surl.li Open in urlscan Pro
2606:4700:20::681a:513 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://surl.li/iuiej
Submission: On July 22 via manual (July 22nd 2023, 7:42:43 am UTC) from CA — Scanned from CA

Summary HTTP 88 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 18 domains to perform 88 HTTP transactions. The main IP is 2606:4700:20::681a:513, located in United States and belongs to CLOUDFLARENET, US. The main domain is surl.li. The Cisco Umbrella rank of the primary domain is 733473.
TLS certificate: Issued by GTS CA 1P5 on June 9th 2023. Valid for: 3 months.

This is the only time surl.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::681a:513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:c0ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.214.52.10 44.214.52.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:4cf:f74a:5da0:3484	14618 (AMAZON-AES) (AMAZON-AES)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
88	18

14 2606:4700:20::681a:513 (United States)

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:820::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c0ea (United States)

ASN13335 (CLOUDFLARENET, US)

web-screen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81f::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:816::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2004 (Stony Point, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.81.226 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.52.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-52-10.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:4cf:f74a:5da0:3484 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	280 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 120 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	92 KB
14	surl.li surl.li — Cisco Umbrella Rank: 733473	393 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	22 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 1937	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	3 KB
2	web-screen.com web-screen.com	51 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7477	624 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7499	543 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	715 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1466	668 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1296	35 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1019	878 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1178	599 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	78 KB
88	18

	Domain	Requested by
19	pagead2.googlesyndication.com	surl.li pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	surl.li	surl.li
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net surl.li
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	surl.li www.google-analytics.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	web-screen.com	surl.li
1	ius.ctnsnet.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
88	24

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua
welcoms.quest
secom.com.ua

Subject Issuer	Validity	Valid
surl.li GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://surl.li/iuiej
Frame ID: BDD2192F902CD9B29309762E9D76213B
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 4C49674451D9CDDD5A9DB027E50E2653
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1690011757&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fiuiej&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757395&bpp=7&bdt=154&idt=137&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3098615967909&frm=20&pv=2&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156
Frame ID: B45FC989B43AA36ED4E4E40EFB2A636D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1690011757&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757402&bpp=2&bdt=161&idt=155&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=F2uFMGaSVT&p=https%3A//surl.li&dtd=158
Frame ID: 4520BCAF07D51A73755D9EB5526AAB49
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1273&idt=-M&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Yhkdkvk2Dd&p=https%3A//surl.li&dtd=9
Frame ID: 13272E47A1C574E9F1A5977DB02E185D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15
Frame ID: 21DEF5B2E0E970C76899A9D2831DF21D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3D351182C36F9490B574F80672B82A6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: B8DF08190248D123E40BC519021CB80D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D540738ADCCACC007BD860B486A9A1D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AE2300D9E02FF8EBFAC388DE22FA620
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 734A5CBC04CFA5E9A23B24912129A24D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F80201309B3330D26C907FF5232FB7D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88801A8D72BF2BC2240827D3463FBE66
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surli redirect page

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

88
Requests

93 %
HTTPS

73 %
IPv6

18
Domains

24
Subdomains

18
IPs

1
Countries

1146 kB
Transfer

2626 kB
Size

20
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/en/vpn?utm_source=surl&utm_medium=menu&utm_campaign=menu_text&utm_content=menu_text
Title: VPN

Search URL Search Domain Scan URL

URL: https://welcoms.quest/go/muydamdbhe5dsnjtgu
Title: 5 Go to site

Search URL Search Domain Scan URL

URL: http://hyperhost.ua/tools/terms/term-en.pdf
Title: The rules of usage

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/hosting
Title: Купити Хостинг

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vps-vds
Title: Купити VPS

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vpn
Title: Купити VPN

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/
Title: Hyperhost.UA

Search URL Search Domain Scan URL

URL: https://secom.com.ua/
Title: Secom.com.ua

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMcRQnvWGEu6zWCPF0i2h6w&google_cver=1&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZePqptIbflU7xyl8U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZePqptIbflU7xyl8U

Request Chain 70

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 72

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBVaTNLVFY3_BYIhUW2weMU&google_cver=1&google_push=AaAOQGGfSosLij_NnTnjIioUGGhi9YFrXfruv2QweH72WIzNlanxq1SDEP5xZJilZW2MWTXeN5ECsO4MrVyLea39e0wQsO79IYPOX7Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=802809378215

Request Chain 73

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPrAZOcyJXQeMqb6l9G1Dvs&google_cver=1&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAavSDjSnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAavSDjSnA&google_hm=eS1DN3BBb1paRTJwSHlTWGE2dnhiQ0EyZVBLMnZQWERob35B

Request Chain 74

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEM_tUDLxN3MM72AzsTdAE2E&google_cver=1&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9KfsnKI-BEf5Ik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIyMjU2NDkxNjI1MzY5NzMwMzQ&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9KfsnKI-BEf5Ik

Request Chain 75

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEO_Jyb-AT05XPfYeGLzyiOU&google_cver=1&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-kq7B2ui0G93T8MG3Q35CozoTYm3QuBWRnfPzrZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-kq7B2ui0G93T8MG3Q35CozoTYm3QuBWRnfPzrZ&google_hm=DXP82aIkTFuH2UCSAVQWErM

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iuiej Show response
surl.li/ 12 KB
4 KB 592ms
539ms Document
text/html 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

ebc772a3a846e36012c92516d057d2292c203bc8a4f01a5e268bdcb5dd05e311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7eaa0c4768e53905-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 07:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krOLE2CGljr1G1tzAmY3E0SskBfkFWnNJvSlZqx7%2BsxK8CTCbF6Sqv70iAy3R9bt4EdhfP%2BXPYeGVKifu7qkRuEAphnTcCwVManBp2SsQxGNm5d59lRX2GuLogTbcEvtrTv%2Fq5g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.3

GET
H2 200 app.css
surl.li/css/ 157 KB
27 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/css/app.css

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8e62a177cc410209e651ae35eb303b9979c6e52a894885ff1aa5769a413ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Fri, 26 May 2023 09:44:27 GMT
server: cloudflare
etag: W/"64707f7b-2758b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD4qzRGOxmQQkfreUVZRYLGf8EiMe%2Fr%2FuqzmVWjpUQin1%2BpDZaT%2B91xsZw8A0uV2dpYdzDypF%2BBTSOzHsPg2db%2B32we0%2FUSIfyw%2Fmaqa%2BEdbACp6kXIx2HE%2F5a7Ci2tG34QV6u8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4adae73905-YYZ
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 107ms
58ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3951f75b9e5dadd9b9112aaf3d4e345ac89f913c8cb6e5eaad1927cb514837a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50814
x-xss-protection: 0
server: cafe
etag: 18328531646766566304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 07:42:37 GMT

GET
H2 200 surli-logo.svg
surl.li/img/ 9 KB
4 KB 57ms
55ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/surli-logo.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-233d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WtOplm4VF3io9cMtUoOhh829hBVLA034JcvCR2T26tcG%2Br0XClpUJ3itu%2BXo%2FSiu1xWwHXEt%2FBbvRlHvJzzV4SBLLRZj3P9Mbdti5FQ4R9%2FoWk0elJB79v1kc6Casd2%2ByzSQQA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb143905-YYZ
access-control-allow-headers: *

GET
H2 200 plug.jpg
web-screen.com/img/ 13 KB
14 KB 334ms
24ms Image
image/jpeg 2606:4700:3035::ac43:c0ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/img/plug.jpg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c0ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6742
alt-svc: h3=":443"; ma=86400
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
server: cloudflare
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iL00VCZXS2YqRhd3mi3FbrZ1%2FQHB6XiyAFtUYO5s%2FFlEuTY1%2BqgQKq%2FEhFucgzMe4xpmWTPgtwr5KyRz9ANS%2BxZebl%2BM4hVTZDVspMJABV4viOUPt8z6nlof%2Fb9P1QY8WiQzI%2B%2B7YepPyt1lkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eaa0c4cc94e36cf-YYZ

GET
H2 200 pc-rouded-icon.svg
surl.li/img/ 20 KB
15 KB 51ms
50ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/pc-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-4f3e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9r6h1DhVo6YkmTNzA90fOTz1e9mW%2BLlqewueHRlfYMViDP9IUj8vrAMf6mifivKLH1RR5QF4NFMC4rSMukc%2FO%2FZEHTHAaP%2BYaRzFfm4jMlUbli8tsgG%2FJgpfO0ifoJxxmcq2sc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb153905-YYZ
access-control-allow-headers: *

GET
H2 200 gears-rouded-icon.svg
surl.li/img/ 4 KB
1 KB 48ms
47ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/gears-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-e1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1r%2BWdTnpAsWZeOwiFwBgcf6QKx3neovjfim5fuqeVp8XL%2Bid5oxaX4nEzxIYdernxv8cqVGZPXL1UaG%2BuQifPbULP4r8khf85VU05B60ISqzwb3J7jlXtptlZ7GparirGgMXhI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb163905-YYZ
access-control-allow-headers: *

GET
H2 200 planet-rouded-icon.svg
surl.li/img/ 5 KB
3 KB 47ms
46ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/planet-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-1574"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcq15m8fSdw4yE1K4qdNtSrQXs%2F1ivQd888JJ9RWCEH%2Bzwh%2FnBLD8Ksf0n7Ui%2F5RfUY%2FQqEwzlPxOxpFJ%2BzXkzHjcYpj5Yo5L4dC%2BFTjcBuZeMaPtveT7ft8TAQcmraxsXhfz0g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb183905-YYZ
access-control-allow-headers: *

GET
H2 200 mastercard.svg
surl.li/img/ 9 KB
4 KB 57ms
56ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/mastercard.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-2394"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAQd4xUsWu1QJNruc8SeYtlq%2B8v2phI4aYgRnXwAf7065DrAzIYPWZadB7wgcZFGEKbF1yZQho0zz3gFn%2Bc3y%2Beo6ewgTQ3eHXD776HEFO3ky4zHXZD4TlVV%2B2iGbU0SVoBWmOo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb1a3905-YYZ
access-control-allow-headers: *

GET
H2 200 visa.svg
surl.li/img/ 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/visa.svg

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-76a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrOVlv7E0R1PjK3k6skvZYLu6gjRqg%2Bp0HQiqWb4VFOAdk%2FWYGWF%2BKrp2Rg4OLKoDJygy%2Bgz72OL6eXZh3kfgflVfMGphK8qmQyl2vlD%2FUPapdW2zLmtzCTi%2BdtUQYxzdbb6oMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb1b3905-YYZ
access-control-allow-headers: *

GET
H2 200 email-decode.min.js Show response
surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 17:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b6cdef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUVei013MbUpk1ZVVQeU6AyoOlvUNVhvOwJHX67Kab%2F8AsQGEbA86vki1FhSi7pwGJuDjkg093TUKazoM7YJNq9S5JnAOoy2JO5gOKbufGG6z5dO20%2BBJVB6dQXbWBcOilHbeSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7eaa0c4adaef3905-YYZ
expires: Mon, 24 Jul 2023 07:42:37 GMT

GET
H2 200 app.js Show response
surl.li/js/ 182 KB
58 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/app.js

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b8fcebb61ea4d696e03b5cb3c8e8c9e61df67c8867a7842b79f97298f054e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Fri, 26 May 2023 09:44:27 GMT
server: cloudflare
etag: W/"64707f7b-2d6b6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugSK%2FJVHJU7tHQUOXQqkILW0BhTX3yHnzKDWoa%2FEvoaJ9nxNgznEiWToATA0Dw2bCfULFpIxomFUEJDeEhFkgtUbnmXpMCe0R7GN1UQJdOolI7Fbmz6vzYIp2qGRK%2FzMLcl9Fuw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4adaf03905-YYZ
access-control-allow-headers: *

GET
H2 200 preview.js Show response
surl.li/js/ 88 KB
32 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/preview.js

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/iuiej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5740
content-encoding: br
last-modified: Fri, 06 Jan 2023 14:56:57 GMT
server: cloudflare
etag: W/"63b836b9-15ff1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yo444uS0pehCqGQmyeU%2Fop%2B4hLRCGpD8M2ftcPRfjniduXSiMhzNnxMONZVbOGHeKd77qLnucliS2%2FIRQ7xFfpK5L0M%2F%2Fq9tPHhtmLP6IPOy8AjJh99MGxam8nl29ZuMb6qvNhc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eaa0c4afb123905-YYZ
access-control-allow-headers: *

GET
H2 200 Roboto-Regular.ttf
surl.li/fonts/roboto/ 127 KB
127 KB 38ms
38ms Font
application/octet-stream 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/roboto/Roboto-Regular.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5000
content-length: 129584
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: "64a2d1d5-1fa30"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYd4lbpRbtmz2Y03lqv0cvq858pSkjMZ3DWzr6muNJYcno5AaSWlG8fDKVHILm%2FNLCAQ5UdzOSITNixC0KyuqDHWJsDMmpPnRSSNYTsne%2FQ8qp%2Fs83YJ6rllTQW9rWMQMOz08fI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eaa0c4b1b283905-YYZ
access-control-allow-headers: *

GET
H2 200 Rubik-Medium.ttf
surl.li/fonts/rubik/ 113 KB
114 KB 25ms
24ms Font
application/octet-stream 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/rubik/Rubik-Medium.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5000
content-length: 116056
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: "64a2d1d5-1c558"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeJhfAzaC1ff7lLGsCdBbIczW3HhJbP%2BXpKeo6QXvqzpk7JcNAduu2Ji4jebQcxOQCawAwTKeKExucoWs6iphF5QbhK0EPJo%2BvcVvRyp8Bi9ekxab8Zr9L164pzAjaEwefUgwLQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eaa0c4b1b2c3905-YYZ
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
19ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 06:11:08 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5489
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 22 Jul 2023 08:11:08 GMT

POST
H2 200 getPreview Show response
surl.li/ 100 B
1 KB 144ms
143ms XHR
application/json 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getPreview

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

b869a332c4f1e469ce24fe317c84499f014c0b3067cd6c50436b6719b986afad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/iuiej
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: sTsmSPjYnAftNvIU2SrgIpcTFxXjqtRr8d9sZHF5
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/8.2.3
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fc8xqjerXXgLNxyn%2Ff6fHhWGY8jejm17SvPPOZofXqOls8CX8H2%2Bt8qMJH3TGc5%2FL3i9Sw7nVKHtQlLbaiULZ9zb%2BMx2iVodFWfFv4olETIIwtvy8fs%2FkQih7M07RU8LaL8h17g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 7eaa0c4bab9f3905-YYZ
access-control-allow-headers: *

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 87ms
86ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b66a33e7bb738a939f3888b9675e5626bd5a99dd04c4f11fd960fec977ce9d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127290
x-xss-protection: 0
server: cafe
etag: 1655637239939345735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 07:42:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 4C49 10 KB
5 KB 69ms
19ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:32:02 GMT
etag: 12368291122986407432
expires: Sat, 05 Aug 2023 07:32:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 34ms
33ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4329212258438721&num=0&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 06:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jul 2023 07:43:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
215 B 32ms
32ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=205045503&t=pageview&_s=1&dl=https%3A%2F%2Fsurl.li%2Fiuiej&ul=en-us&de=UTF-8&dt=Surli%20redirect%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhAAAAACAAI~&jid=830659243&gjid=752867766&cid=251121607.1690011757&tid=UA-18721904-9&_gid=2105773455.1690011757&_slc=1&z=1148770339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 124ms
73ms XHR
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18721904-9&cid=251121607.1690011757&jid=830659243&gjid=752867766&_gid=2105773455.1690011757&_u=KGBAgEIhAAAAAGAAI~&z=1062853188

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Jul 2023 07:42:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 85ms
38ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bf45bea0a0b370f430f4d08fe52bdc9706a0cb20406773ac9513fafb06a5e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jul 2023 07:42:37 GMT

GET
H2 200 94229789-9b59-4e6d-a83b-4f19ed8b1a4c.png
web-screen.com/storage/screenshots/2023/07/ 37 KB
37 KB 61ms
26ms Image
image/png 2606:4700:3035::ac43:c0ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/storage/screenshots/2023/07/94229789-9b59-4e6d-a83b-4f19ed8b1a4c.png

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c0ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0481de0138eae311c7b7cf753767dd2ab35d66f3173aeab6d6ff6da68794f0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 38018
last-modified: Wed, 05 Jul 2023 15:50:37 GMT
server: cloudflare
etag: "64a5914d-9482"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7nxSRp9X%2BOYowWMvaZmmLCYcyoHDkEHK3hERkEpL0vPjBtXygKzcykjN4NZh9P9%2FxOXRSTZaRK2NgAV%2FjeFksQgxKGYfu%2FxALopT2mQE3EkFdN%2BN6dfLZfOFc0sLzCk0hM5ovWKy0C06p5JBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eaa0c4cc95036cf-YYZ

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
599 B 78ms
33ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=surl.li&callback=_gfp_s_&client=ca-pub-5213407188406790

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baa80b28d26330a650d785a45914fefa3d53d995309c67dbe1937220f2622183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
34ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=surl.li

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B45F 18 KB
5 KB 929ms
927ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1690011757&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fiuiej&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757395&bpp=7&bdt=154&idt=137&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3098615967909&frm=20&pv=2&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ffc1a835ffcc921ad8070b68e4a74c8a475624e372ba4eea241cc889d33d553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
expires: Sat, 22 Jul 2023 07:42:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4520 114 KB
39 KB 839ms
839ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1690011757&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757402&bpp=2&bdt=161&idt=155&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=F2uFMGaSVT&p=https%3A//surl.li&dtd=158

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0c2b4771e1148bd3b0e7426657c9721a08c7825c7b9f364f30bdcec38932e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39630
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
expires: Sat, 22 Jul 2023 07:42:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 32ms
32ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BVLF49G8NB&gtm=45je37j0&_p=205045503&ul=en-us&sr=1600x1200&cid=251121607.1690011757&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&ngs=1&_s=1&dl=https%3A%2F%2Fsurl.li%2Fiuiej&dt=Surli%20redirect%20page&sid=1690011757&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cac0c864edda0087bf141d240f6ef92e.js Show response
www.gstatic.com/mysidia/ Frame 4520 9 KB
4 KB 119ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cac0c864edda0087bf141d240f6ef92e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1690011757&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757402&bpp=2&bdt=161&idt=155&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=F2uFMGaSVT&p=https%3A//surl.li&dtd=158

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3959
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:41:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:20 GMT

GET
H2 200 8f3b55d480d7aec0a3d2d67a1cbdc6d8.js Show response
www.gstatic.com/mysidia/ Frame 4520 10 KB
4 KB 120ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8f3b55d480d7aec0a3d2d67a1cbdc6d8.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e643f238190d83f0be0b0f2ec7daa9fba55614e399214a16c5ca0cd6c5155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4520 14 KB
2 KB 79ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jul 2023 07:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 06:43:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jul 2023 07:42:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4520 2 KB
973 B 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:22:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 4520 23 KB
9 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4520 3 KB
1 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4520 20 KB
9 KB 66ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4520 179 KB
57 KB 86ms
39ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 07:42:38 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 4520 33 KB
14 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
35ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3041740521878177&num=0&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
37ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3041740521878177&num=1&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
34ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3041740521878177&num=2&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
34ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3041740521878177&num=3&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
35ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1161692147390150&num=0&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
36ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1161692147390150&num=1&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
35ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1161692147390150&num=2&dvc=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 38ms
35ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=surl.li

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1327 436 B
238 B 388ms
386ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1273&idt=-M&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Yhkdkvk2Dd&p=https%3A//surl.li&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47796528e4b97738cdde0412d5061c0d056396fd69cb5fe44c406394b428e4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
expires: Sat, 22 Jul 2023 07:42:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21DE 115 KB
41 KB 439ms
439ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a35553350de7ac4e1c1c6c0af08f79649adab2bc3dae77117c1f1294af22cc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
expires: Sat, 22 Jul 2023 07:42:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 35ms
35ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-5213407188406790&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230718_103606&sat=1689963621606&afm=0&as_count=0&d_count=0&ng_count=0&am_count=3&atf_count=1&mdns=0&alldns=0.226&allp=32&fd=(0%2C11%2C4)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2120&abl=false&rr=n&su=surl.li&pvc=2388385235555284&r=0.1&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D35 143 B
166 B 21ms
19ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1690011757&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757402&bpp=2&bdt=161&idt=155&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=F2uFMGaSVT&p=https%3A//surl.li&dtd=158
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:36:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4520 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f46ca2fea92c14164159bfa05bc4a40a98cc35e657b72ea69de04f926a583c5a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4520 33 KB
34 KB 76ms
19ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:45:59 GMT
x-content-type-options: nosniff
age: 96999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 04:45:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
expires: Sat, 22 Jul 2023 07:42:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4520 0
23 B 48ms
48ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COoLhbYi7ZIH_I4mXNaDCoNgH5aDm5nGoiq_m-xGuoavauhAQASDPyd1vYP3oooHwA6ABvdfYmQPIAQGoAwHIA8sEqgTmAU_QUUCJUDA3cuwq1c-OcoK0UqWQPxyQihMccfsyF2WAbYnbbTni7Yn1Ro-hxxVhFTiK5yf1eSg3GJgorQH55McI5GmmBYgfcm0DqHHWgHF13klmoLJ72KIPrICm2NSSVycgJMcWX8ZjXCb4pXWTqvZiORvdIXC7OWR5XpG6Bkf79-XGVYH8CNl-YP3Z3gEHyvZyArBUXmZbuK539mXPomdsTV9i2PAqeTYCNzC7f1-fplamXLcehAg_FhZS1xQT30poIIttYt6gisstHydf8_Px1h_lSIERzTwMwA33x7k8B8gD7we3wAShx7L7qwSSBQQIBBgBkgUECAUYBIAH6-6XsASoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDBhAXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01MjEzNDA3MTg4NDA2NzkwGAA&sigh=fbL6WuQ_dpc&uach_m=[UACH]&cid=CAQSGwBpAlJWyygexf3VR41xQ3gZYeUzcAx_DvR5qxgB&cbvp=2&vis=1

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1690011757&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011757402&bpp=2&bdt=161&idt=155&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=F2uFMGaSVT&p=https%3A//surl.li&dtd=158
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Jul 2023 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 07:42:38 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame B8DF 37 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:29:17 GMT

GET
H3 200 cac0c864edda0087bf141d240f6ef92e.js Show response
www.gstatic.com/mysidia/ Frame 21DE 9 KB
4 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cac0c864edda0087bf141d240f6ef92e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3959
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:41:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:20 GMT

GET
H3 200 8f3b55d480d7aec0a3d2d67a1cbdc6d8.js Show response
www.gstatic.com/mysidia/ Frame 21DE 10 KB
4 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8f3b55d480d7aec0a3d2d67a1cbdc6d8.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e643f238190d83f0be0b0f2ec7daa9fba55614e399214a16c5ca0cd6c5155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 21DE 14 KB
1 KB 37ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jul 2023 07:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 07:20:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jul 2023 07:42:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 21DE 2 KB
892 B 23ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:22:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 21DE 23 KB
9 KB 26ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 21DE 3 KB
1 KB 26ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 21DE 20 KB
8 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 07:02:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 21DE 0
0 42ms
38ms Image
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToeRsPnfFiPpAdiJ1BvG2GEsZ0F9qlinm7D5rKZ6MomLRKaxIyM1QOzBxj_gJEgXqi0u12_xklhrY05bUkG3wDUdoFXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21DE 179 KB
56 KB 69ms
63ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 07:42:39 GMT

GET
H3 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 21DE 33 KB
14 KB 27ms
23ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 07:02:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D54 143 B
166 B 22ms
19ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:36:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7AE2 1 KB
643 B 27ms
25ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:30:16 GMT
etag: 48472445140208031
expires: Sun, 23 Jul 2023 07:30:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 21DE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5b1c7e25ab51a3807c9413160b33d230a1a9fc1c3b449b1ca921f8ec915f0db

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
34ms

Document
text/html

2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:39 GMT
expires: Sat, 22 Jul 2023 07:42:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMcRQnvWGEu6zWCPF0i2h6w&google_cver=1&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZe...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZePqptIbflU7xyl8U

170 B
232 B

37ms
36ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZePqptIbflU7xyl8U

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Jul 2023 07:42:39 GMT
Server: MT3 1031 59fd23a master ord ord-pixel-x23 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEMxupQEEAYoZsJkx8-ZF_nqcn4_ABcyFSwKEfvK3qTtZg6aMdzWDm5gDOId9F7RaNIFBZJuWCiY_mafZZePqptIbflU7xyl8U
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 22 Jul 2023 07:42:38 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7AE2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkk...

43 B
426 B

133ms
102ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7eaa0c574f8cece2-YUL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 82
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI1JiHxxlVpCJ_7jw1gm-fU&google_cver=1&google_push=AaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEauWBv73MkoH1fR8wIKTbStThbSi__U5rzrR6-2WsHcZo7hXKwkAl6aUTWdW1l2VWR3w3GgXBI80ovbMU0m4QSnF8lzkkQFKY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7eaa0c569f34ece2-YUL
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 7AE2 0
35 B 75ms
23ms Image
text/plain 44.214.52.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEO0V--WaUPGgvDthOXMKMDc&google_cver=1&google_push=AaAOQGHSZdGYKL11oP290K06mwyOwoWJK-9pqPPIwHM26u8y1AD_2N5tpyXRlwxv6k3O3TNqbxpdKw4XrhIVuAaXteI44CCCvqg2CoM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.52.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-52-10.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE2
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBVaTNLVFY3_BYIhUW2weMU&google_cver=1&google_push=AaAOQGGfSosLij_NnTnjIioUGGhi9YFrXfruv2QweH72WIzNlanxq1SDEP5xZJilZW2MWTXeN5ECsO4MrVyLea39e0wQsO79I...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=802809378215

170 B
232 B

38ms
37ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=802809378215

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=802809378215
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPrAZOcyJXQeMqb6l9G1Dvs&google_cver=1&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAa...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAavSDjSnA&google_hm=eS1DN3BBb1paRTJwSHlT...

170 B
232 B

39ms
38ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAavSDjSnA&google_hm=eS1DN3BBb1paRTJwSHlTWGE2dnhiQ0EyZVBLMnZQWERob35B

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Jul 2023 07:42:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGGqwDzrrImh0Fsi5VP6VRJJgmEOLj1JdM-Q-R4OIieP3RaoDuvwY11O-lEchKDs4yCxJNI_IdT1C5xpMHXINJ3CAavSDjSnA&google_hm=eS1DN3BBb1paRTJwSHlTWGE2dnhiQ0EyZVBLMnZQWERob35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE2
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEM_tUDLxN3MM72AzsTdAE2E&google_cver=1&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIyMjU2NDkxNjI1MzY5NzMwMzQ&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9Kf...

170 B
329 B

38ms
37ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIyMjU2NDkxNjI1MzY5NzMwMzQ&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9KfsnKI-BEf5Ik

Requested by

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTIyMjU2NDkxNjI1MzY5NzMwMzQ&google_push=AaAOQGG5AQgwCz3ctEB50QdQQ5In9cNHXDC7RgD4MNvlhZMSQDIv8pPCScni1Qv3E59lKCWT0Y8ycIZbDSaqbQJXo9KfsnKI-BEf5Ik
Date: Sat, 22 Jul 2023 07:42:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AE2
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEO_Jyb-AT05XPfYeGLzyiOU&google_cver=1&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-kq7B2ui0G93T8MG3Q35CozoTYm3QuBWRnfPzrZ&google_hm...

170 B
232 B

37ms
36ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-kq7B2ui0G93T8MG3Q35CozoTYm3QuBWRnfPzrZ&google_hm=DXP82aIkTFuH2UCSAVQWErM

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHUUe3H0q8q45VFJ_B62xvPKj1Pi1vyNclolAabaZLR7F7A7UAVx4rwdxapt-kq7B2ui0G93T8MG3Q35CozoTYm3QuBWRnfPzrZ&google_hm=DXP82aIkTFuH2UCSAVQWErM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7AE2 0
130 B 101ms
34ms Image
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMvBTNywIEu3w6KnIvrx01i31SLe5kV1E2qZU8lx0hDViWwl36mu4Yx7pXTPmFTCkodNDr_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 21DE 33 KB
33 KB 21ms
14ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:45:59 GMT
x-content-type-options: nosniff
age: 97000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 04:45:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 21DE 0
19 B 45ms
44ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_uMLboi7ZPykIrmmrr4PuqOy-APo84jOcZ_Z75GuEdWHkI-RDhABIM_J3W9g_eiigfADoAGl_NSQKcgBAakCsQ5Hi8Kpsj6oAwHIA8sEqgToAU_QdQK7PIg9vvdcMOdHY_82tfZOgERED0xjhOAPGPbGID0BxZ7VKxg_XiFYmCRYnkyVxMWXy8CiaLtJAlzyT6ppFSIQ1y-sQsVitGnA-PS-beccaCCSf3Ql8S5XATDqKg40oLfsUaDrYNMV5zzmHgLye2iyzLEQnZdR8BJ6LYV7S1T8Jw1J4nefP0Nx_-Bv3nIgFR_DzQmPTlG7VQc2Kuk8N1XbBMU0iOScKBc_gGWAeqqvZpFKhK6pW71jc8kAmJ74fhYjFKDtHcCBSONocHn-dSPw0pPpra4Al1LEjoJdoncMaem2YJ3ABIyL86q1BJIFBAgEGAGSBQQIBRgEgAeltKXwA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEIYx0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTIxMzQwNzE4ODQwNjc5MBgA&sigh=2Em-m-04gVA&uach_m=[UACH]&cid=CAQSPABpAlJWSmY8rX61yN36HKXlOvfZvAdCAapNt34Avux871mFwwHZyYOLW8p4lv0ba-Iof5wG6WtNnbookhgB&cbvp=2&vis=1

Requested by

Host: surl.li
URL: https://surl.li/iuiej

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690011758&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fiuiej&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690011758513&bpp=1&bdt=1272&idt=0&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df8db1fb0f5d2fb3f-221ac129dde200b3%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ&gpic=UID%3D00000d00442682fb%3AT%3D1690011757%3ART%3D1690011757%3AS%3DALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=3098615967909&frm=20&pv=1&ga_vid=251121607.1690011757&ga_sid=1690011758&ga_hid=205045503&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076087%2C31076089%2C31076179%2C31076299%2C44788442%2C44797785&oid=2&pvsid=2388385235555284&tmod=1549946782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=c9kT3Xnh9i&p=https%3A//surl.li&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Jul 2023 07:42:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 89ms
49ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b7acf88752bd5c7faaab6a351f541a2f30bf10d99fd858f7f0fb4bbcdca901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11852
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 734A 37 KB
14 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:29:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js?bust=31076299

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 07:42:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F80 13 KB
5 KB 20ms
19ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:19:07 GMT
expires: Sun, 21 Jul 2024 07:19:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8880 783 B
534 B 128ms
127ms Document
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95fb55ce331176b5d5b067d5cccf52e38f7286be18d84939bb7e07d70cec69f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3dPJURDilNvEUOOIiBzMSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-3dPJURDilNvEUOOIiBzMSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 07:42:39 GMT
expires: Sat, 22 Jul 2023 07:42:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F80 37 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:29:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F80 0
10 B 19ms
18ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SaxoJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:42:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8880 0
0 34ms
33ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=2388385235555284&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4520 42 B
64 B 37ms
35ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVvaTF0XK4iJAB1HGYZMbamCuLVXj2r6jytB9S2jPY3hhrWY20Q1QKSgv4DAihsqDseHT47mk_pddkbki-5GXjffVLz_Q7prAJQk6RYjkZk40icriel1YEzSUZJO7qyyuKfSeZjzR_fg&sai=AMfl-YQiEj9HFKAJReJAcNe_EBcF9Ip8VNlEE9WGFQrdw6PI2R8HtXw24Ke27WaMWfowuq7Waffa7vzedrWs&sig=Cg0ArKJSzG9gob5LZu-3EAE&cid=CAQSGwBpAlJWyygexf3VR41xQ3gZYeUzcAx_DvR5qxgB&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1430589424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690011757561&rpt=1227&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 07:42:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=2388385235555284&bg=!KSqlKn7NAAZsPphkTD47ADkAdvg8Wsg6hFIsryiusW6yvnT2wVi28Yn5gCh0kgRjKSiKrNkp5_Sb3QIJf5DOzoMX3AUhSUrv8o8CAAAAWVIAAAAHaAEHmQLbVEEdHXc-AiwyvxmG1m-2iaFncn8tgiFhAh2ukR9m_k5CH0XjPrZjqQB80E5VKV66_MgGc_Ry_FIgH21ksI_KEG7XETb-iOxPO3reaXx9qvL-UmPCn4TVVEv-4jLNuAaW1gfiNwLaVeCbab8oPFjTA0KS5JCXzrKaoh1Rnq779rOd_cQAadeVfHnH4-cwZ_XHkIOJk85PT6hf5DKAh2BL2VoL9Afru0c-Qpw7mJw2KCtlw9ksmzkKTOBL9_v4Vy5_h7NRglwwc_rV9xiMXNAn44rHD6v748BQ-vWWpEYo363Jb1XWtrz6dWF7-hPOgjQpugtsMkfXexXpS8AGZEerHj_Nou48wkGE7omF8OW4itMfMTaFS2tVhjyBSDBkXve3nEJM1FndIwwFmPdO2tedW-8RCuFpuF7pwu_MP7nszDNHKMzlL04RKLsl1Yevq5za1Vn7bwkwAf-GO3jyT4i8CiqeYxcbUEXEdmPE0T32ZTrnZmf4DC_pBuREYjl88vcqrXVf_7tKtlCGihxffL5OoY3gIaQYH-DNRfBEwkxrf9a7i1x6uToMNwHoMi-P3P9Gc32-dYulee48nAgi20D1dlv4rGZFm2B_eOkfTlv0d4lIQNnGfAjLluw_UF1MKq-f8VPEpp0azp6kUo1vmM1msb1thIf3Xgjp2Y49KInPqkWJtiGt6QosN6jG1GD_0VzA4uZd1gtPU1Jr4u3bf1jjVPVAg0YxWlqFRScZ1Rzb4efYb3QAmO84bwP_Ewk2FrSX1PcuYq8-kSMcWI4E0mRr2bn2HYUQt1fMPZt61MEKkj-aVkmECEl9SU-8HaQeSVRO6AC_TNSCVZ6fCMdi9kyNCDMURH31xqzK3UiN61YRaO-3onOAwy52Q_irOFsBrhChIe-J80xWpTecuIf_5DBu_H32nUw8QakmUx-mGCJWCNs0dZmfk9yvGhQJryPI2PI_MCXVWBoXkow-R-Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surl.li/	1970-01-20 23:02:51	Name: _ga Value: GA1.2.251121607.1690011757
.surl.li/	1970-01-20 13:28:18	Name: _gid Value: GA1.2.2105773455.1690011757
.surl.li/	1970-01-20 13:26:51	Name: _gat Value: 1
surl.li/	1970-01-20 13:26:58	Name: XSRF-TOKEN Value: eyJpdiI6IjBiazFUTGtJUzhHZXkvMzBQaUZBMFE9PSIsInZhbHVlIjoiVWNNWFpWdExkUTRyNXRNZys4UER2WGJseXU1Rkt1OGZwMFdlWEZpZEtaVUhOYnlFc3BRbWZ2S3JqQVlKdVo3OHJmbUE1RkM5YlpJeTVmaUZrK2dZZlliZzYzZ3JPc1hOTGlYVTJVbzM4UGx0SVIxM0daak5zNElCM0wzcEJEZXYiLCJtYWMiOiJmNTdiYjg3ZjYyYjZlNjJjZjZmMWI5NDJlMTA2MGQ3ZWQwM2EwMDdiZDhkZDMxNmEzNWI2ZjY3ZjdlZTRjNDMyIiwidGFnIjoiIn0%3D
surl.li/	1970-01-20 13:26:58	Name: surli_application_session Value: eyJpdiI6Ik13OUJ3TEViUk9raDFvU0FtWHJDdXc9PSIsInZhbHVlIjoib01PMzUvWk5kemZNZUhoTVAyQktiWHRIb05jdHp4RHNFayt6OVllK0Jwa0NqQjZ0Wjl3byt4ZlFvRGxQN205NXNERER4eFE2bWRvY0MzdnhNZFdyVk1uQW5kMUUwbEkrYzhObDNaMWFqbkUzdUExYWRJT3Bramd2c29LbVJTWSsiLCJtYWMiOiJmZmFlZjg5ZmMwOTgxY2ZlZGI4NWNjNDdmZTk1NDE0ZDBlYjBlNTliYjBjYjE4ZWZlMzE0MmFiYzRkZmVhMjk3IiwidGFnIjoiIn0%3D
.surl.li/	1970-01-20 22:48:27	Name: __gads Value: ID=f8db1fb0f5d2fb3f-221ac129dde200b3:T=1690011757:RT=1690011757:S=ALNI_MbtoB5j-V63mPhilxQH0zW3OzTCaQ
.surl.li/	1970-01-20 22:48:27	Name: __gpi Value: UID=00000d00442682fb:T=1690011757:RT=1690011757:S=ALNI_MYf2Mwfi52Uts_AR9H0ixBukfbClQ
.surl.li/	1970-01-20 23:02:51	Name: _ga_BVLF49G8NB Value: GS1.2.1690011757.1.0.1690011757.0.0.0
.doubleclick.net/	1970-01-20 13:26:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:02:51	Name: IDE Value: AHWqTUlhW3Ut0gCVMhXk5RPHRv_PNTJ5SaPKWOg81_RatI2mAgMnB04FeW_5HHvPoVg
.adkernel.com/	1970-01-20 13:47:01	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 14:10:03	Name: ADKUID Value: A2225649162536973034
.ctnsnet.com/	1970-01-20 22:12:27	Name: cid_0d73fcd9a2244c5b87d9409201541612 Value: 1
.ctnsnet.com/	1970-01-20 22:12:27	Name: gid_CAESEO_Jyb-AT05XPfYeGLzyiOU Value: 1
.yahoo.com/	1970-01-20 22:12:49	Name: A3 Value: d=AQABBG-Iu2QCEDVUiymbFj7Z29uVLjp0rAgFEgEBAQHZvGTFZAAAAAAA_eMAAA&S=AQAAAqK5pjg55Qdno20DSzXZMpA
.mathtag.com/	1970-01-20 22:52:46	Name: uuid Value: 24c664bb-886f-4000-adc5-0b760650ef10
.mathtag.com/	1970-01-20 14:10:03	Name: mt_mop Value: 4:1690011759
.acuityplatform.com/	1970-01-20 22:12:27	Name: auid Value: 802809378215
.acuityplatform.com/	1970-01-20 22:12:27	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRF8RTxKMmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURfEU8SjI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQlZhVE5MVkZZM19CWUloVVcyd2VNVfv7hnZlcnNpb27C+w=="
.tribalfusion.com/	1970-01-20 15:36:27	Name: ANON_ID Value: aJntuJp26Ua8e4OCaQoUwAhuZdDaNQyETPZafKLp3v9nEZaWFkZa7FjaKFPnT9NLFZdAfJmmlUFCNYMYT1S3crPVYIJPY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://surl.li/iuiej Message: Mixed Content: The page at 'https://surl.li/iuiej' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://surl.li/iuiej(Line 254) Message: Mixed Content: The page at 'https://surl.li/iuiej' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
cm.g.doubleclick.net
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
rtb.adentifi.com
s.tribalfusion.com
stats.g.doubleclick.net
surl.li
sync.mathtag.com
tpc.googlesyndication.com
ums.acuityplatform.com
web-screen.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.81.226
174.137.133.49
216.200.232.249
2600:1f18:4e9:5a02:4cf:f74a:5da0:3484
2606:4700:20::681a:513
2606:4700:3035::ac43:c0ea
2606:4700::6812:19ad
2607:f8b0:4004:c08::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::2002
35.186.193.173
44.214.52.10
69.90.254.78
03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548
0481de0138eae311c7b7cf753767dd2ab35d66f3173aeab6d6ff6da68794f0a9
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10b7acf88752bd5c7faaab6a351f541a2f30bf10d99fd858f7f0fb4bbcdca901
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1bf45bea0a0b370f430f4d08fe52bdc9706a0cb20406773ac9513fafb06a5e81
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
47796528e4b97738cdde0412d5061c0d056396fd69cb5fe44c406394b428e4ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c8e62a177cc410209e651ae35eb303b9979c6e52a894885ff1aa5769a413ff3
5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed
5ffc1a835ffcc921ad8070b68e4a74c8a475624e372ba4eea241cc889d33d553
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e643f238190d83f0be0b0f2ec7daa9fba55614e399214a16c5ca0cd6c5155e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b0c2b4771e1148bd3b0e7426657c9721a08c7825c7b9f364f30bdcec38932e7
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95fb55ce331176b5d5b067d5cccf52e38f7286be18d84939bb7e07d70cec69f9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a35553350de7ac4e1c1c6c0af08f79649adab2bc3dae77117c1f1294af22cc65
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b1c7e25ab51a3807c9413160b33d230a1a9fc1c3b449b1ca921f8ec915f0db
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7
b66a33e7bb738a939f3888b9675e5626bd5a99dd04c4f11fd960fec977ce9d14
b869a332c4f1e469ce24fe317c84499f014c0b3067cd6c50436b6719b986afad
baa80b28d26330a650d785a45914fefa3d53d995309c67dbe1937220f2622183
c3951f75b9e5dadd9b9112aaf3d4e345ac89f913c8cb6e5eaad1927cb514837a
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe
d4b8fcebb61ea4d696e03b5cb3c8e8c9e61df67c8867a7842b79f97298f054e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebc772a3a846e36012c92516d057d2292c203bc8a4f01a5e268bdcb5dd05e311
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
f46ca2fea92c14164159bfa05bc4a40a98cc35e657b72ea69de04f926a583c5a

surl.li Open in urlscan Pro 2606:4700:20::681a:513 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

93 %HTTPS

73 %IPv6

18 Domains

24 Subdomains

18 IPs

1 Countries

1146 kBTransfer

2626 kBSize

20 Cookies

8 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

surl.li Open in urlscan Pro
2606:4700:20::681a:513 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

93 %
HTTPS

73 %
IPv6

18
Domains

24
Subdomains

18
IPs

1
Countries

1146 kB
Transfer

2626 kB
Size

20
Cookies

88 HTTP transactions
2 data transactions