18e4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzFNleGJbHqk4fDfXIqhqSaqs6TrsV%2BEX62t02%2F6XXL7Obl7GCMDOP6T6HZ8S412qmNKUwtJu2lE5q2R2ghDNJ6vypAUHrbiy0oL1h0BBzjgrfhcej0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56a7cc4a96d-SYD

GET
H2 200 css
fonts.googleapis.com/ 2 KB
957 B 194ms
97ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lobster&display=swap

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

100bd272492caec1c242ed1c241aa7ba2524ada1e59e3eb8ae3c25b2daf069d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:39:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:13:16 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 332ms
13ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 110928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F61105oDPend9dLztBe%2FCDT4qXDP8HH2KYtdlLtiNM8VLFJ3hW5R9gXpoc79cM4sEf9P2y2IZg36sZ6JfvB%2F0nLlQkXhmvUirP3sWoHD9Cn%2FaIXO0lKleNY2qoE9ugZuP5JwrG2y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8110c56c7f0f5d22-SYD
expires: Mon, 23 Sep 2024 22:13:16 GMT

GET
H2 200 rw.js Show response
r.wdfl.co/ 15 KB
5 KB 330ms
3ms Script
text/javascript 18.67.93.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-111.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37f37d3b4b41b5cea3171df52168b40a894de75b020399e1655d0371ec1bdfcd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:12:12 GMT
content-encoding: gzip
via: 1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 09:11:29 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 65
x-amz-server-side-encryption: AES256
etag: W/"e674b3a7fb252b73c6844d2a92f82c54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PrwN000YyHw79qu_O3t09vTIZdpqMedWW2HjtqSPSXhY7Jg4sb9ZlA==

GET
H2 200 sweetalert.min.js Show response
t.ly/js/ 38 KB
12 KB 19ms
18ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/sweetalert.min.js

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
content-encoding: br
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: W/"651db22c-9807"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIihDYuDrxlEfjRSKX9dkx83wecBVrd9gg0UqF4aGsY37KtxU%2BHrQJYdr%2F0jh9ZWru%2BRWrKAZa%2BzEXlo%2Fzl4ZYyr85%2BJohvWRMSjXXt4uplH69oiFTk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56aace3a96d-SYD

GET
H2 200 app.js Show response
t.ly/js/ 95 KB
24 KB 16ms
15ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/app.js?id=f954bea19e11646dbdde

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22cb7c75355a9ee812cc308d5188168d208631576fa4e36c8dc211057167cb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: W/"651db22c-17dbc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6200AI%2B5FtBSSkt8mnn9CWoR0yKhy0xgl9dj%2FU%2B3oaEQ33ZhvAyzGX3KEHqNVJ2%2BN1j8qWoMwC8CE9LAY669q9beptuQXdTMu%2BKSXM0DTtB2NiE6hos%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56aace4a96d-SYD

GET
H2 200 vendor.js Show response
t.ly/js/ 1 MB
395 KB 29ms
28ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/vendor.js?id=1c3d89b0deb578faa048

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d4d4b5710fb507421ddb283f2f62415449c5829e85452ff785b5ef720fa135

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
cf-polished: origSize=1381926
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: W/"651db22c-151626"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BQpAGteSISX1eV2pyTGfJrVn60RxhU3f42Z3OrL4AnkJSWEHz8QTXd38w%2FbR9ec0AWx1%2BH7IIn8w9AZnmMAw9Y3KsBhWcGeJb%2F2xiKPnit0K%2F6h4ig%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56aace5a96d-SYD

GET
H2 200 manifest.js Show response
t.ly/js/ 4 KB
2 KB 24ms
23ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/manifest.js?id=41aac30baa1f304738d2

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f1ca25b555a7b195c450caa4526f22ed320d6607d9c7e18390ccb22e6b8f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5574
content-encoding: br
x-whom: tly-3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: W/"651db22c-e1a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XUkPbozZlU%2BG6v%2Bs9CdDfaalflnMvIKNmRtzBItmIec2uI%2BdYzrVRE5MET1j78i%2BR%2BlTO%2FgknGEy%2BYVY8Xd0Dqv9f4%2FEpnCP0TkfRtVYz%2FuuNRQIWM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56aace6a96d-SYD

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
51 KB 666ms
112ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

5dba93f2c5e65e9e107e3e557cd20e18a6d098270eaf057d4d2bac2c8ddad2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51674
x-xss-protection: 0
server: cafe
etag: 5787141971736611373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 658ms
105ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

c0f96cc2698d104547c4dc55a101b15e59aa003b51117afca148f8d7d9a041df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 671ms
118ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

00aa9da6766765bd2baf49bf37c46b94fba6c20dc22cc3c4c1af293465d19b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76940
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:14:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 646ms
93ms Script
text/javascript 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

669127738c04b1074b227ad5bf263c92522b37dcaa62dae7d46f2e8c6fc38eba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 950.js Show response
t.ly/js/ 788 B
801 B 131ms
131ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/950.js?id=de956b39a4455fcff160

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=41aac30baa1f304738d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 19:03:06 GMT
server: cloudflare
etag: W/"651db6ea-314"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvfzJun2cBXs9lTQqWy1NKf3oYnmmn2NcnjvvwMCKF5ykDJoiF6jrUKc7QqzT1keAc2x0NIAi2dNZlpqzIXdxWGhpROJqwvUCFbUhXJc%2FL695xDiVIQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56dff50a96d-SYD

GET
H2 200 tly-logo-sm.png
t.ly/img/ 4 KB
5 KB 131ms
131ms Image
image/webp 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ly/img/tly-logo-sm.png

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=1c3d89b0deb578faa048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5580
cf-polished: origFmt=png, origSize=10096
content-disposition: inline; filename="tly-logo-sm.webp"
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 4294
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Oct 2023 18:42:52 GMT
server: cloudflare
etag: "651db22c-2770"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwtsfLfkbZZUDoz9Pa%2FTL%2BaCipPkrkx931Vyn6gsLCOOd83k%2B%2FGgZ%2BMxRW2Nc5ojrFYWN1z8vG1x76JobUsDadcn%2FIEKtq%2F0aqS%2B%2BRpBsruZGnOw%2BA8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56dff52a96d-SYD

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v30/ 33 KB
34 KB 411ms
3ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t.ly
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:35:59 GMT
x-content-type-options: nosniff
age: 455838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33896
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:35:59 GMT

GET
H2 200 webfa-solid-900.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 76 KB
77 KB 130ms
130ms Font
application/octet-stream 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=6512c774a5784512a841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=6512c774a5784512a841
Origin: https://t.ly
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5067
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 78268
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Oct 2023 19:03:06 GMT
server: cloudflare
etag: "651db6ea-131bc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsEZTbZUIuSLAQr1GQTsPDxArxrC242iyY0YGaqELC8go%2FQZ0F5f8blcVO2TJQGDgYq6TCJAmJHI5Ye1NvR964%2BXE5KIB%2FOjh%2Fknfyh6lE28rGkLjDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56dff53a96d-SYD

GET
H2 200 webfa-brands-400.woff2
t.ly/fonts/vendor/@fortawesome/fontawesome-free/ 75 KB
75 KB 125ms
125ms Font
application/octet-stream 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c

Requested by

Host: t.ly
URL: https://t.ly/css/app.css?id=6512c774a5784512a841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/css/app.css?id=6512c774a5784512a841
Origin: https://t.ly
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065
x-whom: tly-1
alt-svc: h3=":443"; ma=86400
content-length: 76736
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Oct 2023 19:03:06 GMT
server: cloudflare
etag: "651db6ea-12bc0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GshfvPewrbSW5uQmfidjBnil%2Fb0CYRJyj5MQ3BwW28D%2FC35Q4Eu%2FiJFjOWWE5EvpYdAMgm5Ywh0%2B8GKrQlISMOrydvD3IxIQZjkF%2FAAgQvP26iOlaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8110c56dff54a96d-SYD

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

main.js Show response
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 4BDC
Redirect Chain

https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

23ms
12ms

Script
application/javascript

172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Protocol

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0444bf2faf31208e138de70f4ae7faf703d92a69fdfbba322554a5e13c1348

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mki%2BTtKZH9BxpnTJLdUoNvg%2FPG7IWL8Y0XmZvckSOauKJdCExttzXX2IFALQxQZbwhBHK8LOLLu4Wwpsz%2FSFeswCEAM2w1XauRl4O%2BSJb8wKtMmnm8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8110c56e1f78a96d-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo4eXtqneeNncjwMnRefFXvJVzUszn2EX38b1hkl5i5cpeLtG727EOcWG6HoCti1YOqFr1phhCzM%2FkYL21ehGRR0PX7Gsuqyxq4qa7xXOGAs1Wmnl2w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 8110c56dff56a96d-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 906.js Show response
t.ly/js/ 5 KB
2 KB 22ms
18ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/906.js?id=2f637571e7c6cda331fa

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=41aac30baa1f304738d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e4a3beeb210daead88f32a58cb14a01dd71df05b75fdaff8a5927a9e34cb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 19:03:06 GMT
server: cloudflare
etag: W/"651db6ea-12df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve75SBF1KVLbq2T4sYrtNvKH24c9mahm1SU%2FyYH3U9d61AsUForJqgaa4mpb8ABOVvb9vika%2FfH15fUqcizfqNXNNi8LpHrJ39Mv0%2ByynTVoJhu0dTw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56e2f7ea96d-SYD

GET
H2 200 166.js Show response
t.ly/js/ 3 KB
2 KB 20ms
17ms Script
application/javascript 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/js/166.js?id=267eddd588cf4399f581

Requested by

Host: t.ly
URL: https://t.ly/js/manifest.js?id=41aac30baa1f304738d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065
content-encoding: br
x-whom: tly-2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 19:03:06 GMT
server: cloudflare
etag: W/"651db6ea-d91"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0eG98uMJMJ2dXc8Mk5BOklY8hnexlxw1AADydqpEx8HIkwzMPZLUD5QjubdVP8cG%2FLbRGS%2BoqqQdA0R4MIUHA6RsSkxIvszIWZhe7Ipsb7l5MPwCuc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8110c56e2f80a96d-SYD

POST
H2 200 8110c564a84aa96d Show response
t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4BDC 0
430 B 19ms
18ms XHR
text/plain 172.67.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ly/cdn-cgi/challenge-platform/h/g/jsd/r/8110c564a84aa96d

Requested by

Host: t.ly
URL: https://t.ly/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obG791nXPF5V%2BA%2FtzEt%2Bso9wp68RosSqdU0d2hVezbPJ93YO3E4ws57vqf%2FurQeQ2ITioic6Dzb5d7C5eTbPztC%2Bi6hDPUd9C2lF95W1e7KXvZZETvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8110c56ef806a96d-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
932 B 97ms
97ms Script
text/javascript 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=

Requested by

Host: t.ly
URL: https://t.ly/js/vendor.js?id=1c3d89b0deb578faa048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

b3ecde2735b001124d9899664906ce0978ad0b74a0e4f9683d8b3cbaa5edb3c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 464 KB
186 KB 407ms
4ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Origin: https://t.ly
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189597
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:25:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 115ms
114ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

5a049924234ac1aa5b94713e45249c2d11e50206cf3587346fc1ec315c04e4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 112ms
112ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10875945736&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

c9a041f2cdf20eb679291a4c14a9ec53e65f663e7fb0b85638f2221e96caac45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76992
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:14:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 412ms
0ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89207177-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 21:07:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 23:07:24 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 380 KB
129 KB 635ms
229ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

19c36cbdf87aef67c1a1a050258b2a90375d16396f7887532fcf0157162012d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131764
x-xss-protection: 0
server: cafe
etag: 2116051444222011234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/ Frame FB85 10 KB
5 KB 404ms
2ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5561763581314444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 14560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 18:10:37 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 18:10:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/ 3 KB
2 KB 385ms
104ms Script
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10875945736/?random=1696457597432&cv=11&fst=1696457597432&bg=ffffff&guid=ON&async=1&gtm=45be3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&hn=www.googleadservices.com&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&auid=268297515.1696457597&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10875945736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

9562b2bd3fb6c15060b4d9189866562eb84bca865efc9a943e3607758fb7842e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
163 B 208ms
97ms Ping
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je3a20&_p=340855263&cid=852950833.1696457598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696457597&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 98ms
97ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=340855263&t=pageview&_s=1&dl=https%3A%2F%2Ft.ly%2F&ul=en-us&de=UTF-8&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=336225475&gjid=1714186533&cid=852950833.1696457598&tid=UA-89207177-8&_gid=1765591746.1696457598&_r=1&gtm=457e3a20&jsscut=1&z=2039498192

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C9B6 58 KB
33 KB 114ms
114ms Document
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wblrtffimshs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

4f97dcde419f2666d9e61109040b6164a8147d0da344f0aa3c9bf152b501fa94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uciokAgQkCxlHNXAuS4NOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uciokAgQkCxlHNXAuS4NOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/10875945736/ 42 B
314 B 104ms
103ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10875945736/?random=1696457597432&cv=11&fst=1696456800000&bg=ffffff&guid=ON&async=1&gtm=45be3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1698417959&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/10875945736/ 42 B
455 B 504ms
101ms Image
image/gif 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/10875945736/?random=1696457597432&cv=11&fst=1696456800000&bg=ffffff&guid=ON&async=1&gtm=45be3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Ft.ly%2F&frm=0&tiba=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1698417959&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
338 B 584ms
94ms XHR
text/plain 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-89207177-8&cid=852950833.1696457598&jid=336225475&gjid=1714186533&_gid=1765591746.1696457598&_u=YADAAUAAAAAAACAAI~&z=1050903193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:13:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame C9B6 55 KB
25 KB 401ms
4ms Stylesheet
text/css 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wblrtffimshs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:25:21 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame C9B6 464 KB
185 KB 403ms
6ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189597
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:25:21 GMT

GET
H2 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/ 54 KB
21 KB 3ms
3ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

33c2026229692496a2499669d50b7879c75455e895f205b073f46f4b91a52e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21304
x-xss-protection: 0
server: cafe
etag: 12041720744134203200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:38:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
599 B 499ms
96ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=t.ly&callback=_gfp_s_&client=ca-pub-5561763581314444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c12dbf5a1562aa7f29f03abec9133fbd293f437db0a28b7ddae5910f101f855a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B98 262 KB
64 KB 1023ms
1021ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&adk=1812271804&adf=3025194257&lmt=1696428798&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ft.ly%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597305&bpp=8&bdt=776&idt=903&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8675450739248&rume=1&frm=20&pv=2&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=955

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

1f446bfb0132f150dcd282e76a61115041def61f66bdb5d6f1695e2411af47aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 65284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:19 GMT
expires: Wed, 04 Oct 2023 22:13:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 131ms
131ms XHR
application/json 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

5dc89e77a363425ee1b867da9f2d4651133071367a1a2b88c483bdf2aebe245b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12192
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4B1 132 KB
44 KB 915ms
914ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

880df47c8160689c021520acaca8bdd53cf8c7bdb8bdc8f8b70e05cd8d85e5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44966
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:19 GMT
expires: Wed, 04 Oct 2023 22:13:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
225 B 594ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lncb1weh&c=2543317231924093&e=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&ctx=1&met.3=1000.242_1__1~1001.23w_6__1~1032.2sz~326.2t7_5~832.2tf~868.2tf_1~843.2su_p~889.2u8_1~639.2uj~1032.2uo~326.2uo~832.2up~868.2up~889.2ur~639.2ux~113.2v0~112.2uy_2&met.1=1.lncb1tji~6.sj~7.sk~8.sq~9.sq~10.t6~11.sv~12.t6~13.1i4~14.1i9~15.1ib~16.1js~17.1ju~18.1ju~19.1se~20.1se~21.1sl~22.1wl~23.1wl
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C9B6 2 KB
2 KB 2ms
1ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:55:43 GMT
x-content-type-options: nosniff
age: 461855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 06 Oct 2023 13:55:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C9B6 15 KB
15 KB 3ms
2ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:19:57 GMT
x-content-type-options: nosniff
age: 460401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 14:19:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C9B6 15 KB
15 KB 3ms
3ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 15:04:32 GMT
x-content-type-options: nosniff
age: 371326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 15:04:32 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame C9B6 102 B
209 B 101ms
101ms Other
text/javascript 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

5063a68a88966cff9baa3bf09bf0352e9c05164c66e9b4ef2c4d5453dc9e1ca7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7&co=aHR0cHM6Ly90Lmx5OjQ0Mw..&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=wblrtffimshs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 22:13:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 595ms
197ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:13:18 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8D79 7 KB
1 KB 101ms
101ms Document
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

ed3bfe6e73ca21578ab615ff3f80b34826a6b4e53e6b64d98c6f70d48507e9e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ccJ-pyOBSZFcUrb3xLwQIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ccJ-pyOBSZFcUrb3xLwQIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 8D79 55 KB
24 KB 4ms
2ms Stylesheet
text/css 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:25:21 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 8D79 464 KB
185 KB 6ms
5ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189597
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:25:21 GMT

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame 8D79 40 KB
25 KB 166ms
165ms XHR
application/json 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

10d57119ca2c2cb15aef263d856684bf689b816c1b0c9d6636c92ae71b9c8e86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 04 Oct 2023 22:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 22:13:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E42E 13 KB
5 KB 7ms
3ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 420440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 01:25:59 GMT
expires: Sun, 29 Sep 2024 01:25:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92CB 829 B
793 B 103ms
101ms Document
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

03b7dfde559341a0b976d176f201abef74d26ea808f7cf619e79cc1d6925215d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5NvCPo2wPOEH8YqlpqQ__w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5NvCPo2wPOEH8YqlpqQ__w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:19 GMT
expires: Wed, 04 Oct 2023 22:13:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D79 600 B
691 B 4ms
2ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 16:50:33 GMT
x-content-type-options: nosniff
age: 364966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 07 Oct 2023 16:50:33 GMT

GET
H2 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D79 530 B
622 B 6ms
4ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:17:56 GMT
x-content-type-options: nosniff
age: 460523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 06 Oct 2023 14:17:56 GMT

GET
H2 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D79 665 B
757 B 7ms
4ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 22:59:51 GMT
x-content-type-options: nosniff
age: 342808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 07 Oct 2023 22:59:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D79 15 KB
15 KB 4ms
2ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:19:57 GMT
x-content-type-options: nosniff
age: 460402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 14:19:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D79 15 KB
15 KB 4ms
3ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:06:21 GMT
x-content-type-options: nosniff
age: 410818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 04:06:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D79 15 KB
15 KB 5ms
3ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 15:04:32 GMT
x-content-type-options: nosniff
age: 371327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 15:04:32 GMT

GET
H2 200 payload
www.google.com/recaptcha/api2/ Frame 8D79 30 KB
30 KB 103ms
103ms Image
image/jpeg 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6UTt0qQPUfEj_JPdXkWh7GBlb86IDwfh75rOrq6_XdM_GK8t9HqL-lPc4-FISMS99zSIsK_oXoHqWTZlyV3zAdiqZZViOwYK4q_53TnIYf_Am189FhMyQ2xhz2WJtX4jZwnajjHgfOMLvJGzFdOd5jSIwim2IO0YwdLhP6AhI2HiuWrP2KlSZ2-WHA2oFEHFGW4pjJ&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

e9bb4a6af507d0d7d4eb8d73dbf3b9e5ea60fe73ff7b058a802936ae8f65fd6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6LcKDjUfAAAAAKDNtGiKmobr84PSjnUGfCJhgtv7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 04 Oct 2023 22:13:19 GMT

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame E42E 37 KB
15 KB 2ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:52:29 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame E42E 0
40 B 2ms
2ms Image
text/plain 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Qn1haQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92CB 0
0 101ms
101ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=2543317231924093&rc=05ABIyMg6_zs16ks6xyyZ6Gy9XAoIlyhPCeNvguqyQZV9fJZqiAaBrvE6VAhDr-TA-VJWtLZtf-QLfGR0Bzy26GBy-pcCjZMTnIEqOB1oWF4-3fRrUfHj8s8AHrLyQtjpdDwSEYTzbKZPaaFxoIZY92eFU3owedw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 7a9087b9716ee70ebefd221ff96707f0.js Show response
www.gstatic.com/mysidia/ Frame B4B1 9 KB
4 KB 2ms
1ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 22:09:02 GMT

GET
H2 200 e90fa93b117dc424f62dd20c7a276c74.js Show response
www.gstatic.com/mysidia/ Frame B4B1 11 KB
5 KB 4ms
3ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e90fa93b117dc424f62dd20c7a276c74.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4835
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 20:03:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B4B1 14 KB
1 KB 101ms
100ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:41:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:13:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame B4B1 2 KB
1 KB 2ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:28:01 GMT

GET
H2 200 15173678459868135885
tpc.googlesyndication.com/simgad/ Frame B4B1 3 KB
3 KB 2ms
2ms Image
image/png 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15173678459868135885?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

b3532c989163498f203503c71bb9597bc487ae518d623f3f4731371e9394f96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 19:45:49 GMT
x-content-type-options: nosniff
age: 181650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3082
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 22:28:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 19:45:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame B4B1 23 KB
9 KB 2ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:28:09 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E35 143 B
227 B 5ms
1ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:03:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame B4B1 3 KB
1 KB 2ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:32 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 58CD 1 KB
758 B 4ms
2ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 58265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 06:02:14 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 06:02:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame B4B1 20 KB
8 KB 2ms
0ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B4B1 0
0 135ms
133ms Image
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRclXXEGW4sEjN3W5EtTptdROLEq5606XX8X5UkZ6-0O2lWwvmn3UAGULJYpWYS4KJ412_7W9gGdOryli8CSnRB3uSC2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4B1 187 KB
59 KB 504ms
96ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:19 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame B4B1 36 KB
15 KB 4ms
3ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 21:24:25 GMT

GET
DATA 200
OK truncated
/ Frame B4B1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b844d32d5787a31fe838154291cfbe1c38460a7c2725da2ca3207c53373012

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 58CD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECQyWGC6rLbQiUOhN7_ZxxY&google_cver=1&google_push=AXcoOmSfvCYxx4sNOgt7KY_sdLZ8SkQak7G2_iSAXkccwaYOM5R_oNPdlrZLjF1ZL7ZaOsf2nYY4dJMv3GOe5Ywb3LFo6LpbLOIM7...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQxODc3MTU4MTIzMDAzMTUxMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENqfQeXeOvK7PZiP19KIhBw&google_cver=1

43 B
398 B

1050ms
207ms

Image
image/gif

50.116.239.135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENqfQeXeOvK7PZiP19KIhBw&google_cver=1
Protocol: H2
Server: 50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENqfQeXeOvK7PZiP19KIhBw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58CD
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKZbwNwnW63BjGmOBdjKer0&google_cver=1&google_push=AXcoOmTruUnG9twB7WBOGkho2TyIuPhq2qqldQ3jnVvoNxgOytstZIr-Otg3HTgfRArFCmh4l8yfYqfnzSQ29R3xcN...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKZbwNwnW63BjGmOBdjKer0&google_cver=1&google_push=AXcoOmTruUnG9twB7WBOGkho2TyIuPhq2qqldQ3jnVvoNxgOytstZIr-Otg3HTgfRArFCmh4l8yfYqfnzSQ29R3xcN...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZmI2OTVhYTMtYTRhZS00ZmJjLTliOGItNzAzYjRjOGI0NjNh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=fb695aa3-a4ae-4fbc-9b8b-703b4c8b463a

170 B
329 B

189ms
101ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZmI2OTVhYTMtYTRhZS00ZmJjLTliOGItNzAzYjRjOGI0NjNh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=fb695aa3-a4ae-4fbc-9b8b-703b4c8b463a

Requested by

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZmI2OTVhYTMtYTRhZS00ZmJjLTliOGItNzAzYjRjOGI0NjNh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=fb695aa3-a4ae-4fbc-9b8b-703b4c8b463a
date: Wed, 04 Oct 2023 22:13:19 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58CD
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEKy9r-fZtjfyhit0k0gReSQ&google_cver=1&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRmyu9Ik2ei0e-OI3UEjPbO24D1aZu1ciTJOOyizx0B3zOFYJmEU...

170 B
232 B

102ms
100ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRmyu9Ik2ei0e-OI3UEjPbO24D1aZu1ciTJOOyizx0B3zOFYJmEUMjKv84rFu4Er19LjmCc&google_hm=XnTaInkDTwiA4hKzXM2tmqM

Requested by

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:19 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQcJ8CZKxfb0Em-MQJRwpyxBE4jE-NYzXg30bQ7D8pr3zigsCdwCtI56isTNWQuMBr34heayRmyu9Ik2ei0e-OI3UEjPbO24D1aZu1ciTJOOyizx0B3zOFYJmEUMjKv84rFu4Er19LjmCc&google_hm=XnTaInkDTwiA4hKzXM2tmqM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58CD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK-IYUHc4EyA0T1UUpVqJwM&google_cver=1&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP5...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK-IYUHc4EyA0T1UUpVqJwM&google_cver=1&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4S...

170 B
232 B

99ms
99ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP59zNO-vh8RUvaASMAfkjOOgOnvogk_d-uue7uPoEol0hYxO--5QJxsZW21ocoX_DVTg

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSvhLsLRs5I8AOs7uDIcsMdJsDSNAPc4_AN9LCxpnGuv_YaZZFYH35xGopAWf934jZCAfrO4SP59zNO-vh8RUvaASMAfkjOOgOnvogk_d-uue7uPoEol0hYxO--5QJxsZW21ocoX_DVTg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 58CD 43 B
641 B 870ms
288ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEFSAg6FrJWwPd0tnYSLsfVM&google_cver=1&google_push=AXcoOmTvpRnKiH14DrN8W8hheeb6QB1plv-ba0o-8V6-kY_y1N-e4GRtJ7wlkNhoADpLazEmKtqJQLscF6wzBr-Ux5-0ikPqHbV675Cbw0sVXr6ZmmkyK076Tlrzp9sHVn_tpez9A2owcgb-VGs

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:13:20 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58CD
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEE5kad0l_EDZ82grTHBeZnM&google_cver=1&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRm...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEE5kad0l_EDZ82grTHBeZnM%26google_cver%3D1%26google_push%3DAXcoOmRnUEGmVy_SA-oyaF...
https://rtb2-useast.e-volution.ai/sync?adkuid=A8602460848235692390&exchange=193&google_gid=CAESEE5kad0l_EDZ82grTHBeZnM&google_cver=1&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQM...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg2MDI0NjA4NDgyMzU2OTIzOTA&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdR...

170 B
188 B

101ms
100ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg2MDI0NjA4NDgyMzU2OTIzOTA&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg2MDI0NjA4NDgyMzU2OTIzOTA&google_push=AXcoOmRnUEGmVy_SA-oyaFBHjuViyDqJf65rvXnafWPt0n1nCkQMg-G3mvH_QBZy8uvXYbpBgAWtRdRmurLbJlCaIDDR5rmEqrFcPp24JOWIXSPJFfQdywQLUPQWWC9ZcuctChNR6Mmv5RvnGrI9
Date: Wed, 04 Oct 2023 22:13:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 58CD 35 B
620 B 1467ms
213ms Image
image/gif 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESELfVrXPLhqy5Y7A9AVti9Pc&google_cver=1&google_push=AXcoOmRWCRQm1gvZ6p3EMaAAUc-f7ll-1h4Fe2e-IRXwVTwzS_nM6nLhucp7NbBanCgRbbmhdIilO_ucNG2p6-Dv5SUy5DpkA6WjEUAksDtbBgAr-7iL-3lmSzTc3xlqtZU-4Yz-eBvCP29NOjQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 58CD 0
139 B 205ms
97ms Image
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjBEeO6exZygsr7D53S919Fa-6g_7XZsR2VF9TuMK5gRTkV3y8PK3reVoN6FmMGnykpPnuffU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
147 B

111ms
111ms

Document
text/html

142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:19 GMT
expires: Wed, 04 Oct 2023 22:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 154 KB
53 KB 252ms
251ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

8f5be3f75c9595d5b4fc1f100d092f6668f282a0c8192d40087019ef48f7836c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53742
x-xss-protection: 0
server: cafe
etag: 10153844602537045953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:19 GMT

GET
H2 200 ca-pub-5561763581314444 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 501ms
152ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5561763581314444?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

d5ae33f0c81e7058fe61805d616e40e19cf784919b3fdad2400637ee359ed3d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x6X6V4pqNXklhSmS4vt27Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-x6X6V4pqNXklhSmS4vt27Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 135ms
135ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44799585&hl=en&pvc=2543317231924093

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 102ms
101ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=2543317231924093&bg=!2tml2ZbNAAbjlzx0w5c7ADQBe5WfOHINTn2FMbH25FECStlp_0xAfksKTwm2kr49bAl0S1E3_wfbGmEZt5x98x2V2MVGAgAAADhSAAAAGGgBB5kCwgGJt9-V5RSbSWGMjbyq1K7hteSMjEsdILFW0CLDpcEfV6qibPcG8ysAXZhcb9MDTIJz5P72kkyzk01BuMgH47hFGQXBO1lgyTAtgW_VkA_kPah3cXRBEZRVE39P9RDKlVmebzlLjSfO4rOMQRNIC2jE2-qh5cNeaFVk85Q4j1WtKDpDlsG5-r0-mevK92CLbOMQSBcG8zlwjL7YSgeFiHVI_i4zSByyjDYGakCGKg0DahQm5JZGzV6DyIGlmdqvjWiHrwdWUf9aKyneYYjEq4b2RO1DBdRrVGQd2qvef-k5si5y4S6uqho-9OmN_mBD2wPAdsEbnao4pxUejhuTTUTWI4bdd3R7-OpNYl7c6_AMjSG6onKDlltgZpU-CBdxEFVtsZ0LPxxU9lCquaue5cQGiGBzm82CP5KhPudwVyJp0r3okr22vtnmhZYTfRdlqb953dPfHlBKLbc7hU7x0kFmHg0WaExHqDcgaGXfiBFi8l0mcseBKbnEYhWIaDfac98az0pMGnyV3T_1Y8Kuuq7uNs96A9DgB9XpSrUjaEA0aTxYqzC132lxTCfKMxOW1548S-PYnKvqdjru1jsFgTMetuUcLU57RHO2XrTr0jY8cBFOE5XnbL0fESPpmFTKTJN0uyaszMHl1M02FnWXwg7gIK5v2SogITUiPKfBXFenD5VX9Mn9Ajp6YCnTudMqkFqzktXFTy9HYQ-9LbsG2_1DphhiDsL8ATuzNyVliWUdFHVGfSBywiJLybt69CAYHUNX_84qfm95bgyEJZ6ocJE7uPgalzBli2DKfM8Ni3FzfyFhkLeslHpOeXD805qPyIE9aD9oQ7ZJiCJycL8dkNqHNivmdM1fazDH2ZEPYX6uHpdiSDDNU1hIEdpGlJEwwMM4nCsiIrZeq7E0hjC82lEzNafRhdhuPok8B5jnen7oNUg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B4B1 33 KB
33 KB 2ms
2ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:39:19 GMT
x-content-type-options: nosniff
age: 592440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 01:39:19 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4B1 0
131 B 106ms
106ms Image
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9GYnfuMdZfDhFNPSz7sPoueVgAeWj6LScbmP85-aEf221KzTIRABILmdyQ9gpYCAgJABoAH_24rIA8gBAagDAcgDywSqBLYBT9AlkQ3lCZZEwoKPeOwUJH0HwMN6HiQ19A3Hrr8Pq7nC6jkcRkB1ukmTlWGonahujXF38UHrRiVzwz6oQxZl5EPF68xXe3nXxZE-sInTxH4MRgagqE3QM0N12xupj09j3NIgnsrTtxsLlmgXpSKnHiedQaklBMloHhx__knH_huRnhOb-Q5FiYaawj-dG4GXrUSE7_XTLaeV6ptxrcvOzQHzMyVvuGbIKxRJM6Awn4Du15IiOufABOeg95a7A4gFqb-EmCySBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH0dutogKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCUyboB0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwuIFAHQFQGAFwGyFxwKGggAEhRwdWItNTU2MTc2MzU4MTMxNDQ0NBgA&sigh=wXtfF7LB1Ew&uach_m=[UACH]&cid=CAQSPADICaaNg81Gs8zaNuaMeQEKODPjFtOcWIDYfTnxzCBiVbhH0pmiOLdCsz9WP-V7Hfq_OzyNGE7T_Inv0hgB&template_id=5001&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5561763581314444&output=html&h=280&slotname=2321115505&adk=348108860&adf=4181732005&pi=t.ma~as.2321115505&w=1110&fwrn=4&fwrnh=100&lmt=1696428798&rafmt=1&format=1110x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457597314&bpp=1&bdt=785&idt=956&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VHLbbO5Uro&p=https%3A//t.ly&dtd=962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 22:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame BF97 37 KB
14 KB 2ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:07:11 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B4B1 61 KB
23 KB 11ms
2ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2c0a8f02e8ef795aecc87e8e323c15fdf29287d20501d6ea0cf1dc53e2d2ea9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3587
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23347
x-xss-protection: 0
server: cafe
etag: 5707400221330747696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B4B1 0
54 B 96ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lncb1xmr&chm=1&ctx=2&gqid=fuMdZa6OFImNmsMPkpKvkAw&qqid=CPCYmoS13YEDFVPpcwEdonMFcA&met.4=fb.pp~lb.r8~cmrload.rp~ol.174~bdt.-1ck~bpp.-qq~idt.-7~dtd.-1~dt.-qr&met.3=492.qn_1~733.15o~748.16j~742.15n_z~555.16q~739.16q~556.16r_2~738.171~749.171_3~736.178_1~735.17a_1~113.18f_4~112.18e_5&met.1=1.lncb1wed~6.0~7.0~8.0~9.0~10.0~12.1~13.pf~14.qc~15.ph~16.16q~17.16q~18.16s~19.16t~20.16t~21.174~22.qw~23.qw&met.7=CAUQCBgBMLQHOJAMaAFwkwd40uECgAGm3wKIAfCiCLABAbgBAw~CBsQBxgBIJYHKJYHMJkHOAM~CBsQBxgBIJYHKJYHMJsHOAU~CBIQBxgBIJcHKJcHMP4HOGdomAdw_Ad43AuAAbAJiAHtbaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBILUHKLUHMLgHOANotgdwtwd4jQmAAeEGiAGQDrABAbgBAw~CBcQAhgBILgHKLgHMLsHOANouAdwugd4thqAAYoYiAGKGLABAbgBAw~CAkQChgBIMQHKMQHMMcHOANoxAdwxgd460mAAb9HiAH9twGwAQG4AQM~CCgQBRgBIMUHKMUHMMsHOAZoyAdwywd4vQOAAZEBiAGPAbABAbgBAw~CB4QChgBIMUHKMUHMMcHOANoxQdwxwd4gAyAAdQJiAGBFbABAbgBAw~CBwQBRgBIMYHKMYHMMwHOAZoygdwywd4lgeAAeoEiAGWCbABAbgBAw~CBwQChgBIMYHKMYHMMkHOANoxgdwyAd4v0OAAZNBiAHTnQGwAQG4AQM~CBsQBhgBIMcHKMcHMNAIOIkB~CE0QChgBIMcHKMcHMMULOP0DQMkHSM0HUM0HWOAKYPwJaOAKcMALeJ7XA4AB8tQDiAHY2AuwAQG4AQM~CBsQChgBIMcHKMcHMM0HOAY~CCgQChgBIJMMKJMMMJ8MOAxonAxwngx437gBgAGztgGIAfnpA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXHnDwX1vhaEEEtn0kMEADaXp0HqgHngDTnsvdxpjPvH2eCaEVgitEO3Hl-Z9h4LsZAtPsVzd8127rVFlxOx1x27oxf6DMytDoWR83A0zDB2r5AaHlA9M47ajsmEgutkVffu2na4g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 126ms
125ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXHnDwX1vhaEEEtn0kMEADaXp0HqgHngDTnsvdxpjPvH2eCaEVgitEO3Hl-Z9h4LsZAtPsVzd8127rVFlxOx1x27oxf6DMytDoWR83A0zDB2r5AaHlA9M47ajsmEgutkVffu2na4g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDU3NjAwLDE1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsImpmc3ZKSHN4dk9RIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.jfsvJHsxvOQ.es5.O/am=ggE/d=1/rs=AJlcJMxoat5BfxwXJsb9Czh0HCUcD0Kh4g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

9ecacd636ff7975a5515f0ad247b2619ce80ab1a262bb9a7f9325f6ee2111418

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3cGKyoSHObCPKTUKyLIvuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3cGKyoSHObCPKTUKyLIvuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF10 90 KB
29 KB 963ms
963ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

a6aefa265d18843b33a44334e4c72cfd9737ee98fe67932e072a229cc1d26b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29832
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame A650 10 KB
4 KB 2ms
2ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 14553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 18:10:47 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 18:10:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame 98DE 10 KB
4 KB 2ms
1ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 14553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 18:10:47 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 18:10:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A650 4 KB
767 B 100ms
100ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:13:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A650 205 B
493 B 3ms
2ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 05:19:27 GMT
x-content-type-options: nosniff
age: 320033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Sep 2024 05:19:27 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A650 604 B
695 B 5ms
4ms Image
image/png 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:25:20 GMT
x-content-type-options: nosniff
age: 161280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Oct 2024 01:25:20 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame A650 15 KB
7 KB 4ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 02:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 02:29:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame A650 20 KB
8 KB 3ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 22:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 22:17:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E59 624 B
288 B 106ms
105ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNU4GaCTkFPQXKmtv1nsDId_bEUHJ7EyKEpz1gPWvKN82oCXFxmQ1x9G9z1ikqbmpCmw2-ftaD74Qnd5XaDuzBECI2-0eQ

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FFDC 89 KB
31 KB 375ms
374ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame FFDC 3 KB
1 KB 4ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame FFDC 20 KB
8 KB 3ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FFDC 0
0 136ms
135ms Image
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6xhiXYo4axUlQHxQnHHqMEWbILD9qmZ4TBsF9HUhBHM2SO8fk9JlUiZ60yY1MvbXeuI0FaPLCIf6ytpyZepVAgh7mYQ
Requested by: Host: t.ly
URL: https://t.ly/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFDC 187 KB
59 KB 209ms
207ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDC 42 B
110 B 137ms
135ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvKgI_Tm4MZsRqnVAY8SGAAAORmiNxCf3bItO66xh1WcKEFAIVppuuQuDxEmDyRBOkNAMTKOn8vsq-pShja-6yAY1ykdTEIHgwzAu20581l0rywig

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDC 0
56 B 134ms
133ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10521069414191037426&x=1&ct=76

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXcVFoNlKljkO5HpL5jfogFLZfpBRdsBz4wVE6uJ-7fnHIlxiuO48Wg2Y0A_vOY-whRL6CW8GY30Wt_sA3J9Yz8BAOzX1whLZHx0Ocl4tO06NdoJA9V86HYSH5AQNR1eMEEcJiGFw== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 238ms
237ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXcVFoNlKljkO5HpL5jfogFLZfpBRdsBz4wVE6uJ-7fnHIlxiuO48Wg2Y0A_vOY-whRL6CW8GY30Wt_sA3J9Yz8BAOzX1whLZHx0Ocl4tO06NdoJA9V86HYSH5AQNR1eMEEcJiGFw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDU3NjAwLDI5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdC5seS8iLG51bGwsW1s4LCJqZnN2SkhzeHZPUSJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

fdd10a61037583933c4113f543c6cb3f317c9565e3cbb453406495b4ce196908

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZheiAr7yFdp8z4AGAN7nBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZheiAr7yFdp8z4AGAN7nBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7A13 15 KB
1 KB 101ms
101ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:46:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:13:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 7A13 23 KB
9 KB 5ms
4ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:28:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 7A13 3 KB
1 KB 6ms
5ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 7A13 20 KB
8 KB 4ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7A13 0
0 134ms
133ms Image
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTG4tR-ImDjYmkoLa85r50FTCxEe6MiJNFQp6M0_sdii33yrLJcUJEKndOb2f2-vZM8A2wG1TokLGcYxXX-_YK48vbaEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A13 187 KB
59 KB 264ms
263ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:20 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 7A13 36 KB
15 KB 3ms
2ms Script
text/javascript 142.250.76.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.99 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 21:24:25 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5E59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1&C=1

43 B
771 B

112ms
111ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNU4GaCTkFPQXKmtv1nsDId_bEUHJ7EyKEpz1gPWvKN82oCXFxmQ1x9G9z1ikqbmpCmw2-ftaD74Qnd5XaDuzBECI2-0eQ
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRNx5wojCnvo%2FzGSk8aWQLxXg87Ub3blkfmMwpLCAhKLN%2FndFhZKYR%2FU2z60PCXJIv4lg1ZcH4TkbJcfnKdYvO4CmgVhrWBmvfKCM5AsKsHvyElPkAyr8bOx2PP1UYGnOCL7ydvpwOgdAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8110c583fc8b5581-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1XXbTzn4tkYFanuYIV0DODaRMCC6x762YtlCdYSMmjrJtGlPTYCo%2FL0i1O364kCFBkFlRhH2LP8PGICGW0uGCMSaZqZ73UCSfSVcuViraJgHx1CJbYR2UvHbEJp2jXj1ajqcet2TlvLbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8110c5833b62a7f3-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5E59
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR3jgPdNIA2hr4mVqFqDUgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1

43 B
735 B

109ms
108ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNU4GaCTkFPQXKmtv1nsDId_bEUHJ7EyKEpz1gPWvKN82oCXFxmQ1x9G9z1ikqbmpCmw2-ftaD74Qnd5XaDuzBECI2-0eQ
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpFGvKQyeHO3mO5FqUmRj%2BAyavBw6FzQS06VR8IiJYtFPa7wDDPJV6BzCO72%2FT9tMXX0Vt%2BiH1qsNON5xrmJWcT8xOthT22eOmL3y%2B5qi79u8TSV3tbCDGl5M8EoLp1s7zau4MD11fyE%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8110c5853d385581-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC4ET3KoaZjbJDQfXxvBEJ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5E59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPwvqeMz-swVPNtlKQ5LHZY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPwvqeMz-swVPNtlKQ5LHZY%26google_cver%3D1

43 B
893 B

195ms
195ms

Image
image/gif

103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPwvqeMz-swVPNtlKQ5LHZY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNU4GaCTkFPQXKmtv1nsDId_bEUHJ7EyKEpz1gPWvKN82oCXFxmQ1x9G9z1ikqbmpCmw2-ftaD74Qnd5XaDuzBECI2-0eQ

Protocol

Server

103.43.90.117 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
an-x-request-uuid: 769df9b8-8240-45aa-9f7c-c9297a8e2eb7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 66.203.112.163; 66.203.112.163; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
an-x-request-uuid: 821c6d9f-06cc-417b-930e-d475dce86a5e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPwvqeMz-swVPNtlKQ5LHZY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 66.203.112.163; 66.203.112.163; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E59
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNzgxODc2MzE1MjA1NDQxNA%3D%3D

170 B
188 B

100ms
99ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNzgxODc2MzE1MjA1NDQxNA%3D%3D

Requested by

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
an-x-request-uuid: ab131e3a-654e-47cc-81af-8faf3a6099d1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNzgxODc2MzE1MjA1NDQxNA%3D%3D
x-proxy-origin: 66.203.112.163; 66.203.112.163; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC10 1 KB
682 B 4ms
2ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 58266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 06:02:14 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 06:02:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EC10 0
173 B 109ms
99ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPMHPWghS_pKeIlJ_RWSi3o&google_cver=1&google_push=AXcoOmRXLjqRgoJu9e6r7QZAfvtGmkZ10QEf3S3t86QTUbd-wXKwQh8VXgyj3LzV9508S9zzOrPO5oGsHaJmvtECInAB12lHO3gvnkPeoTK93DrCF0-J1RaYok_8dUsRde5fDG0a0AYiEAxVf1jPFgAZLL4urA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC10
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEIDHAjwoCJIza9rLraX2zns&google_cver=1&google_push=AXcoOmTMahLZ74gjBBFeagjTb3REVXPcXG9U8EHcZTJHvJmPpDYjk0mZ5YdGaruB1tyLhJtqvKYKTFWfjDq3vVp-ezHCng6eiSA8Z3_g...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTg2NEExNDJFQzE0QTcxMA==

170 B
188 B

98ms
98ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTg2NEExNDJFQzE0QTcxMA==

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTg2NEExNDJFQzE0QTcxMA==
date: Wed, 04 Oct 2023 22:13:21 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame EC10 43 B
235 B 548ms
174ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEILvreqEEgH7DdkKZZ1YhDE&google_cver=1&google_push=AXcoOmR-3B4AybnjNiqEoI5OJZBst0tS9ZIR-fLOGqNm-L33mxnM59baPpo5p3zBMLCOj4l1aHOA8I2HAHram1TETNbU2RSbCClXF9ukc96r5L-MmD9oLvG54HVWOG8VZFPBl7jvVSaG16yo_mjqXbn2wnXCHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:13:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC10
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBdhJKblE99VXwQsGluPpZ4&google_cver=1&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lf...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lfHXQoPF0RoWV3k0TOeWc8nuO2HjFrES...

170 B
188 B

97ms
96ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lfHXQoPF0RoWV3k0TOeWc8nuO2HjFrESSo6wjK78wp6aUiRa_IhufoRT4XNx0r-B2Cpw

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmTeP9gw5arIN2AmBaW-KLyR43KuFhgFnUIg-KrAONlV6tJJ24w6fCW8O1T9lC6iWw0zA88Z3oIs8AMiZWK7V9lfHXQoPF0RoWV3k0TOeWc8nuO2HjFrESSo6wjK78wp6aUiRa_IhufoRT4XNx0r-B2Cpw
date: Wed, 04 Oct 2023 22:13:21 GMT

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame EC10
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj...

43 B
243 B

557ms
186ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj8YTlHY_fvzKmA24xnhlwgUPZ3hYVpAOLXROvVxOoB6VxKiZmyeXzkv67i6CjauhGeGdQydfsj4zP_YhJfjQB_B2QTQChwGo&uid-set=1
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 22:13:21 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 22:13:21 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPzhArCqmfp8vQkBHav6aE0&google_cver=1&google_push=AXcoOmQU1w12fm0544Zq7xwwYPEwSDF17Nmm7aekzdtt-ynAG5mLCLUJxaJj1cqj8YTlHY_fvzKmA24xnhlwgUPZ3hYVpAOLXROvVxOoB6VxKiZmyeXzkv67i6CjauhGeGdQydfsj4zP_YhJfjQB_B2QTQChwGo&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame EC10 35 B
452 B 212ms
210ms Image
image/gif 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEC6exBSdH76C40sUgXr7Wns&google_cver=1&google_push=AXcoOmRR-zucFin6fVH6fYxZWV1HBYKWAzuIsbehQ5dG14g2UoQVxCowcBLi3ntoAmS_kwTC2li_wps22FfYYtmGf1tr3ECWJUC2DL_APomXqxkzAVOaDsLQRP1LnmW5a0LCnVrUI78tcXnW51h8NTPwOReqAWE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame EC10
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEIJqaSU3xgfjsGGPmd5oFhw?ext-param=AXcoOmSwoI_DoEJCEURAzfWeGlbjIfR2juHAbSjMQAWChZw-8NFon_5AsAtJL-46VR-a5Wjhg-J6udI19RPmSohI82PetXYNdmreqC8jxjYohTqs8yhGdPidSV3h...
https://an.yandex.ru/mapuid/google/CAESEIJqaSU3xgfjsGGPmd5oFhw?redir-setuniq=1&ext-param=AXcoOmSwoI_DoEJCEURAzfWeGlbjIfR2juHAbSjMQAWChZw-8NFon_5AsAtJL-46VR-a5Wjhg-J6udI19RPmSohI82PetXYNdmreqC8jxjYo...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIJqaSU3xgfjsGGPmd5oFhw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

300ms
300ms

Image
image/gif

77.88.21.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 22:13:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC10 0
12 B 100ms
98ms Image
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsA8aNlv-A9JQez4jQqnYuVUHePK0sOrWuONDBCkgj5q2AEGubzfCJpHj9HFFX3HGub4Oj9qWb

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDC 0
56 B 204ms
204ms Ping
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7285602215453&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDC 0
56 B 196ms
196ms Ping
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7285602215453&version=m202309260101&ct=76&x=1&cor=10521069414191036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FFDC 90 KB
38 KB 203ms
202ms Script
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyVyANWMOsVitPVMjt6HlADngLlA3RZFZm-J66Gd2ReiU6bkYWynkKOcTJcLQjaTTM3qP5dIf5vasKIi6ZXz8b6KKpuA&cry=1&dbm_d=AKAmf-COB84qvLg0y5HhNjLnVPMXLPgOdHfBa8GmOFWcCaeU6bMb9vwuyirPbmsqwy9q-dh5wGzx9h8FXTWzW9YglXWUI4LjPVN0dNvfuW_PzeHmQwgE-Hgs5tSIFMK5jwT-4fkkdt101iR504z06kpRn1Gllo7pR6vYyAbeG9_nMUju2H-szM_v_TTjDLroz78lrJmMSB-aG44ELhEGZZ_Qtro7TJ_jB6MwmNRJU3gNwQL8Bj--wzFABnKYKqAuHAw9Y2Jw0HYwiC7Do7jIqYFdknLzkKf-MPlq1XrXJF2jf9GoELsohCt2YoBSVWIm0bJ7j2BMWiRw0Yol4wd-neLn3psQ0Mr6z-vMxqBKTFkHo_ukqOKobVozHPXvNfM3uC1AJpBx31g60Nlkx07HKvsEO8Xrc3zBq3_D4HLlsykf_EwgvjZj7vpmH6NW4iWU2gn-dYe2aV8h2wqXUbTwqQ_Qi3trvC25xUPrsBdh1LszF6OlBvYts1KsCbm_flR3RfTeNHuqaSBfLBX27lUmuEDkljQ3_7AQn0P6u1G9b4UwirDz_jeaYjvv5yR2aiEVhNQlZkO11HUVqMKJDBF7OGoImfGlb-dMB6vEhnHUPYzHzBHjJL6OHrMe0z693X92rwfyHNG38H80jPNbSec3Zn9_w4t2ja-Xe1y_Bv0bY-ZCCKCfawp1VwvVt3dv2cCAAPm3TG4b9WDiuM6tURbEqht_9UHXxCoKK8-656e6mUOkDjN-pn3fKvwVULIQnUJlmjl6vlM305b-yDvSu_Iwt0scDcN2bIQ9S0CQylA_Vu8X1nd3-3uh5tlhaQGlG6VbYtBonLV9QDZwo47GlIVREljFJfJzYMIv48QRKXlOctlIvqSckkRPUcMAtFvG0jYv_0SihvapCTlo-Zd0uXt7JIC9WcXOso55OKSwbT58x68oTAeBTDjtSXWedaBHtdzxonN609nbMtsizLxn_L7VlvpgDSRGmtczUBjBD-AYNEpNxXGyR_Otrp31qKX-cTtI6B3uUxbe7PGvLqr3cDaF1xUvvu6Af2SgYp_-TWFxa2QWd_WAPhMANCY5R7L_rKLjFgoKk8VJcXuJ8pK4Vw4cAvGFzJlpsSPFn_svzqY58rBAX-5i67CHwj7p68XbhRorNchOvKHlg-edYQML-xvQNd6ABauezu1bgmAtwI9tZIixYepsTvYhjW9r6e9dUi0NLC_v_Am1fHFXMJYAdMezR0xkRta7omx3W9muM4QyNOWLqgNbs0vAyj1ecU2CqWrEg_xsjL1PolORPAQ7gB6gA8Q-UusJGMxr1Qscz_YOtWLYecipydbQDhfI7Vt926y_uZt6goLGXr1p50zo7qepAiYPtmNeWbjs9qCtqN-CZ7RwpjNjdT1TQaMYVTZX4sZK8EDEMVnoesYNhrJAHglKWy7o3OZtH3E9QYVsFerrisvK5Y1OnW8CCewl99TOsdv7R2rfZ8BkMcILJwkpAhOhknNd_hEgJHBWstoxUa5SZ2UjyogjEgodRF6OzLsWlNhEg7_FopaRIjqMdNpBhTlr5IChjkbNQLx32pYhga9_BoMly9njKPRnjbg9lUouy_K2gTbIKEeXoElYthpYrUa8LF3LzWL6mcInKVfqZd7AG6DDzLgcVh3mbjCPuNE4OrbI04iz3MLb6UEFlquWhrRRio6Ak-oAoTP5M0UvRE8ZN_omSKBRfeD0vgse15GHVbqytsoFgRp273H347TpTt273_PjgNuTPtH3nX4dmyM21P14OlZdqW0SRhRL3ty4DozDO8eVefQe0BTRq8p9ndDpxebn7dBjxi0vmLBN2gibQFFBkmDKBCYunKZMCj4w0bEyRkwm4qp5svn18OGRqm9NnQNj5slwQtQyGqRa62ZdW7y--9DMHJSwm1lhDZ2rEGmqnbYa8AY0QMyNwKbBubz19J9QBao0CLNxAkPrGKtfUDQ56OILlI2Np3qmp2IKYx9lo-O7DG9a-0Ht7Y8H9Wve9WIBILTihzMCdFX7eW__wwKziPboDIdB93FXkN6gEQlnvt4bFvAKaibk5gcJAFWyjYNFK9fccHwzP2qZh2qB5bCro_pBakdClvRT3XrAr4B7oHbCjFbbqs8knZ04LQaVCMEc8nsvyFi4hUff7i2PgWMVx0p5qmSejLZ-O2PC0qpC534w27knyRXq4a9JgwfWpbTRynnIswWFlaNVZ-aCKYvT-vY5mLtvRriqAwy9Sr_6IgLuCeFK3wjm46xF9lCAjU-AzieMqVPLkTyXoRY0GAJtEA72yDDzHhnDMJ3X0gkP48ib67fzCUCLEtNIvvbMwL5K402Zil9V7WlQZQGRD-Jn_w8QWHpWce97Hi-0KmmyfglekG-Bgzuan6_duU2SzCgsxquO3q9l9hq7_RN_obc7I571aNY-P6mHctCBctAz3hr-47hcMd6vZ57XfCgQrkG-h3iBu9NdtOkDGbKZ9z3erQjBsgNnl67125v0xZc8OpuZQYTHgvU7MOIM_gPhegQity9qNQzTdsCRT7RrMysLLVtbkPhqmoel15nymq6W62_q-9UIolkXVdjtZZKmjYTjqx_vZo6yR5jZ8TuIDGp3JdF3uis7M2vQuZyy_gQ-kkd_rZo6gHuL6gwm4WdkVmncHP3-hvxNzbyG58ancdCT54k4p6vjiarZquYQBVXoKhrXxIcRwPS1vh4iMCNoPfpy3cODYfcD8HkTk5uf-Jp9pP9PT87QMq_my6BkyNe_ycBCU_9_D7ApdsnbJLCO46B0kUDE3u7RHfBS20u0zeSc5YRXo78NxCIOho7GHfmSFNzwFh8Mc8aTaHkpZqcXVeU_xoxj2LiaPWaWIcLhFnmoOm6cuTSqgVyMqNM9XtuaKAfOkrkTs3bvKkNR5HSzc3LgeSViBFDyzvnc-txL_If7-2mGHAF2bimE2MdjuDLbYg8RAyE9zMrBcdqJUE7ulCOJm92o8Is6bHn6Bk8toTPCboVOSorRt3nqvqZhYBSSXdManESxbsjAyh1pm28tLRB4WQxISznKkIid_cpsEFO_z3grAdt-dDUvXi6gYrMT3J5oAQj81zIyPCbUES0K8CG5LAERB4bsr4ysl_SJHPql_xasDQbaahm0T5NTloIxccatLwjMU47iu8INaalw9Goa2LpKan0T81qce8iQr78Fpwg2RwOzkxKaj16y8ntyUbt3lm4Cs3gPYJJG-DZ7UEb_w5ae8tYhuUFhVbGYC6ONu_MKaZ00ThFNoEE9p_1YDwBvoAEYKfxvETRWpkoETZqgs15vNqel4GyaYBSTsd5QZizyeLbB7r-1j5ZO6RzPJVpdm0T45e2V&cid=CAQSKQDICaaNzvJJfV33wVrDCPpdkIIig4tpU_isyeMY14cwNRZx3XQXdcmcGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ft.ly%2F&ds=l&xdt=1&iif=1&cor=10521069414191036000&adk=1405019969&idt=388&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

ba620ad2291e21433bc6c7a08ff3009542a987e20b51e0099854c4f200536ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38199
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame D17E 37 KB
14 KB 8ms
7ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:07:11 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7A13 61 KB
23 KB 8ms
8ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2c0a8f02e8ef795aecc87e8e323c15fdf29287d20501d6ea0cf1dc53e2d2ea9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3588
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23347
x-xss-protection: 0
server: cafe
etag: 5707400221330747696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7A13 0
45 B 96ms
96ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lncb1ybh&chm=1&ctx=2&gqid=fuMdZcCmE5GcmsMPsZWWmAc&qqid=CM3GmYS13YEDFSUFtwAdvncN5Q&met.4=fb.w~lb.4s~cmrload.5h~ol.al~bdt.-2xt~bpp.-2c1~idt.-1n6~dtd.-1lq~dt.-2c9&met.3=492.4k_2~518.50~733.9m~748.a6~742.9m_m~739.a9~555.ad~556.ad~738.ak~749.ak_1~113.bw_1~113.bw~112.bw_1&met.1=1.lncb1xzm~14.1~15.1~16.1~17.1~18.2~19.3~20.3~21.3~1.lncb1xuu~6.0~7.0~8.0~9.0~10.0~12.1~13.3~14.4~15.1i~16.65~17.65~18.65~19.fd~20.fd~21.fd&met.7=CAwQCBgBMAI4BA~CBIQBxgBICIoIjCJAThnaCNwhwF46wuAAb8JiAGJdaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CAkQChgBICQoJDAqOAZoJXAqeOtJgAG_R4gB_bcBsAEBuAED~CB4QChgBICQoJDArOAZoJXAqeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBICQoJDAqOAVoJXApeL9DgAGTQYgB050BsAEBuAED~CBsQBhgBICQoJDCrATiHAQ~CE0QChgBICUoJTC1AjiRAmgmcKwCeLfXA4ABi9UDiAGu2QuwAQG4AQM~CBsQChgBICUoJTAoOAQ~CBwQBRgBIKgBKKgBMK4BOAZorAFwrgF4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIP8CKP8CMIkDOApogANwiAN437gBgAGztgGIAfnpA7ABAbgBAw~CAwQCBgBMAQ4qQRoAnADeKMlgAH3IogB60-gAdT-_________wGwAQG4AQM~CBIQBxgBIEIoQjCoAThnaEJwpQF4rweAAYMFiAG8I6AB1P7_________AaoBFQoTUm9ib3RvOndnaHRANDAwOzcwMLABAbgBAw~CBsQBhgBIEMoQzBHOAQ~CBsQBhgBIEQoRDBJOAU~CEwQChgBIEQoRDBIOAVoRHBIeMM1gAGXM4gB6XagAdT-_________wGwAQG4AQM~CEsQChgBIEQoRDBIOARoRHBHeKJFgAH2QogB-KIBoAHU_v________8BsAEBuAED
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4B1 42 B
174 B 108ms
107ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0IkcRjXqzhdenH1hI99C4UJ-caSjhZjgHJlIt9BATtsI67VWJCtOa2sRmLkYPZH_1GRIjd9yK58CFmyuGPp3CHC8x-PTqk8L0gb6JVRUFBAkGlH_LsI-S0xQJ7kfareFRIl9GC9oc5w&sai=AMfl-YSuQ9s-YnCNphlxpKwgUqcvouT_Gw0GmAeWoxfWz260_YpGfm-MFWAEVSLDCpdMhBPW94QAZ9P0Fytw0uJjVZijcvvfzmdtA4yQLMPHSSvRcrNEBA87J4Dn2pCF&sig=Cg0ArKJSzAymbn32pUsCEAE&cid=CAQSPADICaaNg81Gs8zaNuaMeQEKODPjFtOcWIDYfTnxzCBiVbhH0pmiOLdCsz9WP-V7Hfq_OzyNGE7T_Inv0hgB&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=348108860&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696457598277&rpt=1549&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FFDC 111 KB
39 KB 407ms
2ms Script
text/javascript 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 04:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 04:41:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame FFDC 11 KB
4 KB 3ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyVyANWMOsVitPVMjt6HlADngLlA3RZFZm-J66Gd2ReiU6bkYWynkKOcTJcLQjaTTM3qP5dIf5vasKIi6ZXz8b6KKpuA&cry=1&dbm_d=AKAmf-COB84qvLg0y5HhNjLnVPMXLPgOdHfBa8GmOFWcCaeU6bMb9vwuyirPbmsqwy9q-dh5wGzx9h8FXTWzW9YglXWUI4LjPVN0dNvfuW_PzeHmQwgE-Hgs5tSIFMK5jwT-4fkkdt101iR504z06kpRn1Gllo7pR6vYyAbeG9_nMUju2H-szM_v_TTjDLroz78lrJmMSB-aG44ELhEGZZ_Qtro7TJ_jB6MwmNRJU3gNwQL8Bj--wzFABnKYKqAuHAw9Y2Jw0HYwiC7Do7jIqYFdknLzkKf-MPlq1XrXJF2jf9GoELsohCt2YoBSVWIm0bJ7j2BMWiRw0Yol4wd-neLn3psQ0Mr6z-vMxqBKTFkHo_ukqOKobVozHPXvNfM3uC1AJpBx31g60Nlkx07HKvsEO8Xrc3zBq3_D4HLlsykf_EwgvjZj7vpmH6NW4iWU2gn-dYe2aV8h2wqXUbTwqQ_Qi3trvC25xUPrsBdh1LszF6OlBvYts1KsCbm_flR3RfTeNHuqaSBfLBX27lUmuEDkljQ3_7AQn0P6u1G9b4UwirDz_jeaYjvv5yR2aiEVhNQlZkO11HUVqMKJDBF7OGoImfGlb-dMB6vEhnHUPYzHzBHjJL6OHrMe0z693X92rwfyHNG38H80jPNbSec3Zn9_w4t2ja-Xe1y_Bv0bY-ZCCKCfawp1VwvVt3dv2cCAAPm3TG4b9WDiuM6tURbEqht_9UHXxCoKK8-656e6mUOkDjN-pn3fKvwVULIQnUJlmjl6vlM305b-yDvSu_Iwt0scDcN2bIQ9S0CQylA_Vu8X1nd3-3uh5tlhaQGlG6VbYtBonLV9QDZwo47GlIVREljFJfJzYMIv48QRKXlOctlIvqSckkRPUcMAtFvG0jYv_0SihvapCTlo-Zd0uXt7JIC9WcXOso55OKSwbT58x68oTAeBTDjtSXWedaBHtdzxonN609nbMtsizLxn_L7VlvpgDSRGmtczUBjBD-AYNEpNxXGyR_Otrp31qKX-cTtI6B3uUxbe7PGvLqr3cDaF1xUvvu6Af2SgYp_-TWFxa2QWd_WAPhMANCY5R7L_rKLjFgoKk8VJcXuJ8pK4Vw4cAvGFzJlpsSPFn_svzqY58rBAX-5i67CHwj7p68XbhRorNchOvKHlg-edYQML-xvQNd6ABauezu1bgmAtwI9tZIixYepsTvYhjW9r6e9dUi0NLC_v_Am1fHFXMJYAdMezR0xkRta7omx3W9muM4QyNOWLqgNbs0vAyj1ecU2CqWrEg_xsjL1PolORPAQ7gB6gA8Q-UusJGMxr1Qscz_YOtWLYecipydbQDhfI7Vt926y_uZt6goLGXr1p50zo7qepAiYPtmNeWbjs9qCtqN-CZ7RwpjNjdT1TQaMYVTZX4sZK8EDEMVnoesYNhrJAHglKWy7o3OZtH3E9QYVsFerrisvK5Y1OnW8CCewl99TOsdv7R2rfZ8BkMcILJwkpAhOhknNd_hEgJHBWstoxUa5SZ2UjyogjEgodRF6OzLsWlNhEg7_FopaRIjqMdNpBhTlr5IChjkbNQLx32pYhga9_BoMly9njKPRnjbg9lUouy_K2gTbIKEeXoElYthpYrUa8LF3LzWL6mcInKVfqZd7AG6DDzLgcVh3mbjCPuNE4OrbI04iz3MLb6UEFlquWhrRRio6Ak-oAoTP5M0UvRE8ZN_omSKBRfeD0vgse15GHVbqytsoFgRp273H347TpTt273_PjgNuTPtH3nX4dmyM21P14OlZdqW0SRhRL3ty4DozDO8eVefQe0BTRq8p9ndDpxebn7dBjxi0vmLBN2gibQFFBkmDKBCYunKZMCj4w0bEyRkwm4qp5svn18OGRqm9NnQNj5slwQtQyGqRa62ZdW7y--9DMHJSwm1lhDZ2rEGmqnbYa8AY0QMyNwKbBubz19J9QBao0CLNxAkPrGKtfUDQ56OILlI2Np3qmp2IKYx9lo-O7DG9a-0Ht7Y8H9Wve9WIBILTihzMCdFX7eW__wwKziPboDIdB93FXkN6gEQlnvt4bFvAKaibk5gcJAFWyjYNFK9fccHwzP2qZh2qB5bCro_pBakdClvRT3XrAr4B7oHbCjFbbqs8knZ04LQaVCMEc8nsvyFi4hUff7i2PgWMVx0p5qmSejLZ-O2PC0qpC534w27knyRXq4a9JgwfWpbTRynnIswWFlaNVZ-aCKYvT-vY5mLtvRriqAwy9Sr_6IgLuCeFK3wjm46xF9lCAjU-AzieMqVPLkTyXoRY0GAJtEA72yDDzHhnDMJ3X0gkP48ib67fzCUCLEtNIvvbMwL5K402Zil9V7WlQZQGRD-Jn_w8QWHpWce97Hi-0KmmyfglekG-Bgzuan6_duU2SzCgsxquO3q9l9hq7_RN_obc7I571aNY-P6mHctCBctAz3hr-47hcMd6vZ57XfCgQrkG-h3iBu9NdtOkDGbKZ9z3erQjBsgNnl67125v0xZc8OpuZQYTHgvU7MOIM_gPhegQity9qNQzTdsCRT7RrMysLLVtbkPhqmoel15nymq6W62_q-9UIolkXVdjtZZKmjYTjqx_vZo6yR5jZ8TuIDGp3JdF3uis7M2vQuZyy_gQ-kkd_rZo6gHuL6gwm4WdkVmncHP3-hvxNzbyG58ancdCT54k4p6vjiarZquYQBVXoKhrXxIcRwPS1vh4iMCNoPfpy3cODYfcD8HkTk5uf-Jp9pP9PT87QMq_my6BkyNe_ycBCU_9_D7ApdsnbJLCO46B0kUDE3u7RHfBS20u0zeSc5YRXo78NxCIOho7GHfmSFNzwFh8Mc8aTaHkpZqcXVeU_xoxj2LiaPWaWIcLhFnmoOm6cuTSqgVyMqNM9XtuaKAfOkrkTs3bvKkNR5HSzc3LgeSViBFDyzvnc-txL_If7-2mGHAF2bimE2MdjuDLbYg8RAyE9zMrBcdqJUE7ulCOJm92o8Is6bHn6Bk8toTPCboVOSorRt3nqvqZhYBSSXdManESxbsjAyh1pm28tLRB4WQxISznKkIid_cpsEFO_z3grAdt-dDUvXi6gYrMT3J5oAQj81zIyPCbUES0K8CG5LAERB4bsr4ysl_SJHPql_xasDQbaahm0T5NTloIxccatLwjMU47iu8INaalw9Goa2LpKan0T81qce8iQr78Fpwg2RwOzkxKaj16y8ntyUbt3lm4Cs3gPYJJG-DZ7UEb_w5ae8tYhuUFhVbGYC6ONu_MKaZ00ThFNoEE9p_1YDwBvoAEYKfxvETRWpkoETZqgs15vNqel4GyaYBSTsd5QZizyeLbB7r-1j5ZO6RzPJVpdm0T45e2V&cid=CAQSKQDICaaNzvJJfV33wVrDCPpdkIIig4tpU_isyeMY14cwNRZx3XQXdcmcGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ft.ly%2F&ds=l&xdt=1&iif=1&cor=10521069414191036000&adk=1405019969&idt=388&cac=0&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:26:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 21:26:11 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame FFDC 30 KB
11 KB 3ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 21:26:34 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FFDC 41 KB
13 KB 3ms
1ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 593678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 01:18:42 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BB9C 1 KB
677 B 3ms
2ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 58266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 06:02:14 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 06:02:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FFDC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ee993b2ff0d28dee858174cab56596a985c700f70e0c62e10bfcc65b253bfcd

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-...
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo2...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUx...

170 B
188 B

100ms
100ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-bSmQix8wKt&google_hm=Abdm9UKGFFJZks8AD7P3ynJ-isA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS3gdpWRbzyG6dwhMSYI6cwxx8NgPkTGIcn02chVasaNxMFqUI2IT-ktf8tPi5feIr9PW58Xdo7zYOLzS0TWW6FHfUmbsxc2tKKvrtn2ZeCnRkSWlQ4EJLcgu6g3nPUxQozo275w85ve-bSmQix8wKt&google_hm=Abdm9UKGFFJZks8AD7P3ynJ-isA
cache-control: no-cache
content-length: 0
x-amz-cf-id: Cp8DAk_9fuHOYv9m3EiGO1WvulOKKb2ifFd6F8IaaU9V-yN65OM5lw==
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEC6x02Ns3OhTKFPgo2Qkx2s&google_cver=1&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSw...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEC6x02Ns3OhTKFPgo2Qkx2s&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSw...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7Xkjvh...

170 B
188 B

98ms
97ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7XkjvhGU8T5GSL41fOOXEC8X_EvlC9CDA&google_hm=a3ExVTU3UWNPOEgzcG9VcDZWM1I=

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 22:13:22 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxaCJ-xTfMNPmz__3Sc5hHfDTPETOsRU_sH1SdKPwgjkuzYze42tDjvWkdWU2LqSTW52hxmse0wMfSwgkmxsDhnv2hNtxeMGc1ZKwG5JY3HhuYWiJikEVyn7XkjvhGU8T5GSL41fOOXEC8X_EvlC9CDA&google_hm=a3ExVTU3UWNPOEgzcG9VcDZWM1I=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 294
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame BB9C 0
161 B 587ms
195ms Image
application/xml 133.186.161.89
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOq5qejpe93P69-KCNhCQFA&google_cver=1&google_push=AXcoOmThVTmWWRuFwOxWU4B_P2rM3r9pNFgJGl8L8JT2po9ThAN4uPspXI5PJf818ynP-FzBWX8OAP19HP92t-XrSTfFHl7RmPtCu-CZ2RVhy1jNhwI6c--MSXL90fCi6IlDgiT4zvN5N6XPhyzLo5oKkUc8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:13:21 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH5IRTQ9Q1Ppvcf0VR5Rn1M&google_cver=1&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176gpz3eOjil0yc4mX08z0io7XxxH4AlQM1Gy9r_Xv1LV...

170 B
188 B

98ms
97ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176gpz3eOjil0yc4mX08z0io7XxxH4AlQM1Gy9r_Xv1LViibRcO7FAnWFkiRqWE6wR93cy2A&google_hm=AcMW8WoQH0R_u8SPfhYwONU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQknDuGCsL9lPuRVRUpYyPztkXF78oWAT0DdxboC2sQETAba1V-ZQh8Fr--KDd_fI86B8e_f7EE6-Ros1176gpz3eOjil0yc4mX08z0io7XxxH4AlQM1Gy9r_Xv1LViibRcO7FAnWFkiRqWE6wR93cy2A&google_hm=AcMW8WoQH0R_u8SPfhYwONU
Date: Wed, 04 Oct 2023 22:13:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 289
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTQAAM3PRVgswRq33OxQl2H9N5SkZlRn3yHtiRZ5s3lADl5eh7V04duEOaeBkUnlTANpfi4ezFU5XYiD76fYtjjZg3R_0aNtwU2OzTTzZf4m1dLnJBHQpF4njhAv...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIPkHc2xXdOXxfb2tTI8hJw&google_hm=T1BVZDJiZDU2YzA2ZjQ5NGIxNTliMjA2Y2EyOGNlMDIyZTg&google_nid=opera_norway_as&google_push=AXcoOmTQAAM3...

170 B
188 B

102ms
102ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIPkHc2xXdOXxfb2tTI8hJw&google_hm=T1BVZDJiZDU2YzA2ZjQ5NGIxNTliMjA2Y2EyOGNlMDIyZTg&google_nid=opera_norway_as&google_push=AXcoOmTQAAM3PRVgswRq33OxQl2H9N5SkZlRn3yHtiRZ5s3lADl5eh7V04duEOaeBkUnlTANpfi4ezFU5XYiD76fYtjjZg3R_0aNtwU2OzTTzZf4m1dLnJBHQpF4njhAvmJQd371hMhm7W_yVfTagI0Fov2bhfg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIPkHc2xXdOXxfb2tTI8hJw&google_hm=T1BVZDJiZDU2YzA2ZjQ5NGIxNTliMjA2Y2EyOGNlMDIyZTg&google_nid=opera_norway_as&google_push=AXcoOmTQAAM3PRVgswRq33OxQl2H9N5SkZlRn3yHtiRZ5s3lADl5eh7V04duEOaeBkUnlTANpfi4ezFU5XYiD76fYtjjZg3R_0aNtwU2OzTTzZf4m1dLnJBHQpF4njhAvmJQd371hMhm7W_yVfTagI0Fov2bhfg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 383
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEC6exBSdH76C40sUgXr7Wns&google_cver=1&google_push=AXcoOmTVv_wSDY7p1TiWsAh8tAieWOip882psxO7S-6gcGd-s_Xn_5xtp4mBnU7Sx6FpvSAHdMMF6BNQgshQlW0...
https://cm.g.doubleclick.net/pixel?google_hm=NzFiYWMxZjVhODcyYWExYQ&google_nid=yahoo_japan_ads

170 B
188 B

98ms
98ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=NzFiYWMxZjVhODcyYWExYQ&google_nid=yahoo_japan_ads

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:13:21 GMT
x-content-type-options: nosniff
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_hm=NzFiYWMxZjVhODcyYWExYQ&google_nid=yahoo_japan_ads
cache-control: private, no-store, no-cache
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB9C
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESELI4tcOiQwG1VFUmI7pYk6w&google_cver=1&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7I3IypbLxsL0_XoSrMNe9MBE8JiV1...

170 B
188 B

98ms
98ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7I3IypbLxsL0_XoSrMNe9MBE8JiV1mnYq66knHBZ2mRUNv1JNq1hiPnmaKyDpKQ&google_hm=5bead3a079adf160130yzu00lncb1yu0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSvbzxqlm-k0DLwCVQAKSxP8jMkBjN-lRA81FbOXgGUJ8NdnXobbGPoxAxByAjD4oH7zkD24PdSs4wA4zVV-ofOO6GY7I3IypbLxsL0_XoSrMNe9MBE8JiV1mnYq66knHBZ2mRUNv1JNq1hiPnmaKyDpKQ&google_hm=5bead3a079adf160130yzu00lncb1yu0
date: Wed, 04 Oct 2023 22:13:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BB9C 0
12 B 97ms
96ms Image
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOuljgN5EA6kpZbdHLfflJp72f5gadzFGp86KmjpIGeHXwHXg46Qowziu27px6137lrryontk5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 97AA 22 KB
8 KB 2ms
2ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 158430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 02:12:50 GMT
expires: Wed, 02 Oct 2024 02:12:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 97AA 37 KB
14 KB 2ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:07:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97AA 0
56 B 138ms
138ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXi-GgOMdZeimMJ3EmsMPl7GH0AEAAAAAOAHgBAI&bg=!1tWl1ZrNAAYMG8UMLBs7ADQBe5WfOGkjbpEIv74PIV26Nnd_6-6kXDbVpL7e1u-yoLBkX0acPlOys2FzvNJgm_PysVnMAgAAAElSAAAABGgBBwoABp1WEygOEpkDDbMJCiNw7EgBKZsRAXol2AeeFNp9n7H3oiwW2b4HKy0Q_WcAnnYsviDCuph8H8IHZ0Dneos0DBSfxftdQJP0MFl44uJeqvinhC7VXMhAR1hM99bKg8lgkeXNdQzFYTLxcg-r-oCz6q96qHH7QdulaLA-m-j40URe3TE5A3rT6J-UOJIRfELSKkkYHfFlS3hJfJsEU2KYaaLWdzmfq-ZtG9OTfabcPxbJXeRtek5ovtvv1L1Gn22vqOvTYsDL8M3RgjFY9aHtZ68gqReRybbmlIox-vSNaAWSbvMVeQ8E6mHTACC5cdxMm4NOS6BveyTVrKGaCjol46NV8lsA2qWG524_pniFNlHlZLC2GkPVz7QfQfA2D-AIg4QLKPmVKlrdkJdnop_Sh6Ld8l7Lln7iL-TJQAl7qcZPDo54ixc2g9fHHrrZZQmuA0eB14Ymqkyt3n2D9DHzhLVHBpl4RKF-aDfzjGAu7NVnsVbNqBHJ5TmQK94mccSNifen5-yVqiYfWAOoJkQPqrAqZjpiHkvFyKgBM6J01Z0eMz_g6ylDgG2c08ZQQxKoojdVSP_6g6h12eHT0PKWULAPEoLhjR27Os7T4yOH6VDHa0Mh9xoV769JAcMW82RBghSMhHJk0LwiYY96HuHC25kyuUeH5Q1d1yLalSEkke3TrZ_KGbA4yzPMykEXbz0IjMObR6hpX2XoOYIfe5P90G36ffsaThLaXpUhP3HFDPvaRtiHWsKeR1Yqi8y-rlLEYPWVjwsP87_4KKafu1TvdGKbICwBtwBtypOGOuiVmvSfZ0wWUnHT8WVmEju_3FsM_GhEruni71y4J463b43xw55o0vx9ZY4TGZij-vMFZtPYlDCCE9a_MmKBV_5iuNhQsn3CJ6KGAcVOYPXP0NLDha7-CHqoRt9uInSDHxLpfEP7rXab0RwuWpwDrih192e9-5QHmF0JPU5uE17hlY7Pl0VuI5G6iNjqc5TrTlsQfhTLnhN9kKHLS9nG4sWjjnt6v8gkJdWHRXCBeoKfPbtZi9EUhtZoX_c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame CF10 23 KB
9 KB 4ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:28:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CF10 8 KB
846 B 100ms
98ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:42:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:13:21 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/ Frame CF10 15 KB
3 KB 415ms
3ms Stylesheet
text/css 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 21:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 19:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 21:11:10 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/ Frame CF10 371 KB
129 KB 416ms
5ms Script
text/javascript 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

sffe /

Resource Hash

2bd04f73111427a6fa4240c968eff556e1e679f3ac0d53275534f9c333df6d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 21:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131960
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 19:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 21:11:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame CF10 20 KB
8 KB 4ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 15:14:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CF10 0
0 134ms
133ms Image
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe_FA15P_G9vtGkNMnd-Ss1-zdwZJfQhZqOWHcTAa_knHW8Qf2OIx_0MMBTszn80k48OURqWDwvjZqVV-AMtSWHdZP6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s17-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9463147228097937408/ Frame F155 14 KB
4 KB 699ms
2ms Document
text/html 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

1dc412192fb68bcbe593695702821ca662c5e24010638fe385416b8da4137391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 559525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3545
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Sep 2023 10:47:57 GMT
expires: Fri, 27 Sep 2024 10:47:57 GMT
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFDC 0
0 156ms
151ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6NHnZt2tgcgZzFpHCT_nC2oAUxuTsu8ISFDE4_-wxPUV8dEPqfDjAnGGlq7L2Kf1SL1J3lTigfQl79CaXtswbEI9gxfBKSllSwuNMjf5UFV7v35-yx5QF0SMaOhsQb_qqyuSVODYkfW60CCq5exEoMQz6NHBMbaX8yrAOkUE77xy_AQnpB1pa-Dhg9QT87lNYizqS2twWe1wUuuE15m6BOafK_q-FfUDwinhp93lm0BtIuTh9nPCPeLkLSSuFNdTD5kuxWFfPbQR8NvUCm6rf3nEyqnAeu97DfYL795nfvZ_TP1zPYViO3XSBZbriket0INfKCZvD9vVgBij5vPQXUgsaAv8ea0DNavHPos1b9RnI9Jbi8rItEYzCuvE8VkTZNaZT3vt3OCEV0_auYVH_unUNqGROfM4hhXkafB8x-owDF7e36sd3XinOp_agRwJQ3dAq0RHT6OtW8Q5rMn10aK3pbflQqp-37YQn-tTcI87JiKGazcCv_-iP5cbG5_ZQJL5GaqWaIqI_TrcCwdJdkEdsJYAXncg6brXE7oXxEML-GYFSgLmwtuiBZJVSvNvtyl8UxeXSjUr0m3SKgtMkY_qwz_uGVLCVkz5Ukz8Yye-EqTlfsiCZT_fkxnUDEqEjajFW0W2pPpBvc4S3zupNyNJWaGCfCrvkm4XXp8tuXvMGq3LY-98eWOAuEJnagDChL6v_y8ScnzQTMvnfbn4uaa2Sykb-A-0oo9rrL2XNqgWpB4NqW690ishVGRn0kouSBUnrC086G7BzVwtmOTJ3Jfa37uOPHJuwdaIZvmdmXwYYglxFuE7Msc0zkI55_ov0BTBJrnIFJ7qHVbq6b-M08GjOR7KYhl1OD0cMjyevCn1CXp7VqGc3CwDngU7p61Rlz2Tmk-H0MFq00t1s4P0KGbybpAZN4oQ4yOJ4S1Oo3nY1z0FFOJAry2KdS4umQMjnTt185l6rv5hG0VNgqH3Jj0zHuisBkR6t1gPA-3bSBRg7rfu05gaLRo0979FRcRItFeFGwZsc6sBfpy5Uqi_P3HaNt_aUv_mjjofBFZ6RtJWiLQME-d5sogFgYVHRKQTKk481-QBj6jFNH9hcM9HQRPX9KouSQGc_Ni94ntLnxMVGa3WSSxOHG4WNIHEhqhoP5fvuxqqV18M6nktFdEKytNuQv-06Eh-xsjlIO8sPKzbz2id6eIjlm0suAiDXQJERaVxVqvlh0LxQ3Jk2mFAYh8DbZs7lwpNtg4l4ebb1ET6DSE-PXFPcB-_hqgV6zYASCmpt8mtwe_PABjGA5h1dCWE-mm6yGaQZn4uovKJoZJo&sai=AMfl-YQmPvCioukQERW7i6F7Zv8niNFAd2VOWyC7PsbFKjZ3VXxQOggCkS58mF6x1BOzQBeR05ETubjJPTBTVYhngaStqJmIKngIRjTgs0rYA5NtA_YRv5VIVRGFQ22iA0rK4l8NRn36HQ9ZqB5Zy6NbQ-b1qBSjPB8bSLlp1sI1fvkzMSMvtitMn7oqNeMbD7w8WclI8jAAYGaA3m0Fb3kYMLSV-CzkJ2lujBo4YA&sig=Cg0ArKJSzNr0ZGo7rNjcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=415&cbvp=1&cstd=412&cisv=r20231003.40426&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 22:13:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

firstevent
ihg.demdex.net/ Frame FFDC
Redirect Chain

https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415

42 B
944 B

13ms
13ms

Image
image/gif

3.104.241.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

3.104.241.36 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-104-241-36.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-apse2-1-v050-0de40f437.edge-apse2.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: X+mdX42HTMc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-apse2-2-v050-03a2588aa.edge-apse2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zqxmT1kpQU4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=3496899415
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
518 B 106ms
104ms Image
image/gif 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.3159714052333866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FDPHVLKgM4l5GjX4VcKp1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-FDPHVLKgM4l5GjX4VcKp1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
254 B 569ms
568ms Image
image/gif 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.507570363103214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AcwYbGFLoPxLespGYhZmQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AcwYbGFLoPxLespGYhZmQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CF10 0
54 B 95ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lncb1yzq&c=2950690074998&slotId=1475345037499&qqid=CNywjYW13YEDFdOV5godp1cNXw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF10 15 KB
16 KB 2ms
2ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:03:52 GMT
x-content-type-options: nosniff
age: 461369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 14:03:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF10 15 KB
15 KB 2ms
2ms Font
font/woff2 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 19:09:05 GMT
x-content-type-options: nosniff
age: 356656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 19:09:05 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF10 0
56 B 142ms
141ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTcYrgOMdZdzwDdOrmgenr7X4BdPowfdy9KGEnPoQnNj8-IgkEAEguZ3JD2ClgICAkAGgAan_5cYByAEFqAMByAObBKoE3QFP0IEd5bqSXsvNCxHiE3Xv4H5vh8pxV7ubsMr_9GIFw6h31vwyrXLrGFhf6jMQ81132mzXEMn_-V7NrDUa9vhplscP3Rq0XhDzL5nVpuAA_Vh8l4csrqZIwpxOQUPF4J9WOMqJ-opxaz21xE7XJioIpYqZV0kUSa2tMpi_19W8llnhT71KEaS7Cyad7URhVl8Y-xhVtBHP9-gtpu7KrFcM8TMRNsj_aR3vFtjnkKhgqGv2KRZWv48KJwZMVTJQAuLUYE0iFGx_dn_97nYZSIZ5m8Ueplxc_j6owzSTnsAEi5_HgZoE4AQDiAWZut-oSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGqDQJBVcgNAbATztTxFNgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1696457601651&ai=CTcYrgOMdZdzwDdOrmgenr7X4BdPowfdy9KGEnPoQnNj8-IgkEAEguZ3JD2ClgICAkAGgAan_5cYByAEFqAMByAObBKoE3QFP0IEd5bqSXsvNCxHiE3Xv4H5vh8pxV7ubsMr_9GIFw6h31vwyrXLrGFhf6jMQ81132mzXEMn_-V7NrDUa9vhplscP3Rq0XhDzL5nVpuAA_Vh8l4csrqZIwpxOQUPF4J9WOMqJ-opxaz21xE7XJioIpYqZV0kUSa2tMpi_19W8llnhT71KEaS7Cyad7URhVl8Y-xhVtBHP9-gtpu7KrFcM8TMRNsj_aR3vFtjnkKhgqGv2KRZWv48KJwZMVTJQAuLUYE0iFGx_dn_97nYZSIZ5m8Ueplxc_j6owzSTnsAEi5_HgZoE4AQDiAWZut-oSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGqDQJBVcgNAbATztTxFNgTDYgUAdgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CF10 0
54 B 95ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lncb1z04&c=2950690074998&slotId=1475345037499&qqid=CNywjYW13YEDFdOV5godp1cNXw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.15o&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame CF10 29 KB
17 KB 319ms
119ms XHR
text/xml 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DvSjkykwOeg9iypKyg_hptXGDsRcJOlqke2llnOXC8o2vm8rhx5izQlW3ggzghn6Eh6Dyjsvzn1hUt7jsj3CXrvcfrJA&cry=1&dbm_d=AKAmf-AgQTz3ZgvhQFd7iVFONRph-xZa9eeNOEvpW6NylXilFTeZeyIZLySkx0Fs9T6HwqLlt1vrQmifRiDMMVPdXKgW5J6SS2Dao2Y-SOYOna1Wu1qSbNh_btG6Stc9ITx93_rqeDDYawcE7GdiA1E9nsIlhY8n_fTg5QwHBXfFNc7Rh4OXQQ2ljEt2S5yWxWWJvjpoOZJPfeu_zAoCS57N7jud2-vUbBUxH_xUdZAdOSgweRwoLwNsjU_Xm1YcUeWL9hDbZAFnuoSC4uDgIvoad55dvaAbi0pvGu9wLl4Dp6vXKKK5Da9abHGZMZh_Lzjc1q7ywerBa7hFecST_uheyqpSF7tDjKl8nxW1-gqfPkJT1q-iHy9FGyeoRClBHawUv9Qojf02hEr4Jlw0ddBVS-QT3uatI3j2lQj0F8VdsUUQ9VfLO9dkJzLPT-K2QnD8FzC0wwNLeRu-k3oJc6EOfxufpHbYM2KgGDirD6nC_abqxcPsTE9UYSnvMqMHKR9yPgf3wwrMXPTwtIrz1GADFWEwjsFF-xE3WDhvgE680uWTtXuyU6iv03DmMuY5KHWPXFz1WzDRWOU76KiI5DdCO6peWfiPJO5XcPmUAVzGbVD88TTEMyANP4POAEeYc2FDUvPO97s86oH4qMni2ly3snEt5qVJKcxtyj6MpxRhkTtALFaBPDgjDCfMRBQPjQNf54zqNvoxSa2OhA1whENLOayRyezM1eBGYHhmb9dJExZUN-zPPQQ1v5iCzT90Wwn1s6b8bqVPNa3Ij_ddVTmVPZruMNuvNUDVILW2_Kgg-putvL2ue5AcLpLmK3RhJfJ05OeIDs8k2wDGx9U40ltY4jGIxcGejFGklrfo3GlIaKG53vO48C_KAChT1fYB3AvFPtmVRdxOpWJoKmWdwoui4VTYm8sHhFW1P5MboTYUWvDMxJcT7on5ioEOmN_-xUYHjlg-tAeSAG3HgGSky0nDL6FoC8PQKl9_DvnyY_OeJho30goLLbiEQzirrUh9ygknUiJ_Sws7HCKEZz8s5qY0A156Rbqig22YFANMaSVvWey24UX6Eg8u_FMt-0-4X1K3XM8mFgI7K-Jkrq9BtUFKxcQJn80mIlNnC_JS40xr8MuVTsgMEd1R_YLrvS9B3UvIJM2CsTRkYs2BdM5HArQSOaVMgKR9cDeQkJ-wDmDfIwpy-5kmpQzMzdg_TjH_Ezt3PUSLgjwAd6Q65qk7JWf7lqUc4ODoisbgHn5ZXNNkiKn_1uhS6tKEfKtjwhVG4rQ-v2CGCaJ4YGl8-imHSdUAnl7hea9pvuUSqPeLmWvQavpiOlCTvkgUc4qjS7Lk4eas__oZKQDCJROeHTTxr8kJ9omyFewwATRXD18WPznVobWn2pxbQEpnEISn5To0k0ndmrDCaLmGmCozdQyWu_Tsfe5p8akoRkXRpuSfmAMJHUwJZqqPWGQ0I8dvyUrjwDoym82WqAchWtaEvmAOfeInM_W8gPLrWDLPxRWgAl5JbCdo-orrr_Yb4MW-RSnI8PcgG0HwbjNNNineIaodjfIf8m2Yxnw94e-vnY76g758T2ErLTXQ2fy4U57w3gt6TuPNp3LSyf4nXDyYrLy7dnwwOY_s07RkRBWjqzuFVoNXY-rL_H-jOP-sO2OyddmL601ksvPSo1pDZJkJ3bOwfdbRj19nflLt9TgM40NBtT3jzlJqvZJwu4Qk87PkXlUuOCjdJKF11Z-WWMtZeLi8W0IFywDY0U_aqJNWk9Ir5pDmQWbMsNTxNHAYBRVbiHbNrrTkBaIBQ43owkxANO-UjQLF4l-GP0nv3scyGp-ple_akd1Da4wHvppuhTJv4naY743fct2LBB1xTYIj2XOU8Yog-qf3Olx4K70ddxBJ1wpER0Cr7WFZ3yZjR9Pdx9t148lmrqNnIDRaAhF1lntEZqCGMS3KFXMmWpfIgmflNDJL0_uts_p11nJ4xjG2zTe6coC5UhzSuHov7WloLeLUNZHhVAWrMB8kM21Cex9p4VvbBflXwyelPD2aWxIErt3B0XfN77AFZEeyCIEdQW1PlbEOLBvM00g-CzL2o5Pyxn380h_q4WbgxLKImlVC4B0XaiO08TCvqLSUaNutsvXnW8SREjESPqSRhdI3FMirIes-4V6F4z6n7T3wwq5jeH6HuM-2LhOCrEpqMKH60bGV5qd8UwJXPenNidEFy5xQhKAoMYNA6vup-EGgvFhedI163ZLXTe36SWqLQvHiwJMTSY9rAA-cgBZ2PNWxoohgq7_iywRT4iT9YIABPmCy5VQaxwegda61HfM30FDAnMkuo5fAqoDkoAC7oYUD6CbARoArZwPWLGh9-7HFZvSnxc5UQ4BTLcdNh9Cmf39tweCXoEx9gZ0UR-B1ADMVOC7_tzrrcqr0dkPWHQg5Lae64Aai3GtdcBkia_IW0OSzCwFfXNvfZ8N6nlOoh2M36N1okXWLMLa-F-comFneAuRxOmGVnP1PlpniRCT-9QXvReHZ8b7jqTUkb06c7teq14Al_0VeBnJfVtcj90_0A6TexjQkBFfd3dJh6hsaH0adfx8zgCuDVb9SweGEmJkWKuqCoL66H1wWxWElLxEGCgO_AEBKJUmw6M3vMJk6yJPDF_j1afSYhFQer6xFTLsAriCAnqL_VqDcE56msv5cxbOa26FGXjoP-rvrH-_Vkt_dpYA7m3JK6EUpf72d7232U0c4WKuHCg_szS8tiY3wSV-mbq2OpOhVo7f8KzXEysX8-x7bfBML0dexvvpDznWqlVh2uN7E3RQ31N0GiXRq4Bxcz3AiUpHwQPdiwdsCYMxzNZC1Hoceam8-lVa8smKjAPUW7p7DvlSzkLUMXffpEdhDkEQJugvOoxnfS3cwdpsaKViIipfc1fFjSzrVfU0GgbBBfDN11cM8Zs0m2NKSAQEeXGrbkekiyPIXjJhq3ijoynykKiHTuBkR6I_NbS8Kx2h4tP3pDyV3oGqBE4TIb_YLrtp8x7B19PFxL6mRI-df5JdidvfZOLxgxdQPtOtQBToBlYjRIpFMGLFriwLrHfiADJw19UA_Gw7qJj02_c2ydT6cRGYzI7OaUFHookpta7FMxSmPNJky0HpqhlPN0hAEjGWr8snoEbdT1sPoBmG52U_J44NS_Y0iXRapTxV6qBZuUOnjruqMMC25_NceXokE8utvu_oNPkd8o_DCEYVmGVqfHbnv4xtOom6io9gYpdCilpuKf3UJuBi47U_e_HkLn3HvFzevEUbFUZSr0ongK3-qaxCZj8ZXyO_m1wj-0XYRAGoDO6BIuixoRcZ2QZAmqMgSGTg0uRSnLWwKMabCIBAN9C2yZyvUEHOwMVTq4KsyDjuedRD_ryb2kcm28Ssx_t7nykzB33yixOLjw7K3pv0dDz2Loi2WHDkndQ&cid=CAQSKQDICaaNndiYTtc1Wc7_A2x9-p025UXLInf8htd5rmywCX9hNzEm_3AqGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

148478b2d7d76b00d0fea50910a83e08f139c33204eab28b38656035a7275667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16987
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C195 1 KB
682 B 2ms
2ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 58267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 06:02:14 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 06:02:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF10 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff40af55b2552a174217616527860ee0d95589dbb147d1ed03da5f88c50cf66

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C195
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1Dv...

43 B
416 B

180ms
173ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8110c58f1986a7fc-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1738
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAq7V251MFJ0tqicwJE82yc&google_cver=1&google_push=AXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSSZJtn0qpNO1mnyDoDepWNow8_Ln1rPCdj2HEglyFOpcwW9XFMOumS3r-luVMK7Msu8YrfgcbeGSVpdmA8VODsxbsM1DvQ0WKAJmoQ3w3-DUZn4EgLusbVwwfJ1mAb13MbDOxrR_hi6fCqjT1L5g1_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8110c58df8aba7fc-SYD
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C195
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMbppIVwpXxl2S1koRPmg6g&google_cver=1&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6T5-J89Uw7UWNPYh...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=103F3C1622A44E809758EBE292FBB08D&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6...

170 B
188 B

96ms
96ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=103F3C1622A44E809758EBE292FBB08D&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6T5-J89Uw7UWNPYhw9srZ2cqgEBjmAcgUYgW6y3J_wrvh6sIWknVD9K_QeCQ4uhzqG5h0Njg

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:13:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=103F3C1622A44E809758EBE292FBB08D&google_push=AXcoOmTALfGJucnjfydWqrYUK2EISBugbiUmsvlQj7pD55E0ANl8mlzzv07XLiuSEwfC-Q9WBar_j1b7JvJF7V6T5-J89Uw7UWNPYhw9srZ2cqgEBjmAcgUYgW6y3J_wrvh6sIWknVD9K_QeCQ4uhzqG5h0Njg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 03 Oct 2023 22:13:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C195
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEK7XGx4fLJv8Sz3HpB0m7ZQ&google_cver=1&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8hyZ3-c3v3jvO97s2AXVRDylABzj6gCTlYshllZ...

170 B
188 B

98ms
98ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8hyZ3-c3v3jvO97s2AXVRDylABzj6gCTlYshllZgsyu7JjVa7QhdLQQiBxr1fjg

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTltsLN1T4R9PGlPP-XLFGqrm1GXLwvX-Rf18IKAvUs-km_r21zDUu7v16HXUHOxCpOTWf2M_klNE6Li2Z3_DHlJn-8hyZ3-c3v3jvO97s2AXVRDylABzj6gCTlYshllZgsyu7JjVa7QhdLQQiBxr1fjg
Date: Wed, 04 Oct 2023 22:13:22 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C195 43 B
235 B 170ms
169ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEILvreqEEgH7DdkKZZ1YhDE&google_cver=1&google_push=AXcoOmTLStSdRdbzMeAXs1g3JbGX2hF4MVLUamg8h-semXcgR_s1kXcJTfkVLZKpELBTl071UXnpD3ioTekEiSHWMB5ywlCRbcQ10-s3atUJEmHDq7fzLlr36Dn7vtyPYbah4AZJXOLAYoE_Gs9QF1t4vxITzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:13:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C195
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGkZLGTohN5TTTO5O3Jj6tg&google_cver=1&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29H...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29HerdGTGnvcS-0nt_yBRbsHa1NFjW2uqyAP_9e4r...

170 B
188 B

98ms
97ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29HerdGTGnvcS-0nt_yBRbsHa1NFjW2uqyAP_9e4rS6HFA6njBTljFjglfLT4prN&google_hm=eS1vdVQwTXRGRTJwSGNJMGh2d1hSY000aWRObktDSFNqZH5B

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:13:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmZfRVRRmN3HjHc9wmdlrHbvXNmMs9uni1fHA9girQmNN1xRV1RPOhBSSqCbl1QYjqbUzRajN8IIZghsq15srm29HerdGTGnvcS-0nt_yBRbsHa1NFjW2uqyAP_9e4rS6HFA6njBTljFjglfLT4prN&google_hm=eS1vdVQwTXRGRTJwSGNJMGh2d1hSY000aWRObktDSFNqZH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C195
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPv52L_sZdpGRraO5_lQfKQ&google_cver=1&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl6634T...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl663...

170 B
188 B

100ms
99ms

Image
image/png

142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl6634TCsA722-sB7yEwZKvKMG5GWMal2lpobiX2ePRwP25cCnnUOyQZP-SFsdNcHkysU55g-NGg3Mx26R9

Protocol

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIwNjU3MDI1NDIxNzQ3NjY5Nw&google_push=AXcoOmSVdTF08wCqNGvtkxYYhjkRfigCq4aGyMhp62FsKrQJVd7eauF6ZcoJUMqFfFBihrMfZsl6634TCsA722-sB7yEwZKvKMG5GWMal2lpobiX2ePRwP25cCnnUOyQZP-SFsdNcHkysU55g-NGg3Mx26R9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C195 0
12 B 95ms
95ms Image
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHBQZ944hSO063EvwtlwDhyuvOKd9dCVqmEv7Aq3wOCtE7XbVhB6gr_wyIX_RfDg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF10 0
0 103ms
101ms Fetch
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcoqIgOMdZdzwDdOrmgenr7X4BdPowfdy9KGEnPoQnNj8-IgkEAEguZ3JD2ClgICAkAGgAan_5cYByAEFqAMBqgTaAU_QgR3lupJey80LEeITde_gfm-HynFXu5uwyv_0YgXDqHfW_DKtcusYWF_qMxDzXXfabNcQyf_5Xs2sNRr2-GmWxw_dGrReEPMvmdWm4AD9WHyXhyyupkjCnE5BQ8Xgn1Y4yon6inFrPbXETtcmKgiliplXSRRJra0ymL_X1byWWeFPvUoRpLsLJp3tRGFWXxj7GFW0Ec_36C3-71BZxJ63oc_eb5eruraWW7ssK0RdsrPc5wKbhY4uL1TA4ZFHFy-wYAwMgeLtI0FPxzRknqVGenZkDveimWPGwASLn8eBmgTgBAOIBZm636hIkgUGCAMQARgBkgUGCBsQAxgBkgUKCCIQAhgBSJisfJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCxDN2YMBGJy7ieUB0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHaDBAKChCAtObUs-7p-CISAgEDsBPO1PEUyBP97NLhA9gTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi01NTYxNzYzNTgxMzE0NDQ0GAA&sigh=6gFJ9GEEFsM&uach_m=[UACH]&ase=2&nis=4&cid=CAQSKQDICaaNndiYTtc1Wc7_A2x9-p025UXLInf8htd5rmywCX9hNzEm_3AqGAE&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5561763581314444&output=html&h=280&adk=899877383&adf=3238135893&pi=t.aa~a.102710275~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1696428800&rafmt=1&to=qs&pwprc=8670500221&format=350x280&url=https%3A%2F%2Ft.ly%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696457599732&bpp=1&bdt=3203&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0712abe9c5c5826%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA&gpic=UID%3D00000c581ba3ee15%3AT%3D1696457598%3ART%3D1696457598%3AS%3DALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ&prev_fmts=0x0%2C1110x280&nras=2&correlator=8675450739248&rume=1&frm=20&pv=1&ga_vid=852950833.1696457598&ga_sid=1696457598&ga_hid=340855263&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532403%2C31061691%2C31061692&oid=2&psts=AOrYGskicKQtZvC-meVgPTeX-uUwmllFe7bTxes3LKVxYGlsEd4nzLxNY0rCwWbTOlb9FKN7vgScvuMCVsc5ZksUqMJ4rg&pvsid=2543317231924093&tmod=1993129102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aKcUwr1d5d&p=https%3A//t.ly&dtd=428
Attribution-Reporting-Eligible: event-source
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 22:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CF10 61 KB
23 KB 4ms
3ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2c0a8f02e8ef795aecc87e8e323c15fdf29287d20501d6ea0cf1dc53e2d2ea9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3589
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23347
x-xss-protection: 0
server: cafe
etag: 5707400221330747696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CF10 0
54 B 96ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lncb1z57&chm=1&ctx=2&gqid=gOMdZZqNDd_HmsMPw6mJqA8&qqid=CNywjYW13YEDFdOV5godp1cNXw&met.4=fb.rw~lb.160~cmrload.16h~ol.19u~bdt.-2sw~bpp.-bw~dtd.-1~dt.-bx&met.3=492.15x_1~113.1aj_4~112.1ai_5&met.1=1.lncb1xup~6.1~7.1~8.1~9.1~10.1~12.2~13.qt~14.rb~15.r1~16.163~17.163~18.163~19.19r~20.19r~21.19v&met.7=CAUQCBgBMNYHOPIMaAJwxAd4tOsBgAGI6QGIAajPBbABAbgBAw~CAkQChgBIOcHKOcHMOwHOAZo6Adw6wd460mAAb9HiAH9twGwAQG4AQM~CBIQBxgBIOcHKOcHMM8IOGho6QdwzAh4_geAAdIFiAGsQqoBGAoWUm9ib3RvOjcwMCw1MDAsNDAwLDMwMLABAbgBAw~CDoQBxgBIOcHKOcHMIgLOKEDQOkHSO4HUO4HWIELYJ0KaIMLcIYLeJQZgAHoFogByHiwAQG4AQM~CDoQChgBIOcHKOcHMJULOK4DaIMLcIgLeKSJCIAB-IYIiAHQmxewAQG4AQM~CBwQChgBIOgHKOgHMO0HOAZo6Qdw7Ad4v0OAAZNBiAHTnQGwAQG4AQM~CBsQBhgBIOgHKOgHMPUIOI0B~CBsQARgBINMLKNMLMLIMOF8~CBwQBhgBINwLKNwLMO4MOJEBaN0LcOoMeKwCsAEBuAED~CBsQARgBIN8LKN8LML4MOGA~CBwQBRgBIOcLKOcLMOoLOANo6Atw6Qt4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIPQMKPQMMPsMOAdo9Qxw-Ax437gBgAGztgGIAfnpA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CF10 0
45 B 95ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lncb1z0g&c=2950690074998&slotId=1475345037499&qqid=CNywjYW13YEDFdOV5godp1cNXw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame CF10 41 KB
15 KB 2ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 18:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 18:29:03 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CF10
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

371ms
3ms

Fetch
video/mp4

173.194.28.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A2E9DAFF44BB28250903BC7CF265401915F5531.1C4BB362B179816C8AA28FD669E906AC77769488/key/cms1/cms_redirect/yes/mh/6b/mip/66.203.112.163/mm/42/mn/sn-ntqe6n76/ms/onc/mt/1696457341/mv/m/mvi/4/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

173.194.28.9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s05-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:13:22 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4316444
Last-Modified: Thu, 02 Jun 2022 12:28:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 04 Oct 2023 22:13:22 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:13:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A2E9DAFF44BB28250903BC7CF265401915F5531.1C4BB362B179816C8AA28FD669E906AC77769488/key/cms1/cms_redirect/yes/mh/6b/mip/66.203.112.163/mm/42/mn/sn-ntqe6n76/ms/onc/mt/1696457341/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4369 23 KB
8 KB 2ms
2ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 154304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 03:21:38 GMT
expires: Wed, 02 Oct 2024 03:21:38 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4369 37 KB
14 KB 2ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:07:11 GMT

GET
H2 200 w2img_1_1_1_background_frame_1-3326317b-a199-45b5-95c7-291a8231c606.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 143 KB
143 KB 3ms
3ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_1_background_frame_1-3326317b-a199-45b5-95c7-291a8231c606.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

b4024d41ef74cb991281b3daa5cbe1dc84b65cb1b6b34f873658ce83d8da71ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146227
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2exm_page_1_1_2_propertyName_1-729f46a9-2177-4a2f-95b7-a75b10f22edf.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 3 KB
3 KB 7ms
7ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_2_propertyName_1-729f46a9-2177-4a2f-95b7-a75b10f22edf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

08a82b3fec078e2a60ae3d845ab4914c98be2a0d5774777c330e37958b6874be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2593
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2img_1_1_2_background_frame_2-8ab1d99d-5218-4100-8ca3-03f09bda202b.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 100 KB
100 KB 6ms
3ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_2_background_frame_2-8ab1d99d-5218-4100-8ca3-03f09bda202b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

028858fccd07bd37e8c54ec2a5fe177c7cc04fefa904248e185291ec4278357e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102317
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2exm_page_1_1_3_propertyName_2-5f58f4f0-c179-4135-9e70-41794c22bfa0.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 3 KB
3 KB 10ms
8ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_3_propertyName_2-5f58f4f0-c179-4135-9e70-41794c22bfa0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

103b381a26289c435a8563c67534fe312e9d0135280f6facc67f201a24c69a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3068
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2img_1_1_3_background_frame_3-f27d9af0-f710-4126-82bc-dcacf1827000.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 76 KB
76 KB 9ms
6ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_3_background_frame_3-f27d9af0-f710-4126-82bc-dcacf1827000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

1bdc24f7e998a3e9dfe529050f363cc146ae9c744973406b22ce407ff50373b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77481
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2exm_page_1_1_4_propertyName_3-f231d6ea-56a7-4e04-85c2-172c109d6306.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 3 KB
4 KB 8ms
6ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_4_propertyName_3-f231d6ea-56a7-4e04-85c2-172c109d6306.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

3a3887aa62f7f1cbc9b675bc7cb09deb3d80ca7d80cfbeda9d2235bdc3ac5c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3534
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2flsimg_1_1_1_logo-8280e829-2634-4fa1-abf8-b5d400870611.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 2 KB
2 KB 9ms
7ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2flsimg_1_1_1_logo-8280e829-2634-4fa1-abf8-b5d400870611.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

53b2564030707bccb5237ecac105a1758172972bf9abfcad686f6bf2413bedce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2197
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 w2exm_page_1_1_1_CTA-c3325dc1-b321-439f-a726-3863f2809fb5.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame F155 2 KB
2 KB 9ms
7ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_1_CTA-c3325dc1-b321-439f-a726-3863f2809fb5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

sffe /

Resource Hash

6d5c89c37de2253f017356ebcc1a0b3a7431fd5eada0deeaa6cbded7a7400183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 10:47:57 GMT
x-content-type-options: nosniff
age: 559525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1743
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:54:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 10:47:57 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFDC 0
0 143ms
143ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6NHnZt2tgcgZzFpHCT_nC2oAUxuTsu8ISFDE4_-wxPUV8dEPqfDjAnGGlq7L2Kf1SL1J3lTigfQl79CaXtswbEI9gxfBKSllSwuNMjf5UFV7v35-yx5QF0SMaOhsQb_qqyuSVODYkfW60CCq5exEoMQz6NHBMbaX8yrAOkUE77xy_AQnpB1pa-Dhg9QT87lNYizqS2twWe1wUuuE15m6BOafK_q-FfUDwinhp93lm0BtIuTh9nPCPeLkLSSuFNdTD5kuxWFfPbQR8NvUCm6rf3nEyqnAeu97DfYL795nfvZ_TP1zPYViO3XSBZbriket0INfKCZvD9vVgBij5vPQXUgsaAv8ea0DNavHPos1b9RnI9Jbi8rItEYzCuvE8VkTZNaZT3vt3OCEV0_auYVH_unUNqGROfM4hhXkafB8x-owDF7e36sd3XinOp_agRwJQ3dAq0RHT6OtW8Q5rMn10aK3pbflQqp-37YQn-tTcI87JiKGazcCv_-iP5cbG5_ZQJL5GaqWaIqI_TrcCwdJdkEdsJYAXncg6brXE7oXxEML-GYFSgLmwtuiBZJVSvNvtyl8UxeXSjUr0m3SKgtMkY_qwz_uGVLCVkz5Ukz8Yye-EqTlfsiCZT_fkxnUDEqEjajFW0W2pPpBvc4S3zupNyNJWaGCfCrvkm4XXp8tuXvMGq3LY-98eWOAuEJnagDChL6v_y8ScnzQTMvnfbn4uaa2Sykb-A-0oo9rrL2XNqgWpB4NqW690ishVGRn0kouSBUnrC086G7BzVwtmOTJ3Jfa37uOPHJuwdaIZvmdmXwYYglxFuE7Msc0zkI55_ov0BTBJrnIFJ7qHVbq6b-M08GjOR7KYhl1OD0cMjyevCn1CXp7VqGc3CwDngU7p61Rlz2Tmk-H0MFq00t1s4P0KGbybpAZN4oQ4yOJ4S1Oo3nY1z0FFOJAry2KdS4umQMjnTt185l6rv5hG0VNgqH3Jj0zHuisBkR6t1gPA-3bSBRg7rfu05gaLRo0979FRcRItFeFGwZsc6sBfpy5Uqi_P3HaNt_aUv_mjjofBFZ6RtJWiLQME-d5sogFgYVHRKQTKk481-QBj6jFNH9hcM9HQRPX9KouSQGc_Ni94ntLnxMVGa3WSSxOHG4WNIHEhqhoP5fvuxqqV18M6nktFdEKytNuQv-06Eh-xsjlIO8sPKzbz2id6eIjlm0suAiDXQJERaVxVqvlh0LxQ3Jk2mFAYh8DbZs7lwpNtg4l4ebb1ET6DSE-PXFPcB-_hqgV6zYASCmpt8mtwe_PABjGA5h1dCWE-mm6yGaQZn4uovKJoZJo&sai=AMfl-YQmPvCioukQERW7i6F7Zv8niNFAd2VOWyC7PsbFKjZ3VXxQOggCkS58mF6x1BOzQBeR05ETubjJPTBTVYhngaStqJmIKngIRjTgs0rYA5NtA_YRv5VIVRGFQ22iA0rK4l8NRn36HQ9ZqB5Zy6NbQ-b1qBSjPB8bSLlp1sI1fvkzMSMvtitMn7oqNeMbD7w8WclI8jAAYGaA3m0Fb3kYMLSV-CzkJ2lujBo4YA&sig=Cg0ArKJSzNr0ZGo7rNjcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1153&vt=11&dtpt=738&dett=3&cstd=412&cisv=r20231003.40426&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: t.ly
URL: https://t.ly/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame FFDC 61 KB
23 KB 2ms
1ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2c0a8f02e8ef795aecc87e8e323c15fdf29287d20501d6ea0cf1dc53e2d2ea9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3590
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23347
x-xss-protection: 0
server: cafe
etag: 5707400221330747696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:13:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FFDC 0
45 B 96ms
95ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lncb1zcj&chm=1&ctx=2&gqid=fuMdZcCmE5GcmsMPsZWWmAc&qqid=CM7GmYS13YEDFSUFtwAdvncN5Q&met.4=fb.6~lb.je~cmrload.ki~ol.1f7~bdt.-2v1~bpp.-299~idt.-1ke~dtd.-1iy~dt.-29h&met.3=733.ji~748.jv~742.ji_f~739.jx~374.kr~749.t8_d~736.tp~735.tq_2~738.1f7~113.1fq_1~113.1fr~112.1fp_1&met.1=1.lncb1xwu~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~22.k1~23.k1~1.lncb1xvi~6.1~7.1~8.1~9.1~10.1~12.1~13.3~14.3~15.z~16.1m~17.1m~18.1m~19.1gj~20.1gj~21.1gk&met.7=CAwQCBgBMAE4AQ~CCgQBRgBIAYoBjB0OG1oCXByeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAcoBzCLAziEA2gHcP4CeK_4AYABg_YBiAGNxwWwAQG4AQM~CB4QChgBIAcoBzAMOAVoCXAMeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAcoBzAMOAVoCXALeL9DgAGTQYgB050BsAEBuAED~CBsQBhgBIAcoBzCQATiJAQ~CE0QChgBIAcoBzCMAziEA2gJcNgBeJ7XA4AB8tQDiAHY2AuwAQG4AQM~CBwQBhgBIAgoCDCUATiMAWgJcJEBeNYCgAEqiAEqsAEBuAED~CBwQBhgBIAgoCDCRATiKAWgJcI4BeKwCsAEBuAED~CBwQARgBIKADKKADMPAEONABaKADcOwEeKwCsAEBuAED~CBwQARgBIKkDKKkDMPAEOMgBaKkDcO0EeKwCsAEBuAED~CCgQChgBILUDKLUDMJwFOOcBaLUDcIAFeOOsAoABt6oCiAGJ0QWwAQG4AQM~CCkQChgBIKYFKKYFML8IOJoDQKcFSK0FUK0FWLsIYNsHaLwIcL0IeKq5AoAB_rYCiAGx9QawAQG4AQM~CBwQChgBIKgFKKgFMK0FOAVoqQVwqwV4miOAAe4giAGAWLABAbgBAw~CAkQChgBILMFKLMFMLYFOARoswVwtQV4_lyAAdJaiAGO8QGwAQG4AQM~CCcQChgBILQFKLQFMLgFOARotQVwtwV4qG2AAfxqiAGKxQKwAQG4AQM~CBwQBRgBILgFKLgFML0FOAVougVwvAV4lgeAAeoEiAGWCbABAbgBAw~CCcQBRgBIOkFKOkFMO0FOARo6gVw7AV490OAActBiAHqsgGwAQG4AQM~CB8QBRgBIM4IKM4IMIsOOL0FUPwKWIgOYKoNaIgOcIoOeIUegAHZG4gB6G6wAQG4AQM~CCIQBBgBINAIKNAIMPAJOKABaNQIcOsJeKwCsAEBuAED~CBsQBiDQCDgi~CCgQChgBILgOKLgOMLoOOANouA5wug5437gBgAGztgGIAfnpA7ABAbgBAw~CAwQCBgBMAM44w5oAXACeKMlgAH3IogB60-gAdD__________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 763ms
113ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GS6bjKjfleuamfxysffpGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-GS6bjKjfleuamfxysffpGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4369 0
57 B 140ms
139ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQplEgeMdZb2nON3R3LUP_NW30AEAAAAAOAHgBAI&bg=!CAulC0TNAAYMG8UMLBs7ADQBe5WfOHKJjlBpcdMhzGouwGl0qUnnxuHfXsasvCDtINMC3zcofeXfm4tQmHRNs8GX4hn1AgAAAENSAAAABWgBB5kC1EZg6_grxKetvVfHBcPHRXsii4l-NCTXA0nZ1Rk2ddTmjmdGwinwXVlrJ4prVHzimp4hMGbOgwtfYpz-_tFGVy_S5vRg_REHwlm5WiElX36-6DQ6oMvJNU7Cnfmyn4B40sDtBWRaq1PNskSx9JFeH4xA6fG_d4wPP-VIcUdjUqgmhcfJdF88z6PiDkxhwUpAU9UPdwdu2_HzKKi1r5nlo7tgBtKis3lN4abj6JFPAzgCN21SmFi88eqsIFGEpbUMdjGEyr8lC-a-SrNsYyPLpX4GKWXf_2AlWlOyVuvFIOK7y79wErjRiXuxc1T4boXA3ns52gFgWLp-hdxkyawCQYCdc2hvFUgVQw9yxvF6TD6-3iLvj7LT9ck02UbvDWfXwZpU7CzCbZ2rjcBab1l6knj-jBaYDaNTqYMespYV_BnMC96Cm_eUmBCodx0dYPBQoTSOEVqkpZ4HOSlWqRF9yIY8A7fuklWrZMxfeYC_xBQMZt93OMZVJ-pFi5HZeAmYciLewN1KPhiSa_paRmX2zx2e1j_1lZC0wVbC8VGNy0E32mVXfK-VQK9fPzd7bRvw0fkEWqLJ8F0QBv5No72jyIAPnRKWvp7MnFc4TpAqRnbsOrFnzPW1pFsnril1wGl4IwzL8iuQuGDrihm6Bkcibkdb0hQAj2oRdWl6urCqRmVWW4ltyB6YzPier_4_ISLnN9sDkD0akKXkZwWPqIhoOl4j1hUDv70-eqRD9Vod2NGobIemPZWGL1VD8SpJaR-24QEK7HniIF2gU3BwMU1Mcb3aPuiIom556pC47bVwavoFhyGVQGnht-7wk3QXdLJnJbmplaxY1mYuGV0ewZlHaSfgipDqrtR_lBxtUqHVcJVaJBDu7k-Bf2IKX40lnK4udsLpHDwdafL2hejCptdAr0UDBRegGC4ube5QWZEWbrPTFgomU8k2jydbgU9MX6mcEuNLd3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFDC 42 B
108 B 107ms
106ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7FcbMl6re-zRIXd-HKiHTbgz2H_PEBtudO6MFFpyNgYYV5lOO4SI01_DZcodZlpf21D7TmYq3ouhVDWzFdc29edA261dYYW7pwFENrhrqHi3njTmbMw7WYdz_gn_LUAPaLq4kwsJL0Q&sai=AMfl-YRhnLw-5tpC8Zs7ESk3yh01iWMmoOL6Ee3f01inlNdh5b73WvdxDY1BkGd4ZnxctZYSjkUYZ3L6iLaFskp4WPRWBmHdLw-Okiw&sig=Cg0ArKJSzPtTpe1aa473EAE&cid=CAQSKQDICaaNzvJJfV33wVrDCPpdkIIig4tpU_isyeMY14cwNRZx3XQXdcmcGAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696457600238&rpt=1053&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YahooAd__adcall_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVtkOvCTFBjo7K-ix2pFzW1j5E7705M3zBiBLFjRzOIsIJ6g0zgOGAiWoD5GQu_Jl9sGbYZ5i5UTgtTtbaq1e9ZFdqx4IriiOfWa-Hv3nkoMIfQJ8Enbwc2JpWxRZC3BmSr9NDRVD_2zYy-dDt90Bk20cYyu... 54 B
298 B 108ms
106ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVtkOvCTFBjo7K-ix2pFzW1j5E7705M3zBiBLFjRzOIsIJ6g0zgOGAiWoD5GQu_Jl9sGbYZ5i5UTgtTtbaq1e9ZFdqx4IriiOfWa-Hv3nkoMIfQJ8Enbwc2JpWxRZC3BmSr9NDRVD_2zYy-dDt90Bk20cYyufhfOsdW6JaziVAKedaZz26NAiJKo880/_/sidead1./adsfinal./adsterra./YahooAd__adcall_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.jfsvJHsxvOQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxyxSaP9kruUmxK6MKb1ceW4XglWQ/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

a50252ac33e5615e28ab718c6194e7ae4be7576ccdbc034096adc0988f164117

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-adGmlZ6VBr4KwR3AF-IzAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-adGmlZ6VBr4KwR3AF-IzAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 4ms
3ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

0557fe210d8ce635ca309c1972a99149c04ec30c9666cafce0445113d5ba617e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30362
x-xss-protection: 0
server: cafe
etag: 11395571080521075679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 23:02:18 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
199 B 415ms
113ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jdblVkijFZxcIYlic8b3jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-jdblVkijFZxcIYlic8b3jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 411ms
110ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_5oRJvnL0AZ-WNiVSWz6wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-_5oRJvnL0AZ-WNiVSWz6wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
201 B 111ms
109ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TjECX6XCXMcdCs1AK3VTbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-TjECX6XCXMcdCs1AK3VTbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 111ms
110ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-znrQgW7TQzJngONpRq916Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-znrQgW7TQzJngONpRq916Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t.ly
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVpdQDvE_jYaiqxdxCyILMUlcaa9a3vK9vRCZU0fhaVCgaVbZ6MlxxHnSCvZWDMufWBVqizLjg3GmC_mkhTQKewcDu1JEmN-3wsAxv4TJm409xrNeDoQ2K3Mml9TrgXjBAsiQP1MA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 228ms
228ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVpdQDvE_jYaiqxdxCyILMUlcaa9a3vK9vRCZU0fhaVCgaVbZ6MlxxHnSCvZWDMufWBVqizLjg3GmC_mkhTQKewcDu1JEmN-3wsAxv4TJm409xrNeDoQ2K3Mml9TrgXjBAsiQP1MA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDU3NjAyLDg0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90Lmx5LyIsbnVsbCxbWzgsImpmc3ZKSHN4dk9RIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

08762f5c92eb9ed6acdf21372b2070c86458bd3393ebaf0b3174244843f8e76d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UbqWF18uneYqRECpML11nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://t.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:13:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-UbqWF18uneYqRECpML11nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content file.mp4
r4---sn-ntqe6n76.c.2mdn.net/videoplayback/id/9c75e960776466d6/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798620929/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CF10 1 MB
0 308ms
5ms Media
video/mp4 173.194.28.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.28.9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s05-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 04 Oct 2023 22:13:23 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-4316443/4316444
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4316444
Last-Modified: Thu, 02 Jun 2022 12:28:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Wed, 04 Oct 2023 22:13:23 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CF10 0
54 B 96ms
96ms Ping
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lncb1za3&c=2950690074998&slotId=1475345037499&qqid=CNywjYW13YEDFdOV5godp1cNXw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1981&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ff&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWxNFNOta49Tko-blIzwpPUVJ-rvHKDjBbMXEpb0R-Vx7cMJ5uO6pn5lpVUnPRRzqxXe4RUPiVZNazh12fJ4RaNjrb0qoE0CgZRHJaGldJlG34mQL4MOiG6d85QFHAhvMvuVx5o8Q== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 112ms
110ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWxNFNOta49Tko-blIzwpPUVJ-rvHKDjBbMXEpb0R-Vx7cMJ5uO6pn5lpVUnPRRzqxXe4RUPiVZNazh12fJ4RaNjrb0qoE0CgZRHJaGldJlG34mQL4MOiG6d85QFHAhvMvuVx5o8Q==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5X5xbYDB-RDBNtIjN3H7gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5X5xbYDB-RDBNtIjN3H7gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t.ly
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 111ms
111ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz6k7O_o2Or7KB7ooYomMmlnDTe0cDOnMEftJ5q_k36vNxqbNeHCr613tLkXHXC288to6Uh6dyt91nfi9dcLNARnHaMoYOR8jdvsthLDaFuYgM2_P30uuW1_NvmKdYOaEH55nLnw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iZugDuf0NDLJI7ONPDUvGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Oct 2023 22:13:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iZugDuf0NDLJI7ONPDUvGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t.ly
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDC 0
59 B 138ms
137ms Ping
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7285602215453&version=m202309260101&ct=76&x=1&cor=10521069414191036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 98ms
98ms Ping
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W1D48QS4F7&gtm=45je3a20&_p=340855263&cid=852950833.1696457598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1696457597&sct=1&seg=0&dl=https%3A%2F%2Ft.ly%2F&dt=T.LY%3A%20World%27s%20Shortest%20URL%20Shortener&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1D48QS4F7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://t.ly/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t.ly
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 19:33:29	Name: _GRECAPTCHA Value: 09ABIyMg6AHKw2laqv8nyknKdNnk7n9IW3Pqohs8poyvnSoi_uxlTDxKDeYC2SgTfnLAlzK0b76fUvV4wA0gVSelY
twtr.to/	1970-01-20 15:34:27	Name: XSRF-TOKEN Value: eyJpdiI6Im1VQyt0NkVLeGFQeXJ1MUowZjlvaHc9PSIsInZhbHVlIjoiODhsVi91SzZ6Yzc2UkpXSXYvZnpMTTZLVjBIRi96K0ZraHljTFRNQmhzQXBjckV2ZWRqbVJiSnVuZHBnWmhYUWluNXRIQ01CeFFXWGpUczNOTHhNOTBHSzdzVW9iR25ZQW13aHU0bi8vbE94dTRMUnFVZEZESkhhLy9BZzZTQkMiLCJtYWMiOiI5YWYzZDQ5MmUxMmVhOTQxOTYwYjhlNzUwZmY4ZjcxNmFiOWM5OWRkYjAyNzg4OWI5NGI0MjE1Y2VjYjI5NzA5IiwidGFnIjoiIn0%3D
twtr.to/	1970-01-20 15:34:27	Name: tly_session Value: eyJpdiI6IlBKdll5UjN0NCt1OFF1YzIxSllST3c9PSIsInZhbHVlIjoiL0FqS1NGNUNhS2hnRmYyY2gxOUtnS1FnekhvcUw4eWJPNFptUFBST0htTVFzWEJidElCcWVqWDhsTmJzTEJseUwxeUVIbDRaNFF3K1pxeW9EVlV0VWJTYzFmK3lKL2I0SXVmZVB1dVNhajZwN3NaanV5UDY1d29MV0V1K0Q3aTciLCJtYWMiOiI4MzFkNTZiMDcyMmNjY2M3MTg5ZjFkMTFmMjk4MjViZWEzZmUyMmE2ZWE5NWQxYTA4Y2UyOWY0OGU3ODkwNmVlIiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 15:34:27	Name: XSRF-TOKEN Value: eyJpdiI6ImhoaEpMLzVod1JmR1c4MjdyUzlZakE9PSIsInZhbHVlIjoiTHFiZnc4UTQxQ1NHazBPTjdqYXA1VUFpc3VUWkRFYXRSeVc5aExCUGRzT1ZZVXZPRFhUQzNHbWJhanZ0TXRUd0k3QUFJeFk2VWdVYWtiaHV4NzdGUHcxdDk4VUw1aWF3UlNTLzN3VnRKQTJqR0sydkZxQUhQQUVoY3QrREJTU3MiLCJtYWMiOiI5OGNkNDIxZmU5MzU1OTcyMmVkZDAyYWZmNjdmN2JlYjU1YzdlMjYzYzIwYTc4ZmM0NWY2YWI4ZjM2NGM1NTdlIiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 15:34:27	Name: tly_session Value: eyJpdiI6InVpRW9TQ3BiWFo1eVZTZFlORnV2YkE9PSIsInZhbHVlIjoiTlVCc2dkTkFXQXlFTjZnZmtQb3hpazI1TnhBNGtYdXQ4d0NRSEdYdFZqSTUySHFBZi91Z3doWnl3WGJ5alFnQXNoQ1lNVWhna3ZkaVlURnA4QmduUnVYOEYxU3pBcWViSDVKdXd1YSswNTNZYTJtOXU5K1ltRFEvdjB5Vy9lRGUiLCJtYWMiOiI4YTI4OWIwZjUzN2FmNmQ3NTI0NjI1ODAwZGRjMmNjMzA2MTU0Y2EyYTIwYmNiYjQ4OTFhYmNhYTc5ZTMxYTEwIiwidGFnIjoiIn0%3D
.t.ly/	1970-01-20 23:59:53	Name: cf_clearance Value: JYZ0XNhn1h7rz41SoFiGpM4wQu26SKxcU0Y43wptVw8-1696457597-0-1-90cd4911.ca52d9f9.c7cc16f1-0.2.1696457597
.t.ly/	1970-01-20 17:23:53	Name: _gcl_au Value: 1.1.268297515.1696457597
.t.ly/	1970-01-21 00:50:17	Name: _ga Value: GA1.2.852950833.1696457598
.t.ly/	1970-01-20 15:15:43	Name: _gid Value: GA1.2.1765591746.1696457598
.t.ly/	1970-01-20 15:14:17	Name: _gat_gtag_UA_89207177_8 Value: 1
.t.ly/	1970-01-21 00:35:53	Name: __gads Value: ID=f0712abe9c5c5826:T=1696457598:RT=1696457598:S=ALNI_MYqMG6kCjTBBmure4yLrWOx0u6YnA
.t.ly/	1970-01-21 00:35:53	Name: __gpi Value: UID=00000c581ba3ee15:T=1696457598:RT=1696457598:S=ALNI_MaNhyqs-Q3K6XlHYwkh4nNXyM_xnQ
.adsrvr.org/	1970-01-21 00:01:19	Name: TDID Value: fb695aa3-a4ae-4fbc-9b8b-703b4c8b463a
.doubleclick.net/	1970-01-21 00:50:17	Name: IDE Value: AHWqTUm6xq_ud9WsvrfqJ_IBQtpxogy_1M4K1X4ZZpCoYzftq6Isr4puYfhnJBYyUTw
.adsrvr.org/	1970-01-21 00:01:19	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI1pKR3aTMojwQBRgFIAEoAjILCKaBlYq7zKI8EAU4AQ..
.ctnsnet.com/	1970-01-20 23:59:53	Name: cid_5e74da2279034f0880e212b35ccdad9a Value: 1
.ctnsnet.com/	1970-01-20 23:59:53	Name: gid_CAESEKy9r-fZtjfyhit0k0gReSQ Value: 1
.doubleclick.net/	1970-01-20 15:14:21	Name: DSID Value: NO_DATA
.send.microad.jp/	1970-01-20 17:23:53	Name: TR Value: 45d05243a4c0b84678ef7be56bf0ddc9abb5a740c588689a
.adform.net/	1970-01-20 15:58:56	Name: C Value: 1
.adform.net/	1970-01-20 16:40:41	Name: uid Value: 3206570254217476697
.adkernel.com/	1970-01-20 15:57:29	Name: ADKUID Value: A8602460848235692390
.casalemedia.com/	1970-01-20 17:23:53	Name: CMPS Value: 4729
.blismedia.com/	1970-01-20 23:59:57	Name: b Value: 651DE380991F23F3B322A858BLIS
.casalemedia.com/	1970-01-20 23:59:53	Name: CMID Value: ZR3jgD8SR7KOsrUHxJY63wAA
.casalemedia.com/	1970-01-20 17:23:53	Name: CMPRO Value: 4729
.yahoo.co.jp/	1970-01-21 00:01:20	Name: XA Value: fjlt1d1ihros0&sd=A&t=1696457600&u=1696457600&v=1
.yahoo.co.jp/	1970-01-21 00:50:17	Name: XB Value: 0gp7t5dihros0&b=3&s=jv
.e-volution.ai/	1970-01-20 15:34:27	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 15:57:29	Name: ADKUID Value: A8602460848235692390
.doubleclick.net/	1970-01-20 19:33:29	Name: APC Value: AfxxVi7-_7bu-2C8R0iGKtQd4ZkGqQAfAaxtc6Sh61t9xRYjpCY5yw
.turn.com/	1970-01-20 19:33:29	Name: uid Value: 7418771581230031510
.adnxs.com/	1970-01-20 17:23:53	Name: uuid2 Value: 4527818763152054414
.reemo-ad.jp/	1970-01-21 00:50:17	Name: deviceIdentifier Value: ItYHOhDvwnYWNRDlxhdqjwOCvWraRnji
.reemo-ad.jp/	1970-01-20 15:35:53	Name: sync_gadx Value: 1
.ladsp.com/	1970-01-20 15:14:21	Name: cr Value: 1
fksnk.com/	1970-01-20 15:24:22	Name: AWSALBCORS Value: JGnCDTtj5v05Y0ni20GFODfMoeg9Ob3rGPxjfYeTxccO9kvzRXQaO0vl9SiR615yJwdvYUKFNMcHgijSwCqfy3QaAGBs9AmTkuKMioFTNaZG/p//RGev6aWW+s/V
.fksnk.com/	1970-01-20 17:23:53	Name: f_001 Value: 1864A142EC14A710
.fksnk.com/	1970-01-20 15:15:44	Name: g_001 Value: 1
.adnxs.com/	1970-01-20 17:23:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb[uaqDy!1yIE`fS1ueD1W-044)d+]NEAC@6L^BK^T2-_!`<T5iUwqNnLp1J@B?v`/7kP(hw9P-HC_#tuuz*7qQi
.demdex.net/	1970-01-20 19:33:29	Name: demdex Value: 36404909786879275533760505987905639301
.ihg.demdex.net/	1970-01-20 19:33:29	Name: ihg Value: 36404909786879275533760505987905639301
.ladsp.com/	1970-01-21 00:50:17	Name: smn_uid Value: ifvjKBgvxpQmEaNFTOXSUg-z98pyfoo
.ladsp.com/	1970-01-21 00:50:17	Name: lum Value: CJHjguavMRIFCAEQqAE
.uncn.jp/	1970-01-20 23:59:53	Name: t Value: v_c316f16a-101f-447f-bbc4-8f7e163038d5
.mediago.io/	1970-01-20 23:59:53	Name: __mguid_ Value: 5bead3a079adf160130yzu00lncb1yu0
.t.ly/	1970-01-21 00:50:17	Name: _ga_W1D48QS4F7 Value: GS1.1.1696457597.1.0.1696457601.0.0.0
.yandex.ru/	1970-01-21 00:50:17	Name: yuidss Value: 9610232031696457601
.yandex.ru/	1970-01-21 00:50:17	Name: yandexuid Value: 9610232031696457601
.adx.opera.com/	1970-01-20 23:59:53	Name: UID Value: OPUd2bd56c06f494b159b206ca28ce022e8
.zemanta.com/	1970-01-20 23:59:53	Name: zuid Value: kq1U57QcO8H3poUp6V3R
.simpli.fi/	1970-01-21 00:01:20	Name: suid Value: 103F3C1622A44E809758EBE292FBB08D
.yahoo.com/	1970-01-21 00:00:15	Name: A3 Value: d=AQABBILjHWUCELANFXSPjLRbQX8bpQR7e6wFEgEBAQE1H2UnZQAAAAAA_eMAAA&S=AQAAAnwitJA4-wXtw6-jX7buuQc
.tribalfusion.com/	1970-01-20 17:23:53	Name: ANON_ID Value: aNntuJyg6AbrA7u8PVN829SGo87L3cq4uvh9ZaW4Zb71OpnZdIHc20Gv12ZcPHlhkdlcjgDa2buqdS3Vd1oTdam5ULtw
.t.ly/	1970-01-20 23:59:53	Name: FCNEC Value: %5B%5B%22AKsRol_1ledeh7apLDsd6jz3Pf1R2uZDgPWqN2TjdP1kLl8C23_7y4-2AWDwGw93cNHpSnmSFtBYvG5Lh9ZQ6dOQqk4cHWGDWN8qy3_IiQVjPrcHC0toPGTk9SKL6sPi9KEXmrxR7j4Zs19AT_dL1yPVUQ0VmQVZiQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESELfVrXPLhqy5Y7A9AVti9Pc&google_cver=1&google_push=AXcoOmRWCRQm1gvZ6p3EMaAAUc-f7ll-1h4Fe2e-IRXwVTwzS_nM6nLhucp7NbBanCgRbbmhdIilO_ucNG2p6-Dv5SUy5DpkA6WjEUAksDtbBgAr-7iL-3lmSzTc3xlqtZU-4Yz-eBvCP29NOjQK Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEC6exBSdH76C40sUgXr7Wns&google_cver=1&google_push=AXcoOmRR-zucFin6fVH6fYxZWV1HBYKWAzuIsbehQ5dG14g2UoQVxCowcBLi3ntoAmS_kwTC2li_wps22FfYYtmGf1tr3ECWJUC2DL_APomXqxkzAVOaDsLQRP1LnmW5a0LCnVrUI78tcXnW51h8NTPwOReqAWE Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOq5qejpe93P69-KCNhCQFA&google_cver=1&google_push=AXcoOmThVTmWWRuFwOxWU4B_P2rM3r9pNFgJGl8L8JT2po9ThAN4uPspXI5PJf818ynP-FzBWX8OAP19HP92t-XrSTfFHl7RmPtCu-CZ2RVhy1jNhwI6c--MSXL90fCi6IlDgiT4zvN5N6XPhyzLo5oKkUc8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
aid.send.microad.jp
an.yandex.ru
app.cauly.co.kr
b1sync.zemanta.com
bid.g.doubleclick.net
c1.adform.net
cdnjs.cloudflare.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cr-p1.ladsp.com
csi.gstatic.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ihg.demdex.net
imasdk.googleapis.com
ipac.ctnsnet.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
r.wdfl.co
r4---sn-ntqe6n76.c.2mdn.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync.dsp.reemo-ad.jp
t.adx.opera.com
t.ly
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
twtr.to
um.simpli.fi
v9999.adv.admeme.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.43.90.117
104.17.25.14
104.18.24.173
104.18.27.193
13.215.12.84
13.230.210.161
133.186.161.89
142.250.204.2
142.250.66.195
142.250.66.202
142.250.66.226
142.250.66.234
142.250.66.238
142.250.76.102
142.250.76.98
142.250.76.99
142.251.10.154
142.251.221.66
142.251.221.78
150.95.47.242
161.35.255.96
172.217.167.100
172.217.167.66
172.217.167.99
172.217.24.33
172.217.24.40
172.67.75.122
173.194.28.9
174.137.133.49
18.182.140.45
18.213.189.173
18.67.111.43
18.67.93.111
183.79.219.124
185.84.60.29
202.233.84.1
216.239.32.178
220.150.223.50
3.104.241.36
34.126.167.117
34.96.105.8
35.186.193.173
35.208.249.213
35.213.12.39
50.116.239.135
50.31.142.223
52.223.40.198
64.233.170.94
74.125.24.156
77.88.21.90
82.145.213.8
00aa9da6766765bd2baf49bf37c46b94fba6c20dc22cc3c4c1af293465d19b52
02465205a59729adf404a9d6311f5921f1f3c9a0d9a52836f7d3386612a6257a
028858fccd07bd37e8c54ec2a5fe177c7cc04fefa904248e185291ec4278357e
03b7dfde559341a0b976d176f201abef74d26ea808f7cf619e79cc1d6925215d
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0557fe210d8ce635ca309c1972a99149c04ec30c9666cafce0445113d5ba617e
08762f5c92eb9ed6acdf21372b2070c86458bd3393ebaf0b3174244843f8e76d
08a82b3fec078e2a60ae3d845ab4914c98be2a0d5774777c330e37958b6874be
08b844d32d5787a31fe838154291cfbe1c38460a7c2725da2ca3207c53373012
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
100bd272492caec1c242ed1c241aa7ba2524ada1e59e3eb8ae3c25b2daf069d4
103b381a26289c435a8563c67534fe312e9d0135280f6facc67f201a24c69a36
10d57119ca2c2cb15aef263d856684bf689b816c1b0c9d6636c92ae71b9c8e86
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148478b2d7d76b00d0fea50910a83e08f139c33204eab28b38656035a7275667
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c36cbdf87aef67c1a1a050258b2a90375d16396f7887532fcf0157162012d3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdc24f7e998a3e9dfe529050f363cc146ae9c744973406b22ce407ff50373b5
1c912e6ec4e7c2b1df7b4468c6459c820cce97b232959448835add4c277dbd04
1dc412192fb68bcbe593695702821ca662c5e24010638fe385416b8da4137391
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f446bfb0132f150dcd282e76a61115041def61f66bdb5d6f1695e2411af47aa
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
22cb7c75355a9ee812cc308d5188168d208631576fa4e36c8dc211057167cb83
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2bd04f73111427a6fa4240c968eff556e1e679f3ac0d53275534f9c333df6d7d
2c0a8f02e8ef795aecc87e8e323c15fdf29287d20501d6ea0cf1dc53e2d2ea9e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c2026229692496a2499669d50b7879c75455e895f205b073f46f4b91a52e54
37f37d3b4b41b5cea3171df52168b40a894de75b020399e1655d0371ec1bdfcd
3a3887aa62f7f1cbc9b675bc7cb09deb3d80ca7d80cfbeda9d2235bdc3ac5c1e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f4a27a54345888d41909cf83309a3bc6ec4d324ba7e29ae6d4754aa3dd8e31a
4f97dcde419f2666d9e61109040b6164a8147d0da344f0aa3c9bf152b501fa94
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5063a68a88966cff9baa3bf09bf0352e9c05164c66e9b4ef2c4d5453dc9e1ca7
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
53b2564030707bccb5237ecac105a1758172972bf9abfcad686f6bf2413bedce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a049924234ac1aa5b94713e45249c2d11e50206cf3587346fc1ec315c04e4cb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dba93f2c5e65e9e107e3e557cd20e18a6d098270eaf057d4d2bac2c8ddad2c1
5dc89e77a363425ee1b867da9f2d4651133071367a1a2b88c483bdf2aebe245b
5ee993b2ff0d28dee858174cab56596a985c700f70e0c62e10bfcc65b253bfcd
5f71d6c6083aaa4869c68ec66708e5ed44807e623ab0c941bb1ed031bfe4a0ac
60de181a4b72ce251389d7f66b2243f52f1779c96b79f5288c2cdd34fcf8b48c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
62d4d4b5710fb507421ddb283f2f62415449c5829e85452ff785b5ef720fa135
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
669127738c04b1074b227ad5bf263c92522b37dcaa62dae7d46f2e8c6fc38eba
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d5c89c37de2253f017356ebcc1a0b3a7431fd5eada0deeaa6cbded7a7400183
6ff40af55b2552a174217616527860ee0d95589dbb147d1ed03da5f88c50cf66
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
86ad2eff47425620d4d40b0fcac17303c8c15e71c27d330274c5bbfd6331440e
86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971
87e4a3beeb210daead88f32a58cb14a01dd71df05b75fdaff8a5927a9e34cb04
880df47c8160689c021520acaca8bdd53cf8c7bdb8bdc8f8b70e05cd8d85e5fa
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
899a3571ca7553592fb4221f36b00d18bfb63639fcb24d7d44e74312089bb405
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
8f5be3f75c9595d5b4fc1f100d092f6668f282a0c8192d40087019ef48f7836c
9562b2bd3fb6c15060b4d9189866562eb84bca865efc9a943e3607758fb7842e
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ecacd636ff7975a5515f0ad247b2619ce80ab1a262bb9a7f9325f6ee2111418
9ee9e886926518c4265b0d65595db0ce6e5e2e6cd6f93c2c95313b05f20adc0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a50252ac33e5615e28ab718c6194e7ae4be7576ccdbc034096adc0988f164117
a6aefa265d18843b33a44334e4c72cfd9737ee98fe67932e072a229cc1d26b30
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c
b1f1ca25b555a7b195c450caa4526f22ed320d6607d9c7e18390ccb22e6b8f00
b3532c989163498f203503c71bb9597bc487ae518d623f3f4731371e9394f96d
b3ecde2735b001124d9899664906ce0978ad0b74a0e4f9683d8b3cbaa5edb3c8
b4024d41ef74cb991281b3daa5cbe1dc84b65cb1b6b34f873658ce83d8da71ae
ba620ad2291e21433bc6c7a08ff3009542a987e20b51e0099854c4f200536ab1
c0f96cc2698d104547c4dc55a101b15e59aa003b51117afca148f8d7d9a041df
c12dbf5a1562aa7f29f03abec9133fbd293f437db0a28b7ddae5910f101f855a
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9a041f2cdf20eb679291a4c14a9ec53e65f663e7fb0b85638f2221e96caac45
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
d5ae33f0c81e7058fe61805d616e40e19cf784919b3fdad2400637ee359ed3d6
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e10f08662fc90ad7205a5031671210f844c6e761b06a0ad73a909b50f2c58e19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e705788f828e46d69e0c426b1b442b57a415111bf2cc4e8d59c82e10e17a524c
e9bb4a6af507d0d7d4eb8d73dbf3b9e5ea60fe73ff7b058a802936ae8f65fd6c
eb61152fed4aa7eea9083ab7921ce5cb4128f57ecedb452300ff8ddb89946bca
ec0444bf2faf31208e138de70f4ae7faf703d92a69fdfbba322554a5e13c1348
ed3bfe6e73ca21578ab615ff3f80b34826a6b4e53e6b64d98c6f70d48507e9e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdd10a61037583933c4113f543c6cb3f317c9565e3cbb453406495b4ce196908

t.ly Open in urlscan Pro 172.67.75.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

88 %HTTPS

0 %IPv6

42 Domains

56 Subdomains

36 IPs

8 Countries

3595 kBTransfer

10134 kBSize

55 Cookies

4 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t.ly Open in urlscan Pro
172.67.75.122 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

88 %
HTTPS

0 %
IPv6

42
Domains

56
Subdomains

36
IPs

8
Countries

3595 kB
Transfer

10134 kB
Size

55
Cookies

225 HTTP transactions
4 data transactions