bitly.ws Open in urlscan Pro
185.11.100.204 Public Scan

URL:
https://bitly.ws/
Submission: On May 24 via api (May 24th 2023, 12:53:59 pm UTC) from US — Scanned from US

Summary HTTP 167 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 32 domains to perform 167 HTTP transactions. The main IP is 185.11.100.204, located in Poland and belongs to CF-KRK, PL. The main domain is bitly.ws. The Cisco Umbrella rank of the primary domain is 230246.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.

This is the only time bitly.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	185.11.100.204 185.11.100.204	29522 (CF-KRK) (CF-KRK)
18	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
1	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
12	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
3 7	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
33	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:24f... 2600:9000:24f0:2000:a:83e6:9c80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 19	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 2	107.23.98.28 107.23.98.28	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.22.159.114 52.22.159.114	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.41.169.52 23.41.169.52	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.135.132.32 3.135.132.32	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2	34.192.101.54 34.192.101.54	14618 (AMAZON-AES) (AMAZON-AES)
4 4	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	3.226.123.206 3.226.123.206	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:f97f:9f53:d5cc:55ef	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
6	192.229.163.26 192.229.163.26	15133 (EDGECAST) (EDGECAST)
3	2600:9000:21e... 2600:9000:21ea:be00:0:a73e:a3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:808::2006	() ()
167	26

6 185.11.100.204 (Poland)

ASN29522 (CF-KRK, PL)
PTR: v5103.vps.ogicom.net

bitly.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:806::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:817::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:809::2004 (Flushing, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:823::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:24f0:2000:a:83e6:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

revjet.lendingtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.176.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.98.28 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-98-28.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.159.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-159-114.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.169.52 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-52.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.135.132.32 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com

sync-dmp.mobtrakk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.101.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-101-54.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.223 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.123.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-123-206.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:f97f:9f53:d5cc:55ef (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.163.26 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21ea:be00:0:a73e:a3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pix.lendingtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	588 KB
39	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	209 KB
25	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856	59 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	166 KB
7	lendingtree.com revjet.lendingtree.com — Cisco Umbrella Rank: 15334 pix.lendingtree.com — Cisco Umbrella Rank: 16273	34 KB
6	revjet.com cdn.revjet.com — Cisco Umbrella Rank: 6663	99 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	319 KB
6	bitly.ws bitly.ws — Cisco Umbrella Rank: 230246	22 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 533	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 742 s.tribalfusion.com — Cisco Umbrella Rank: 1808	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 961	1 KB
2	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1039	573 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 629	924 B
2	mobtrakk.com 2 redirects sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2434	796 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1255	918 B
2	fksnk.com 2 redirects fksnk.com — Cisco Umbrella Rank: 4356	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 306	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
1	2mdn.net s0.2mdn.net	38 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1160	718 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 12233	520 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 5004	290 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	712 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1321	644 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1812	173 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5642	429 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315	460 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 575	363 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	601 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2231	441 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
167	32

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	cm.g.doubleclick.net	1 redirects bitly.ws googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net bitly.ws
18	pagead2.googlesyndication.com	bitly.ws pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com bitly.ws
8	fonts.gstatic.com	fonts.googleapis.com
7	www.google.com	3 redirects bitly.ws googleads.g.doubleclick.net tpc.googlesyndication.com
6	cdn.revjet.com	srcdoc cdn.revjet.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	bitly.ws	bitly.ws
5	fonts.googleapis.com	bitly.ws googleads.g.doubleclick.net srcdoc
4	b1sync.zemanta.com	4 redirects
4	revjet.lendingtree.com	bitly.ws revjet.lendingtree.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	pix.lendingtree.com	srcdoc bitly.ws
2	rtb.mfadsrvr.com	2 redirects
2	rtb.adentifi.com	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	sync-dmp.mobtrakk.com	2 redirects
2	sync.teads.tv	1 redirects bitly.ws
2	fksnk.com	2 redirects
2	match.adsrvr.org	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	s0.2mdn.net	srcdoc
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	cc.adingo.jp	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.paypalobjects.com	bitly.ws
1	www.googletagmanager.com	bitly.ws
167	40

This site contains links to these domains. Also see Links.

Domain
xy2.eu
tinyurl.mobi

Subject Issuer	Validity	Valid
*.a24.domeny.pl R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.lendingtree.com Amazon RSA 2048 M01	`2023-02-27` - `2023-10-13`	8 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://bitly.ws/
Frame ID: B4C6CDA75771CA6D579A324B4AE7A3EF
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: C3F9D200AD960A30E164FD104BE273F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1684932802&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802486&bpp=44&bdt=747&idt=341&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4378560430050&frm=20&pv=2&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=445
Frame ID: 7BFB1D55706823A5179BE874C60BA97B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1684932802&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802534&bpp=5&bdt=795&idt=414&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BpwOvSfeg4&p=https%3A//bitly.ws&dtd=446
Frame ID: E52B183EEABF99CA1F3767282F2069CD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6F288642DC1A6989FEC3D7E1D77435ED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: CAC4F5ADC9803DF9A62281EE7E30316E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=655374624&pi=t.aa~a.1660614542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=20&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200&nras=2&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YFxuZRPjBx&p=https%3A//bitly.ws&dtd=235
Frame ID: F096EF71769F202C8BE6FE518CB25C2F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245
Frame ID: A2804ED37F4C11D189BB7A3F3E117CCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266
Frame ID: B5890E083753B90EA93F1C83959757D0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 93748B3CEDC37F46D42FD3E1AAB9012F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5129ED1183C16C2EFDD75D22870BE7E9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CrpSOxQhuZNXWKs-extYPv4GHmAqOrcCvcMrW1--jDuOOlITgEhABIKyQlQJgyYaAgNyjxBCgAYX32f4DyAEJqAMBqgTCAU_QiEcPJGALitUe_oVPywa1DR4_dNtlbqogHPEl7XXSHSVAQU35APOq_aB_DuX2Pkp088KMLFUjZOiLhTfERj8bgCek-C0VAc8kIwBKIf2cq7WDv7HGE16zlVjc_Nh1P2T1e6Ei-k9pii-zcQbPCywBV-7yD0oSyas51XoImogDLA9cnqfc7Z2bhE4YrCRlrD9YWeYxqHOjOeLc05UIJklOTifo8rUjQMlWM-_H_TzV5EkhBFhGQA42DddNJIB20MqAwASGyMi__gGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEIJP0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=cd0RN1HJEIs&uach_m=[UACH]&cid=CAQSPABygQiD09s57oguFSgOv2EwI0X3pfIE7zB0xOeFdBqQ0iWFpQC4bXVCz66n152HeyFDitFNgFPudpQeDxgB
Frame ID: E7FEAFF9B1A3333E20C6DCA4B1926227
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C518D59183088929AD89C875F7A53462
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 860A2D03ADF941515FDC38A775FB7C27
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D33A6BC7D595011FD4766EFAB86A9F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C60C9FB564662F10F2AAA0FABA865B21
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E2977A47464B27AEE99FF0BABAB6F6F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 350D8F5FAC227474C9B7CF788CC9508A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: D9D2E8CB23A34D8742195742E46F7751
Requests: 1 HTTP requests in this frame

Frame: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: 43D158A94173D7A7998F8A4A0043AACA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: 7B1006462CC6F73F296639C273D745AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: 3AB6B0030B3D3A6E59E8CFE8184C4F72
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: C5CA46429F068EF3C1A6184D123C610B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Frame ID: F235F0E895D4AB8957570E1E9D19F48B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.revjet.com/s3/csp/1675962884649/style.css
Frame ID: A0D0C7385DCED7734CAEB941877845F9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57907F1062C07BD1CAB5E67C74D14A82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E88B5C39EF3A22B39F38F1AD3EE56A9A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitly | URL Shortener

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

167
Requests

85 %
HTTPS

47 %
IPv6

32
Domains

40
Subdomains

26
IPs

3
Countries

1625 kB
Transfer

4124 kB
Size

35
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://xy2.eu/
Title: XY2

Search URL Search Domain Scan URL

URL: http://tinyurl.mobi/
Title: TinyURL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAmVksqkAK0H-aJmQPCIsz8&google_cver=1&google_push=ATf1kGPdxUNJbHQNGedckxKafLdy74LXHgiWmXOBGtVPksF7aisZikXFsdyE65SLTAj6FQNhTCdHMX9qbovjMlvsy1TKLvxTuIdePT4 HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAmVksqkAK0H-aJmQPCIsz8&google_cver=1&google_push=ATf1kGPdxUNJbHQNGedckxKafLdy74LXHgiWmXOBGtVPksF7aisZikXFsdyE65SLTAj6FQNhTCdHMX9qbovjMlvsy1TKLvxTuIdePT4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTUxNWVmOTctNjI2NS00OWNkLWFlYTItNDE1NTZjOGNhMjRi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9515ef97-6265-49cd-aea2-41556c8ca24b

Request Chain 102

https://fksnk.com/cs/google?google_gid=CAESEJ8DNp2L-NU5ctFfhjV1_jU&google_cver=1&google_push=ATf1kGO4QW9fK19nBCaLE2aQaQfXZ21HpXQ1pydy4R0MMCiO1SebOCyAElyp8kXW1GAy2A3XWc6LySulM5melMFOzcG6VsvgKE9CW4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjA3RDM5QzRFN0I2QzM3MA==

Request Chain 104

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED6TDRWibbmda21rMzr19Hg&google_cver=1&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nvz5Rqc-YG1WtNgrfefUegIG9Z-M_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxUEhPUVUtSi05SkdJ&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nvz5Rqc-YG1WtNgrfefUegIG9Z-M_g

Request Chain 105

https://cc.adingo.jp/adx/push/?google_gid=CAESEGt-Xp6y70iRyfo-g5kLmIU&google_cver=1&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg&google_hm=32e4c9f77a2e69a873e935ae05b1235c

Request Chain 106

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBjB94PAMK796XaeMh72WsE&google_cver=1&google_push=ATf1kGMK3NjHj_P7lFRK8Zdr2Dhu7mXvpAsTUrK8az7E7y4U7R5DalezGw0ItSvP9hqIe7H9zUnbk10AMT4dGm6ztAoUc9QXxn18z48 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=N2I5NTNkZjQtMmJjYi00ZTIyLTg2NTItYmM3ZjlmYThlZDEy&google_push=ATf1kGMK3NjHj_P7lFRK8Zdr2Dhu7mXvpAsTUrK8az7E7y4U7R5DalezGw0ItSvP9hqIe7H9zUnbk10AMT4dGm6ztAoUc9QXxn18z48 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 107

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFRPFyGZAa0-nJ6U_GWjNnw&google_cver=1&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxsPwzwJyI HTTP 302
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFRPFyGZAa0-nJ6U_GWjNnw&google_cver=1&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxsPwzwJyI&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTg5ODlhZGI1ZjY0ZDQxMw&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxsPwzwJyI

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://fksnk.com/cs/google?google_gid=CAESEJ8DNp2L-NU5ctFfhjV1_jU&google_cver=1&google_push=ATf1kGMablAlfEdrSkzYSU5DfoRqG2Ni5wWM5H5NxQ_Z_i3sp3UToDZeUSNd40jQff0oUZ7TMiA-O_4PkeTRJwDdfTRIqKDA6-6vocw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUYxMEE2MDg3REJFNDE0Qg==

Request Chain 115

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGNRklqGAaunbxytfQ3Bte0VKnEODhR5deOp4mT9vqSQncFVavuv3Ppf1dgdZ_XooH7bRWsfWUQ9POX6Ol1ePZlrQAkph_ASCzE&google_gid=CAESEFM-f0K1kXvnoygA52Alnsc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMmRuKMGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BVGYxa0dOUmtscUdBYXVuYnh5dGZRM0J0ZTBWS25FT0RoUjVkZU9wNG1UOXZxU1FuY0ZWYXZ1djNQcGYxZGdkWl9Yb29IN2JSV3NmV1VROVBPWDZPbDFlUFpsclFBa3BoX0FTQ3pF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdF9lM1dvVGwwT0xVUWpnSGNEd3pHMzJOUGxBZVYyM1NIblkxT0ZYTkdHSQ==&google_push

Request Chain 117

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_cver=1&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=

Request Chain 118

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJ4STkaMrTpSI159-8nVf-A&google_cver=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24hoR5uXRy08gtcrI6UncDWtewGCo HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJ4STkaMrTpSI159-8nVf-A&google_cver=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24hoR5uXRy08gtcrI6UncDWtewGCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=tFWPGnCxRVuB_y86Ze9L6g==&no_redirect=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24hoR5uXRy08gtcrI6UncDWtewGCo

Request Chain 119

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEK4t5yXMwv650XZ4TVCF7nA&google_cver=1&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2fgQ5md0YImoTCbV_D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=FukRuE4aQUeZyzgAQwkwZg&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2fgQ5md0YImoTCbV_D

Request Chain 121

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 123

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOAT3jSN21pcxkW3glrmnDs&google_cver=1&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr49-AfYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr49-AfYA&google_hm=eS1YMDRMeGpWRTJwRnpmNEJpR293Mk9aMVkwNUlzaXRCZX5B

Request Chain 124

https://s.uuidksinc.net/match/47/?remote_uid=CAESECwrGlVMsNrbu82WAKm8xwg&c_param1=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY

Request Chain 125

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_cver=1&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=

Request Chain 126

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMkJPzfwMuya0VLY6itpGYY&google_cver=1&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF977rUPrpYm3nBB2e45_hMyll501u5ha86zkRY9mAyGs-_UjE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF977rUPrpYm3nBB2e45_hMyll501u5ha86zkRY9mAyGs-_UjE&google_hm=QlMuOTcyYi03OWRkLTQzYjUtODc1MQ==

Request Chain 127

https://trace.mediago.io/cs/google?google_gid=CAESEGt6GWI79Nf8ZY064JhRHNE&google_cver=1&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE64vpUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE64vpUg&google_hm=e4a5ace29e91b451fd4774484e30d240

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

167 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bitly.ws/ 11 KB
4 KB 787ms
167ms Document
text/html 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache / PHP/5.5.38
Resource Hash: 935bad68ae41610dbf79e6714eff89644b7703848dfe34f755ea84964339da5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Wed, 24 May 2023 12:53:21 GMT
expires: Wed, 24 May 2023 12:53:21 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/5.5.38

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 414ms
136ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af173abbf32aa8468fe14dfcbb10f4374d9ffcf727470b6af4f5c638108c0945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47350
x-xss-protection: 0
server: cafe
etag: 5093182865762219857
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 306ms
118ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36872558-7

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76cc28b7cf329dcff7c94af30f45db535f6aafe3c12d938dde86c1c333782c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46611
x-xss-protection: 0
last-modified: Wed, 24 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 May 2023 12:53:22 GMT

GET
H2 200 style.css
bitly.ws/css/ 10 KB
2 KB 219ms
185ms Stylesheet
text/css 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/css/style.css
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: dc4178564e7595bff5e47ec8a66e13261e00eeda4f03b77d6301a0950d62c125

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:21 GMT
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 15:05:02 GMT
server: Apache
etag: "2791-5f3686c44334f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 2345
expires: Wed, 24 May 2023 12:53:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 298ms
114ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7dffe6596b4b4c43727d803c0324b1bc3d4ec8943169a9658d053a3204ff81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 12:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 12:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 12:53:22 GMT

GET
H2 200 adframe.js Show response
bitly.ws/js/ 16 B
211 B 217ms
183ms Script
application/javascript 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to

Full URL: https://bitly.ws/js/adframe.js
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:21 GMT
last-modified: Sat, 30 Dec 2017 21:02:30 GMT
server: Apache
etag: "10-5619511402320"
content-type: application/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 16
expires: Wed, 24 May 2023 12:53:21 GMT

GET
H2 200 paypal.jpg
bitly.ws/gfx/ 9 KB
9 KB 187ms
173ms Image
image/jpeg 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/paypal.jpg
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:21 GMT
last-modified: Tue, 02 Jan 2018 13:00:56 GMT
server: Apache
etag: "2204-561cab086d14b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8708
expires: Thu, 23 May 2024 12:53:21 GMT

GET
H2 200 paypal.png
bitly.ws/gfx/ 5 KB
6 KB 182ms
168ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/paypal.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: 675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:21 GMT
last-modified: Tue, 02 Jan 2018 13:00:54 GMT
server: Apache
etag: "158c-561cab06562ce"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5516
expires: Thu, 23 May 2024 12:53:21 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/pl_PL/i/scr/ 43 B
441 B 280ms
46ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mic/9B64) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 3ddeb05243326
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:41 GMT
server: ECAcc (mic/9B64)
traceparent: 00-00000000000000000003ddeb05243326-c0390848ad1539d2-01
etag: "5d5637c5-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 24 May 2023 13:53:22 GMT

GET
H2 200 bitly-chart.png
bitly.ws/gfx/ 210 B
400 B 193ms
179ms Image
image/png 185.11.100.204
CF-KRK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.ws/gfx/bitly-chart.png
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.11.100.204 , Poland, ASN29522 (CF-KRK, PL),
Reverse DNS: v5103.vps.ogicom.net
Software: Apache /
Resource Hash: c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:21 GMT
last-modified: Tue, 02 Jan 2018 13:00:56 GMT
server: Apache
etag: "d2-561cab088ec59"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 210
expires: Thu, 23 May 2024 12:53:21 GMT

GET
H2 200 wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v13/ 24 KB
25 KB 291ms
129ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courgette/v13/wEO_EBrAnc9BLjLQAUk1VvoK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 07:18:30 GMT
x-content-type-options: nosniff
age: 365692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:43:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 07:18:30 GMT

GET
H2 200 RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v21/ 8 KB
8 KB 244ms
82ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/acme/v21/RrQfboBx-C5_XxrBbg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:51:47 GMT
x-content-type-options: nosniff
age: 370895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8236
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 17:50:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:51:47 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 230ms
69ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitly.ws
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 18:05:39 GMT
x-content-type-options: nosniff
age: 413263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 18:05:39 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 354 KB
120 KB 140ms
139ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59e2ce1bae855ff87b47b491a51433ff1f5bc364c94faacec4130b1bbeb8579e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122539
x-xss-protection: 0
server: cafe
etag: 16730123877382339036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame C3F9 10 KB
5 KB 272ms
66ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 15:22:25 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 15:22:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 253ms
63ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36872558-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 May 2023 11:55:21 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3481
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 24 May 2023 13:55:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 846ms
89ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bitly.ws&callback=_gfp_s_&client=ca-pub-2614556310778759

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ea4322fb58d7b3876a0d666454708e92dbc79d9ab4eae0cc42786db58f0b183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 881ms
85ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bitly.ws

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BFB 279 KB
71 KB 1386ms
1381ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1684932802&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbitly.ws%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802486&bpp=44&bdt=747&idt=341&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4378560430050&frm=20&pv=2&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad06310b33aabe31b0a3ab4b8fcee3843506b1747c3ffa52d0b0917c9d1c3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72727
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:24 GMT
expires: Wed, 24 May 2023 12:53:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E52B 92 KB
34 KB 872ms
869ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1684932802&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802534&bpp=5&bdt=795&idt=414&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BpwOvSfeg4&p=https%3A//bitly.ws&dtd=446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a286df82d9c933c5ec925fd0587ffcc1b68e56a408f3a435a97501a645cccb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34570
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:23 GMT
expires: Wed, 24 May 2023 12:53:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 77ms
76ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1165598393&t=pageview&_s=1&dl=https%3A%2F%2Fbitly.ws%2F&ul=en-us&de=UTF-8&dt=Bitly%20%7C%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1423375204&gjid=667094465&cid=788386587.1684932803&tid=UA-36872558-7&_gid=455894744.1684932803&_r=1&gtm=457e35m0&jsscut=1&z=1822029208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bitly.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
342 B 303ms
45ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-36872558-7&cid=788386587.1684932803&jid=1423375204&gjid=667094465&_gid=455894744.1684932803&_u=YAhAAUAAAAAAACAAI~&z=761530426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 24 May 2023 12:53:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bitly.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 323ms
82ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-36872558-7&cid=788386587.1684932803&jid=1423375204&_u=YAhAAUAAAAAAACAAI~&z=1395620239

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11778604948800383788
tpc.googlesyndication.com/simgad/ Frame E52B 13 KB
14 KB 319ms
84ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1684932802&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802534&bpp=5&bdt=795&idt=414&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BpwOvSfeg4&p=https%3A//bitly.ws&dtd=446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:50:23 GMT
x-content-type-options: nosniff
age: 370981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13781
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:15:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 05:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame E52B 22 KB
9 KB 306ms
71ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E52B 3 KB
1 KB 276ms
80ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E52B 19 KB
8 KB 269ms
73ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E52B 171 KB
54 KB 288ms
92ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E52B 32 KB
13 KB 334ms
139ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E52B 0
0 171ms
135ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6hW9wwhuZMT3ApHExtYPq6K9wA-f0OnRb8H3r7fTELCQHxABIKyQlQJgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3gFP0FQMsQKK8LneQXF2ycFf9m8O0A0SzA8Olq4-557VNlL_7hoTH9czSn8BDUdqpIE9F9UV5AUv2piMREH0WITzO0n0g-ar_EsKfNn1Wkh3APtqwLe1U_kBKrb-7Qg4AvBPvM6faKuAWeeKlkRsPZy8SEDhKcs-kQ_7WEu-k3oFsNBKgqMyZ2AERIiKe5Pwt9XAvi3LOeu3oSKFnmU4xJuMcRZKiQDUIqM-HDPwSwDg2W93S6hMesC61iP1AKgotYKm8Z4thZ_40j6_avjMFNDEC8ZQW-psthz_YfHfRi7ABOH39-GBBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf3muyTA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELz_J9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI2MTQ1NTYzMTA3Nzg3NTkYAA&sigh=dPxjdPoAyWM&uach_m=[UACH]&cid=CAQSGwBygQiDDXxJTyq61xOjxKbOzRv-10_ivSAzOhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1684932802&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802534&bpp=5&bdt=795&idt=414&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BpwOvSfeg4&p=https%3A//bitly.ws&dtd=446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 12:53:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 May 2023 12:53:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F28 143 B
166 B 73ms
71ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1684932802&rafmt=11&format=1200x200&url=https%3A%2F%2Fbitly.ws%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932802534&bpp=5&bdt=795&idt=414&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BpwOvSfeg4&p=https%3A//bitly.ws&dtd=446
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:09:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E52B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44877256c33e2e817b533a5e8d65002971ce26d46bdd372f196c2c65a43b0433

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F28
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

204ms
163ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:25 GMT
expires: Wed, 24 May 2023 12:53:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 152 KB
51 KB 136ms
128ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

befd764f7e20c9c19314bdf97698380d9c02ea9e107c33d75d6650a8c6369608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52612
x-xss-protection: 0
server: cafe
etag: 17392373423682107587
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:24 GMT

GET
H2 200 ca-pub-2614556310778759 Show response
fundingchoicesmessages.google.com/i/ 132 KB
45 KB 312ms
131ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97a1a93deb00109ded32ef9dfb45ec78016323f7850b4a0d59d445efb45ca0c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TTSCHB7uDkbXJxPGGILYkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-TTSCHB7uDkbXJxPGGILYkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame CAC4 37 KB
14 KB 163ms
94ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 153ms
102ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bitly.ws

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F096 97 KB
35 KB 422ms
416ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=655374624&pi=t.aa~a.1660614542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=20&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200&nras=2&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YFxuZRPjBx&p=https%3A//bitly.ws&dtd=235

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

761d3e66dd85a4977a302673e2b2c885d5626287d7953ce0dc8b78c23cc90653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35531
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A280 51 KB
17 KB 489ms
487ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4b837da76db01227571d14a4af6ee09449d8c0ec19282e5ebbab619a8a6f224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17831
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B589 82 KB
33 KB 448ms
443ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e05487c49aff5d8e4a1128e173eec27987fdbe2e97f767066f1170bc6109c522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 9374 10 KB
4 KB 74ms
69ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 16:20:38 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 16:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 5129 10 KB
4 KB 74ms
62ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 16:20:38 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 16:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVdW5pUdx_0w6HZnXqT2_FJkpjOv1GbTiKwWg4gULz1LeTEvLJaf50-mtFpNv64iiuA_lu4FkqZIXr83bi1Qy0= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 144ms
142ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVdW5pUdx_0w6HZnXqT2_FJkpjOv1GbTiKwWg4gULz1LeTEvLJaf50-mtFpNv64iiuA_lu4FkqZIXr83bi1Qy0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0OTMyODA2LDE1MDAwMDAwXSwiNTYzOTIwQTYtMEQ3MC00MzlGLTk1QzMtMDNDNDM2MkNDNjk1IixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iaXRseS53cy8iLG51bGwsW1s4LCJCcVRnaDBSYVFoRSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BqTgh0RaQhE.es5.O/d=1/rs=AJlcJMwsjo9XmWXAcwvH0YDNIq1Ou31wyQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5c4d7188315dfcd8963e5da82001eab414f81d948428e4ca79e4e8894d9b08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YWe9biaEL5UK1aFh_XLa_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-YWe9biaEL5UK1aFh_XLa_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E52B 42 B
64 B 483ms
89ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSXkTzuJHXzDvMEzLwkkwzBMl1Aw5uA5GR2XMP7SbsdmNehnrBL9kwj1VHopbQxzfcoePzYSZDQBzLwbaq1HK6pKqHEp5b7Wq0mhBJFKxLbiDMnkMKz0PlRLejhXyBXAo8f-g&sai=AMfl-YSMCjvnLMV2pGknNOuzI7wcBkdaK7MzFzo0-1Ph-YpHxRjSZpuCt2LpOSa01CDiU7pJ1RSOvxGDGG1k&sig=Cg0ArKJSzD7gbw0m1Vm2EAE&cid=CAQSGwBygQiDDXxJTyq61xOjxKbOzRv-10_ivSAzOhgB&id=lidar2&mcvt=1322&p=0,212,200,988&mtos=1322,1322,1322,1322,1322&tos=1322,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=624732521&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684932802982&rpt=1663&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F096 6 KB
779 B 229ms
169ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=655374624&pi=t.aa~a.1660614542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=20&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200&nras=2&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YFxuZRPjBx&p=https%3A//bitly.ws&dtd=235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 12:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 11:13:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 12:53:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame F096 2 KB
818 B 276ms
217ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame F096 22 KB
9 KB 153ms
94ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame F096 3 KB
1 KB 279ms
275ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame F096 19 KB
8 KB 154ms
95ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F096 171 KB
53 KB 248ms
190ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:26 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame F096 32 KB
14 KB 173ms
0ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:19:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9374 4 KB
767 B 158ms
128ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 12:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 11:14:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 12:53:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9374 205 B
295 B 465ms
0ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:20:15 GMT
x-content-type-options: nosniff
age: 88391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 May 2024 12:20:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9374 604 B
919 B 464ms
0ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:34 GMT
x-content-type-options: nosniff
age: 52312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 May 2024 22:21:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame 9374 20 KB
8 KB 225ms
224ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:57:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:57:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5129 0
0 483ms
314ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPOl1wwhuZP9Q-s3G1g-16o_4CLGUzMRwx87_yLQR3fLX9NkiEAEgrJCVAmDJhoCA3KPEEKABvsaI7gLIAQKoAwHIA8kEqgS5AU_QbZdVZbpj_ZxnNVqky5pND5DACJ6yeifht0IidSes11rb_hTsVBw_h3GrBK7W7IsLFhOetpAK-xZ7ZcVqtivwic8WK_tsJKeTUPx0BQ15jZr8HkNOLVHXZ4u8C9TxXhxVBrivUqJphmNVx5XzX43JyRCvKk6vLusf9CTPHj5ibUZdiXyfki6TyQE3UU6ADaB-AJn9NWdtaPBdBnCpw_5p6XuP715gonbSLAARry-86Dr-26ZJJoSJwATKzbGptgSSBQQIBBgBkgUECAUYBKAGAoAHqrn3kQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDqmxvSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNjE0NTU2MzEwNzc4NzU5GAA&sigh=kV-ZbJrUXTQ&uach_m=[UACH]&cid=CAQSGwBygQiDiHrgNMz2FKNiwSUyJjtl_Eef77kzDRgB

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 12:53:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 5129 22 KB
9 KB 342ms
126ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H2 200 213754767616171061
tpc.googlesyndication.com/simgad/ Frame 5129 31 KB
31 KB 509ms
294ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/213754767616171061?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmEzcTkpYwGLgE6EkYbIxyOLlZ8yQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c56eab631390d7c86a950e8d07fb6c4b2b383a28c3cf67e4440abd64f464e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 11:25:28 GMT
x-content-type-options: nosniff
age: 5278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32110
x-xss-protection: 0
last-modified: Wed, 10 May 2023 23:57:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 May 2024 11:25:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 5129 3 KB
1 KB 501ms
286ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 5129 19 KB
8 KB 344ms
129ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5129 171 KB
53 KB 427ms
283ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:26 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 5129 32 KB
13 KB 466ms
292ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:30 GMT

GET
H2 200 9226423386323891113
tpc.googlesyndication.com/simgad/ Frame B589 7 KB
7 KB 487ms
385ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9226423386323891113?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm2lWwPxw5SgLuHOAbvovRpApMmUA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a2da14b4e4556da8475f287ca5b8870cf1fce9f67ae4a8f3b8570aaebec5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 07:56:22 GMT
x-content-type-options: nosniff
age: 536224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 11:27:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 07:56:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame B589 22 KB
9 KB 234ms
133ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B589 3 KB
1 KB 317ms
135ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B589 19 KB
8 KB 307ms
126ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B589 0
0 482ms
302ms Image
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZIGKgzWTLgQ9yX5edf3JgeFjL1CWcd09GXuFqkW9TgIF5irQYBEiuYAWt6hQdT2WqArv1sGpnKgj1oDYkDKDNhCLjQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B589 171 KB
53 KB 358ms
177ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B589 32 KB
13 KB 316ms
136ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F096 0
0 336ms
173ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSJGYxQhuZOi7Kt6cxtYP87S0gArQsdvXcJPiruqmEJCSyePCARABIKyQlQJgyYaAgNyjxBCgAbWb84cDyAEJqAMByAPLBKoEyAFP0GXgcv1-EQE0BnHQCY-e0-cTnPkhBLs1qMPXngdjzk9jeCRnOOIhzs__rnng3-jjU8PB8ReHQxbGAfRvrxSD9iEL3ufxU-ZzBTPvsL09d-bhvGyxhQ2L6bocwvRAxlwTtls3mCzieUR0m6NxkLoIbE3r-A-h1Dm6EFDjVkpUDSjKSwCAymqpc8bEdkBADGVBTBHmOi8lmrG2p1GMC5Oxj_TD9W8xCc_soIUDcL7lLnGWaRzk5IKHvnYJDe50YPF-09WFiAO_n8AE_9qH4ckDkgUECAQYAZIFBAgFGASgBi6AB7PkjHioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCV4wHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAbgT5APYEwyIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=d7ttbf1hBMU&uach_m=[UACH]&cid=CAQSPABygQiDfwEhcyjkHmlM4s0TTquwDnq3q2lsKBbWMJZTqSSERvo9w5dfBu4qUe4G54j5NctsBBWNAt1iHhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=655374624&pi=t.aa~a.1660614542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x280&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=20&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200&nras=2&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YFxuZRPjBx&p=https%3A//bitly.ws&dtd=235
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 12:53:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E7FE 0
0 255ms
158ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrpSOxQhuZNXWKs-extYPv4GHmAqOrcCvcMrW1--jDuOOlITgEhABIKyQlQJgyYaAgNyjxBCgAYX32f4DyAEJqAMBqgTCAU_QiEcPJGALitUe_oVPywa1DR4_dNtlbqogHPEl7XXSHSVAQU35APOq_aB_DuX2Pkp088KMLFUjZOiLhTfERj8bgCek-C0VAc8kIwBKIf2cq7WDv7HGE16zlVjc_Nh1P2T1e6Ei-k9pii-zcQbPCywBV-7yD0oSyas51XoImogDLA9cnqfc7Z2bhE4YrCRlrD9YWeYxqHOjOeLc05UIJklOTifo8rUjQMlWM-_H_TzV5EkhBFhGQA42DddNJIB20MqAwASGyMi__gGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEIJP0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjYxNDU1NjMxMDc3ODc1ORgA&sigh=cd0RN1HJEIs&uach_m=[UACH]&cid=CAQSPABygQiD09s57oguFSgOv2EwI0X3pfIE7zB0xOeFdBqQ0iWFpQC4bXVCz66n152HeyFDitFNgFPudpQeDxgB

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 12:53:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 bg Show response
revjet.lendingtree.com/ Frame E7FE 43 KB
18 KB 1179ms
102ms Script
application/javascript 2600:9000:24f0:2000:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/bg
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:2000:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:28 GMT
content-encoding: gzip
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
content-type: application/javascript
p3p: CP="CAO PSA OUR"
cache-control: max-age=10800
x-amz-cf-id: s9lhaq88x4DPdqkrAgO7homVXEthh4s0tcuhU2ZR8AnaUZfagdn70Q==
expires: Wed, 24 May 2023 15:53:28 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E7FE 34 KB
13 KB 224ms
172ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ad364a78fbc840fa882322cff042d7f14bc8534545fbc04183d73df28e4073d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13352
x-xss-protection: 0
server: cafe
etag: 10846595028414861837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:58:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E7FE 3 KB
1 KB 336ms
288ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E7FE 19 KB
8 KB 200ms
152ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7FE 0
0 367ms
319ms Image
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4qboG0cmoDOu1jrJjYAk_A3G0WJPZUkJFvsbY2rJ1ZwtxCnebMI5RnHDqpL4zwp2MUDy8QdZ4V0B-b24X3_Xe4fYNEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7FE 171 KB
53 KB 333ms
286ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame E7FE 22 KB
9 KB 290ms
250ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16160232686302901472/ Frame F096 24 KB
24 KB 337ms
297ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16160232686302901472/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463a113b5b509efe4183b42eff3b93fb51f196b0acd530f3d7eb90e440ec3119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:19:17 GMT
x-content-type-options: nosniff
age: 174850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24453
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 15:21:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 May 2024 12:19:17 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17928845159155408001/ Frame F096 2 KB
2 KB 425ms
385ms Image
image/jpeg 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17928845159155408001/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57d561c1ebbab6f87186097bc8757cd80ec88b063fca866c3cae199b2522f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 05:09:13 GMT
x-content-type-options: nosniff
age: 546254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1858
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 18:35:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 05:09:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B589 0
0 218ms
215ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBUyDxQhuZJ7_LcLDxtYPg8C7-Ar427ihcNbUtqmXEc_s7OmzEBABIKyQlQJgyYaAgNyjxBCgAbaq6P4DyAECqAMByAPJBKoEvgFP0IKJSwxqPamRIdOa9sjCCJ-7stog1N9tpsboxpeZUis72qg0eyWWbbfM4nEN2eK1vR5Z-M9FVqmWI1WuQ3EfhEk2ofZ9Jw_m_R3hKfnJmBOuGA30HOt8J-wdpc06JtONPFcR_maPIXhE_7L-Sy4GQb4s2OIt6fNyZ6fJChHIqiSkVnCgeZChuFZmT6j-WDCCX4SXPxx_fF-ECWX4PtRdnPWKzKJF0EZn2wY3WON7GdGqsAqzpKMAViHY_EcVwATDw-jU-wOSBQQIBBgBkgUECAUYBKAGAoAHstWXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOu8AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI2MTQ1NTYzMTA3Nzg3NTkYAA&sigh=CFKipabcYuk&uach_m=[UACH]&cid=CAQSPABygQiDO9lw1qt5IDIXSv1NZwfi_Q4pICfvvlC8OTrCPy1xDuDyFiV2Zu-d036NvhXecHDBCDbuAsli5RgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 12:53:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C518 143 B
166 B 265ms
77ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:09:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 860A 14 KB
1 KB 283ms
196ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 12:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 11:13:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 12:53:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 860A 2 KB
765 B 170ms
83ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 860A 22 KB
9 KB 178ms
91ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 860A 3 KB
1 KB 181ms
94ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 05:54:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 860A 19 KB
8 KB 182ms
95ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:55:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 860A 171 KB
53 KB 310ms
204ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 12:53:27 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 860A 32 KB
13 KB 208ms
67ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:19:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D33 1 KB
643 B 248ms
78ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 14:47:46 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 14:47:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5129 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d1564a008c8941bdc136f7ff9f78991209ac19ea9e1aea1ca5ff4c5b954b079

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C60C 1 KB
643 B 378ms
183ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 14:47:46 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 14:47:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6E29 1 KB
643 B 377ms
184ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 14:47:46 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 14:47:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E7FE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c95587e137d46d276865e67b13bca4b5a9032a07771a4970152f8e046a3b3a0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B589 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36e32ff961adb19986bd83122116b88fd502e574775c62dde2f7eeed2352dfc4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F096 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d61786b2e530e6420026e0bba8bec4bd8bdce55097b90f49cd3cb651543e4a01

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 167ms
89ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.297767051646695

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hdmnJUpMhxqZh5RJ08jWhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hdmnJUpMhxqZh5RJ08jWhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 165ms
87ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.8396770529888562

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-igLlc1amvn32AyaULczX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-igLlc1amvn32AyaULczX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F096 15 KB
15 KB 208ms
76ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:41:17 GMT
x-content-type-options: nosniff
age: 313931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 21:41:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F096 15 KB
16 KB 177ms
45ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:55:38 GMT
x-content-type-options: nosniff
age: 370670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:55:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F096 15 KB
15 KB 188ms
56ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:55:40 GMT
x-content-type-options: nosniff
age: 370668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 05:55:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 350D 143 B
166 B 143ms
63ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:09:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D33
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAmVksqkAK0H-aJmQPCIsz8&google_cver=1&google_push=ATf1kGPdxUNJbHQNGedckxKafLdy74LXHgiWmXOBGtVPksF7aisZikXFsdyE65SLTAj6FQNhTCdHMX9qbovjMlvsy1...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAmVksqkAK0H-aJmQPCIsz8&google_cver=1&google_push=ATf1kGPdxUNJbHQNGedckxKafLdy74LXHgiWmXOBGtVPksF7aisZikXFsdyE65SLTAj6FQNhTCdHMX9qbovjMlvsy1...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTUxNWVmOTctNjI2NS00OWNkLWFlYTItNDE1NTZjOGNhMjRi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9515ef97-6265-49cd-aea2-41556c8ca24b

170 B
188 B

182ms
128ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTUxNWVmOTctNjI2NS00OWNkLWFlYTItNDE1NTZjOGNhMjRi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9515ef97-6265-49cd-aea2-41556c8ca24b

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTUxNWVmOTctNjI2NS00OWNkLWFlYTItNDE1NTZjOGNhMjRi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=9515ef97-6265-49cd-aea2-41556c8ca24b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D33
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEJ8DNp2L-NU5ctFfhjV1_jU&google_cver=1&google_push=ATf1kGO4QW9fK19nBCaLE2aQaQfXZ21HpXQ1pydy4R0MMCiO1SebOCyAElyp8kXW1GAy2A3XWc6LySulM5melMFOzcG6VsvgKE9CW4w
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjA3RDM5QzRFN0I2QzM3MA==

170 B
232 B

318ms
39ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjA3RDM5QzRFN0I2QzM3MA==

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjA3RDM5QzRFN0I2QzM3MA==
date: Wed, 24 May 2023 12:53:29 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1D33 43 B
363 B 1446ms
0ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMVQ4g__QRl2PDyC9bUIz-4&google_cver=1&google_push=ATf1kGOgXj5EaEg0R0yKnod6s0RObHMdM-rkq4NDhyM3yjdlL0LQsAx8Awubq8mM7YS0CI-aItJcpioolgCvXwlAfI5qyTc6qWd-uQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:29 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 393736
expires: Wed, 24 May 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D33
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED6TDRWibbmda21rMzr19Hg&google_cver=1&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxUEhPUVUtSi05SkdJ&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nvz5Rqc-YG1WtNgrfefUegIG9Z-M_g

170 B
232 B

323ms
47ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxUEhPUVUtSi05SkdJ&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nvz5Rqc-YG1WtNgrfefUegIG9Z-M_g

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxUEhPUVUtSi05SkdJ&google_push=ATf1kGPhmw9HzdBxHDVL4amk7MjoRXm_Nm6VRP5f0KrsImx1PFAtBuipi0bqYZ0qEgQkDEds0nvz5Rqc-YG1WtNgrfefUegIG9Z-M_g
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D33
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEGt-Xp6y70iRyfo-g5kLmIU&google_cver=1&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg&google_hm=32e4c9f77a2e69a87...

170 B
232 B

314ms
35ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg&google_hm=32e4c9f77a2e69a873e935ae05b1235c

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMLEyWbwNQzBy00URch_StNr3RNiavRA01NKYZzpMeLGmbQsv9zIY5_SDIu2ziRGCrZsbLdvGzqqS8KCjfLUOOdqveRIErDIg&google_hm=32e4c9f77a2e69a873e935ae05b1235c
date: Wed, 24 May 2023 12:53:29 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2

200

report
sync.teads.tv/um/ Frame 1D33
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBjB94PAMK796XaeMh72WsE&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=N2I5NTNkZjQtMmJjYi00ZTIyLTg2NTItYmM3ZjlmYThlZDEy&google_push=ATf1kGMK3NjHj_P7lFRK8Zdr2Dhu7mXvpAsTUrK8az7E7y4U7R5DalezGw0ItSvP9hqIe...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

205ms
42ms

Image
image/gif

23.41.169.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Server: 23.41.169.52 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-169-52.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 24 May 2023 12:53:31 GMT
pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D33
Redirect Chain

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFRPFyGZAa0-nJ6U_GWjNnw&google_cver=1&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT...
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFRPFyGZAa0-nJ6U_GWjNnw&google_cver=1&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT...
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTg5ODlhZGI1ZjY0ZDQxMw&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxs...

170 B
188 B

182ms
127ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTg5ODlhZGI1ZjY0ZDQxMw&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxsPwzwJyI

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 May 2023 12:53:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTg5ODlhZGI1ZjY0ZDQxMw&google_push=ATf1kGO8gNKKk9fcr906gATHNAKqBxJiR120t9zOYqTUvBfHPpjsDNLpQ42sCB7_dlrNcy7U0p-jwmv5r2SGAeVLT4WD1jxsPwzwJyI
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D33 0
130 B 1474ms
0ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZugalbZoI49MbN1yrGFQZAO76gauXbKbk2tKZS1Kx0AJEyLHEK80ROELpdcZJ_9eCiHXQKz8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C518
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

405ms
266ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:29 GMT
expires: Wed, 24 May 2023 12:53:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame D9D2 37 KB
14 KB 110ms
109ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H2 200 rectangle.js Show response
revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/ Frame E7FE 20 KB
8 KB 112ms
86ms Script
application/javascript 2600:9000:24f0:2000:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:2000:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9118e92516f052137b5a9272ec2d12455ba1544e06052f39222dfd0b2dbb54b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:28 GMT
content-encoding: gzip
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 10:42:04 GMT
server: nginx
x-amz-cf-pop: JFK50-P3
etag: W/"64635dfc-5018"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-id: cx4hzz5mJjWtqETi1E4FCw7eMo6x3VCZ2q_CJNA2vdpgL2dkudmGsQ==
expires: Wed, 24 May 2023 15:53:28 GMT

GET
H2 200 sync.html Show response
revjet.lendingtree.com/~cdn/JS/03/ Frame 43D1 2 KB
1 KB 556ms
56ms Document
text/html 2600:9000:24f0:2000:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:2000:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=10800
content-encoding: gzip
content-type: text/html
date: Wed, 24 May 2023 12:53:29 GMT
etag: W/"63e39eee-744"
expires: Wed, 24 May 2023 15:53:29 GMT
last-modified: Wed, 08 Feb 2023 13:09:02 GMT
server: nginx
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
x-amz-cf-id: xv4w1G4ZVulRwf6vTPJgzyixo9m8iQz1T_mOjb-20YZMV_NX2B-7Kw==
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C60C 0
173 B 1219ms
0ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMoO42-990mUwk3MSKxlbH4&google_cver=1&google_push=ATf1kGNH8bS93Tg-h7LQhyElFAWVgtlfgVfjE-MjCX4XyFcIrxC9EVGQF7kGCB9FfTWjx606hRuMZBxCnx608ERakv9RWACdA_U8Z94
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C60C
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEJ8DNp2L-NU5ctFfhjV1_jU&google_cver=1&google_push=ATf1kGMablAlfEdrSkzYSU5DfoRqG2Ni5wWM5H5NxQ_Z_i3sp3UToDZeUSNd40jQff0oUZ7TMiA-O_4PkeTRJwDdfTRIqKDA6-6vocw
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUYxMEE2MDg3REJFNDE0Qg==

170 B
243 B

313ms
34ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUYxMEE2MDg3REJFNDE0Qg==

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUYxMEE2MDg3REJFNDE0Qg==
date: Wed, 24 May 2023 12:53:29 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C60C
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGNRklqGAaunbxytfQ3Bte0VKnEODhR5deOp4mT9vqSQncFVavuv3Ppf1dgdZ_XooH7bRWsfWUQ9POX6Ol1ePZlrQAkph_ASCzE&google_gid=CAESEFM-f0K1kXvnoygA52Alnsc&...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMmRuKMGEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BVGYxa0dOUmtscUdBYXVuYnh5dGZRM0J0ZTBWS25FT0RoUjVkZU9wNG1UOXZxU1FuY0ZWYXZ1djNQcGYxZGdkWl9Yb29IN2JSV3NmV1VROVBPWDZPbD...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdF9lM1dvVGwwT0xVUWpnSGNEd3pHMzJOUGxBZVYyM1NIblkxT0ZYTkdHSQ==&google_push

170 B
188 B

187ms
130ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdF9lM1dvVGwwT0xVUWpnSGNEd3pHMzJOUGxBZVYyM1NIblkxT0ZYTkdHSQ==&google_push

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 May 2023 12:53:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdF9lM1dvVGwwT0xVUWpnSGNEd3pHMzJOUGxBZVYyM1NIblkxT0ZYTkdHSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame C60C 0
287 B 1202ms
0ms Image
text/plain 34.192.101.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEHbzpjR9rwLzs7XHLaJGmkI&google_cver=1&google_push=ATf1kGNk3WabEZVnyFY2jD3PqnAezINT0t2yYRi9--egrF-5u2h63YcdrzDdRcp4_egxlss29M9nto1PcAPI-W6AsRagwvWH0fqEwWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-101-54.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C60C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_cver=1&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVh...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVh...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg&google_hm=ME8xZU5PVjBjM2l2b1...

170 B
188 B

190ms
128ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 May 2023 12:53:30 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGN6uKG5evIgGMhVYV-RDvXA73OoqkXo5tWaNmK4y2n419swBGL4YArjsJmevPuc06Wl6uUe9Q22lbOVhLB6O-6V8Ox3SCKtWg&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C60C
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJ4STkaMrTpSI159-8nVf-A&google_cver=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJ4STkaMrTpSI159-8nVf-A&google_cver=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=tFWPGnCxRVuB_y86Ze9L6g==&no_redirect=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-...

170 B
188 B

172ms
124ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=tFWPGnCxRVuB_y86Ze9L6g==&no_redirect=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24hoR5uXRy08gtcrI6UncDWtewGCo

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=tFWPGnCxRVuB_y86Ze9L6g==&no_redirect=1&google_push=ATf1kGM3T64jIV65hP96wQezmNGjZFnmeTBqNz-dnD0N9opvLzh7s-Vo0dzoz9x43fCgU7TkqF24hoR5uXRy08gtcrI6UncDWtewGCo
date: Wed, 24 May 2023 12:53:30 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C60C
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEK4t5yXMwv650XZ4TVCF7nA&google_cver=1&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=FukRuE4aQUeZyzgAQwkwZg&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2fgQ5md0YIm...

170 B
232 B

320ms
44ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=FukRuE4aQUeZyzgAQwkwZg&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2fgQ5md0YImoTCbV_D

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=FukRuE4aQUeZyzgAQwkwZg&google_push=ATf1kGNV8ffZaUnI6K6dZuk7blkFDDI_hEmt1gC_yPMQsdt_oK9LIuI7a2m2J8vgwcWtyzE3RHPx6leC9yUcfx2fgQ5md0YImoTCbV_D
Date: Wed, 24 May 2023 12:53:29 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C60C 0
49 B 1207ms
0ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfBOyXXX6zxBi6W4_qf7MqQf9_6BP56YsKDlDIctQ905mjbjcxgsCYYSZFUPnSiC-F4AqQtAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6E29
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVye...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bV...

43 B
443 B

427ms
92ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7cc5ae948934da3f-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1107
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKBr64EkNWVU99w9x66ars&google_cver=1&google_push=ATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM5sVSuFBQGX6vaWrkh2nCMeyc3PQvk2NqyiF24MxOLQzsibBrs6idFfMdk4s-L1W0rh-eyjTjv51sosqSYvLhAwPct5bVyeA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7cc5ae8dad42da3f-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 6E29 0
286 B 967ms
0ms Image
text/plain 34.192.101.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEHbzpjR9rwLzs7XHLaJGmkI&google_cver=1&google_push=ATf1kGNQzQnGhv-YApbK8YROItFFlQ2sChtOztfl73POJf8hUjGUf343D0cxV9eA5ubKyWag_GXFm6tccynqAZ5CpLlCGEILY-Gr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-101-54.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E29
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOAT3jSN21pcxkW3glrmnDs&google_cver=1&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr49-AfYA&google_hm=eS1YMDRMeGpWRTJwRnpm...

170 B
232 B

321ms
46ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr49-AfYA&google_hm=eS1YMDRMeGpWRTJwRnpmNEJpR293Mk9aMVkwNUlzaXRCZX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 May 2023 12:53:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNs1dYlZFx-ws_uoGvBqepV68o-K6nD45f1U0DIQ_qDb7cFC5-rW0mbaYWn4VRnmvGpPZxizt1bZY92_vzoKbS8cnr49-AfYA&google_hm=eS1YMDRMeGpWRTJwRnpmNEJpR293Mk9aMVkwNUlzaXRCZX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E29
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESECwrGlVMsNrbu82WAKm8xwg&c_param1=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY

170 B
232 B

318ms
43ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMOIgUg6IugWj7xduVXN9g-aCPLPer0FRfY0Yy5qLG0VmNhL1rvAgDtPCgJQkWU2sY_bNizmCF4pgZ00ZdKsxhrdgS3swUY
date: Wed, 24 May 2023 12:53:29 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E29
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_cver=1&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8dvRCxq3RKC06wwUQlaMA&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w&google_hm=ME8xZU5PVjBjM2l2b1...

170 B
188 B

176ms
139ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 May 2023 12:53:30 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGNykZv5gb3fwp-Xux5OhQqXX_5UlqPDEsvZs3Gt7cudioU4GnuCIpTNfSuzMcGo9s2ACdf-fWQuDIVv6OSBhPAoe5lrPhY-7w&google_hm=ME8xZU5PVjBjM2l2b1pEa1VxRGY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E29
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMkJPzfwMuya0VLY6itpGYY&google_cver=1&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF97...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF977rUPrpYm3nBB2e45_hMyll501u5ha86zkRY9mAyGs-_UjE&google_hm=QlMuOTcyYi03OWR...

170 B
232 B

324ms
45ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF977rUPrpYm3nBB2e45_hMyll501u5ha86zkRY9mAyGs-_UjE&google_hm=QlMuOTcyYi03OWRkLTQzYjUtODc1MQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPMBS3ZtjWn4DwgIM69b9766aK5zGQ5g8qTKi3S4xwoNXErhiF977rUPrpYm3nBB2e45_hMyll501u5ha86zkRY9mAyGs-_UjE&google_hm=QlMuOTcyYi03OWRkLTQzYjUtODc1MQ==
Date: Wed, 24 May 2023 12:53:29 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E29
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEGt6GWI79Nf8ZY064JhRHNE&google_cver=1&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE64vpUg&google_hm=e4a5ace29e9...

170 B
232 B

372ms
94ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE64vpUg&google_hm=e4a5ace29e91b451fd4774484e30d240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOxmcXjN4Aq6cUr49HVov9VeUD0GFZWy62Hr3wGwbJytqJJW8Py2KOSbjb-d9oLBKdfs_sEatkZERq0ogV9kHi7dRlUE64vpUg&google_hm=e4a5ace29e91b451fd4774484e30d240
date: Wed, 24 May 2023 12:53:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6E29 0
40 B 975ms
0ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLpRvcmLgMJYy6Fwr8cPpphfKnYs8GLYYfZTeLaIb2emMMjS3HCsHVG8_d7JDG41fMSdhoNWc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=3531856095&pi=t.aa~a.1660614542~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=18&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=R8j3TGlPXL&p=https%3A//bitly.ws&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 447ms
271ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rwh8pEPoMcnNXc_pOqjcng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rwh8pEPoMcnNXc_pOqjcng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B10 37 KB
14 KB 111ms
85ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=90&adk=2820297975&adf=1075658550&pi=t.aa~a.1660610109~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1684932805&rafmt=1&to=qs&pwprc=2480099511&format=1200x90&url=https%3A%2F%2Fbitly.ws%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684932805391&bpp=8&bdt=3653&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcad26e6a4242f792-22c64b72aee0001b%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA&gpic=UID%3D00000c32023b0771%3AT%3D1684932803%3ART%3D1684932803%3AS%3DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x90&nras=4&correlator=4378560430050&frm=20&pv=1&ga_vid=788386587.1684932803&ga_sid=1684932803&ga_hid=1165598393&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1960&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44772268%2C44788442%2C44792646&oid=2&psts=ABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX&pvsid=3344858132705297&tmod=985292510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qZmua1S8ol&p=https%3A//bitly.ws&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AB6 37 KB
14 KB 127ms
101ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5129 42 B
64 B 294ms
268ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3Q1gupwWThD0V9JN7pjn2Ks14xQ_6etCF_qbQm08lt4KeLF7iRaNcCltZ37fUxlff6FiDt_XqKiiuTqjdxR7w2XI0sF5eayPLflY82UrUQx_1JTXXS37o5p1e5FyIWo1aZdE&sai=AMfl-YSVhQ3JKehW_ZBaA8Ae4PX4WDMvAoRnJePkwsyKiU2wY3RoYfoeKxmBZjKqfnlzT2VF1pzQCd0VvB8y&sig=Cg0ArKJSzJ8IccIN0DIWEAE&cid=CAQSGwBygQiDiHrgNMz2FKNiwSUyJjtl_Eef77kzDRgB&id=lidar2&mcvt=1205&p=0,0,124,1005&mtos=1205,1205,1205,1205,1205&tos=1205,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684932805945&rpt=1884&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 350D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

643ms
124ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:30 GMT
expires: Wed, 24 May 2023 12:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame C5CA 37 KB
14 KB 280ms
279ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: bitly.ws
URL: https://bitly.ws/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H2 200 tag168867 Show response
revjet.lendingtree.com/ Frame E7FE 18 KB
5 KB 470ms
80ms Script
text/javascript 2600:9000:24f0:2000:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/tag168867?_plc_id=59151464&_key=6ea&ct_url=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCY7b1xQhuZNXWKs-extYPv4GHmAqOrcCvcMrW1--jDuOOlITgEhABIKyQlQJgyYaAgNyjxBCgAYX32f4DyAEJqAMBqgTFAU_QiEcPJGALitUe_oVPywa1DR4_dNtlbqogHPEl7XXSHSVAQU35APOq_aB_DuX2Pkp088KMLFUjZOiLhTfERj8bgCek-C0VAc8kIwBKIf2cq7WDv7HGE16zlVjc_Nh1P2T1e6Ei-k9pii-zcQbPCywBV-7yD0oSyas51XoImogDLA9cnqfc7Z2bhE4YrCRlrD9YWeYxqHOjOeLc09cKB9vHu56NNgx90j5ykDDX3zZR7Wc5tNypZK3jmfxhPAumca9Ea72hwASGyMi__gGgBhGAB6CHrSKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAG4DAHYEwvQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSPABygQiD09s57oguFSgOv2EwI0X3pfIE7zB0xOeFdBqQ0iWFpQC4bXVCz66n152HeyFDitFNgFPudpQeDxgB%2526sig%253DAOD64_32KZO3n30oMmeNlGQOSgM6Je0dew%2526client%253Dca-pub-2614556310778759%2526adurl%253D&li=%7BLoan_Interest_Type%7D&gdn_ad_group_id=68315915270&cachebuster=1161985511&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-2614556310778759%26output%3Dhtml%26h%3D90%26adk%3D2820297975%26adf%3D3531856095%26pi%3Dt.aa~a.1660614542~rp.2%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1684932805%26rafmt%3D1%26to%3Dqs%26pwprc%3D2480099511%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbitly.ws%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1684932805391%26bpp%3D18%26bdt%3D3653%26idt%3D-M%26shv%3Dr20230518%26mjsv%3Dm202305170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dcad26e6a4242f792-22c64b72aee0001b%253AT%253D1684932803%253ART%253D1684932803%253AS%253DALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA%26gpic%3DUID%253D00000c32023b0771%253AT%253D1684932803%253ART%253D1684932803%253AS%253DALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg%26prev_fmts%3D0x0%252C1200x200%252C1200x280%26nras%3D3%26correlator%3D4378560430050%26frm%3D20%26pv%3D1%26ga_vid%3D788386587.1684932803%26ga_sid%3D1684932803%26ga_hid%3D1165598393%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1543%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44772268%252C44788442%252C44792646%26oid%3D2%26psts%3DABHeCvi8Qz8tW-4E3kEmrXI6GC7mgQssEsy0H5b607syILi9iCDbloFnq7X-A0FHEnAHo1T80hYBYdTy6J8Onn0k5DLVxYmX%26pvsid%3D3344858132705297%26tmod%3D985292510%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DR8j3TGlPXL%26p%3Dhttps%253A%2F%2Fbitly.ws%26dtd%3D245&_js_site_ref=https%3A%2F%2Fbitly.ws%2F&_js_device_w=1600&_js_device_h=1200&_js_tag_freq=1&_js_gdpr=false&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_autoscale=false&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbitly.ws&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1684932810491
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:2000:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9099b6b8c46654fc957dc11aaee90ee3995929fde5c00b2f1919a5fc59ae5c2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:30 GMT
content-encoding: gzip
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip47569
x-amz-cf-id: 4NSaSxPcjRleEQqdOmXBD79a_5Gt1sd0s_1Hkltn65E6j5KZZZHj_Q==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 ad Show response
fundingchoicesmessages.google.com/f/AGSKWxXKrazLCDmnnZZDQfBeskuHguCP57XonzO4f6fd0kBbRi4HC8NMF5ZL7v_xMbMdPB-MGYpaRZ6uMjxs2Lg-9CjsPSrMAwj37xifJHR23Fmw-58n0UXDa86fwgFgkqTGkHZiB2G4_s9QRtwpN0u_fcqVsivoM... 54 B
109 B 280ms
183ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXKrazLCDmnnZZDQfBeskuHguCP57XonzO4f6fd0kBbRi4HC8NMF5ZL7v_xMbMdPB-MGYpaRZ6uMjxs2Lg-9CjsPSrMAwj37xifJHR23Fmw-58n0UXDa86fwgFgkqTGkHZiB2G4_s9QRtwpN0u_fcqVsivoMGITUyWp3mmBduYXV2M4BglardsjvyKh/__adskin./adsbycurse./radioAdEmbed./adframe./ad?channel=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BqTgh0RaQhE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwsjo9XmWXAcwvH0YDNIq1Ou31wyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e22d23e2fd1d9d61da38348ee9831528cd025a21b491ae36de9ae9d2230cf87d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ab3mGebILmQGY68PfBj4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-9ab3mGebILmQGY68PfBj4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 45 KB
15 KB 199ms
102ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BqTgh0RaQhE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwsjo9XmWXAcwvH0YDNIq1Ou31wyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40c432b37c1925460b64dbb46c73f52208196005ea4908ea750a10536e755c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15505
x-xss-protection: 0
server: cafe
etag: 6181297263784981116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:29:02 GMT

POST
H3 204 AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 183ms
135ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aZuqLOLZ-XAZwAcJ4FYW3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aZuqLOLZ-XAZwAcJ4FYW3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.9.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame F235 155 KB
47 KB 678ms
29ms Script
application/javascript 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B34) /
Resource Hash: aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 06:10:30 GMT
server: ECS (mic/9B34)
age: 289
etag: "6385a256-26a1f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 47507
expires: Wed, 24 May 2023 13:03:31 GMT

GET
H2 200 999
pix.lendingtree.com/interaction/ Frame F235 43 B
326 B 741ms
74ms Image
image/gif 2600:9000:21ea:be00:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/999?__ads=fb0faa7ed11f427af3799fade0a94d94&__adt=8756688118116062640&__ade=1&vid=5030107368706431122&_js_gdpr=false
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:be00:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:31 GMT
via: 1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: -HmT5eEbeGzsX5uq5kmFMKanYV-nGzKVAgZWZ8i4jpNcySkMlmDnPQ==
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 168ms
118ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lkmx0oTSCjlU3gUhe89RMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lkmx0oTSCjlU3gUhe89RMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 219ms
171ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h8HTc6guzaonxT7JIH7aTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h8HTc6guzaonxT7JIH7aTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 235ms
182ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmIQTkxkF9CuSxMDGc3-Q-9xHV76L0FACmDyqptpiV5d8SMSC8Q8z2tSzlVKCdIbtGw4qvUqjux2I3Gj7-PqeB0x5WoQyqIwcrddPPqNvhyJW0g5Y56MA-KQw108uzQIc8PGzOdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dG-DkV7Q9dn95t3-mgis3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-dG-DkV7Q9dn95t3-mgis3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW7nE6TEinvgh0EtoPn_1-PQ1nXxLpU0Sv7q1V63Nn2U5kw77eZLgJsGVapwJYOGYe525YoZKakJBSESo5N9PkiOpeZ8TnU-ca9BYZfixhvxc6lfCaxujyvlhBbE8N9BfMBOAAKDg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 244ms
173ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7nE6TEinvgh0EtoPn_1-PQ1nXxLpU0Sv7q1V63Nn2U5kw77eZLgJsGVapwJYOGYe525YoZKakJBSESo5N9PkiOpeZ8TnU-ca9BYZfixhvxc6lfCaxujyvlhBbE8N9BfMBOAAKDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0OTMyODExLDQ1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiQnFUZ2gwUmFRaEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0caca06005bc577ded8bd85598934efb268dc1e4c19b0fb918c2bfa88c689aac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XjERVVEWwncDvJcPeoiSug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XjERVVEWwncDvJcPeoiSug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwmj2pSFNLHqUN2WqUJ_lrCxAxAsOlB7t8kUR5DrS_2zHfqRafZqoWzEhgjxjtbCFi3w6rjIuuJwg0or6cpm0= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 109ms
103ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwmj2pSFNLHqUN2WqUJ_lrCxAxAsOlB7t8kUR5DrS_2zHfqRafZqoWzEhgjxjtbCFi3w6rjIuuJwg0or6cpm0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NW5S2unvGAhEUBmoRhK2ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NW5S2unvGAhEUBmoRhK2ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bitly.ws
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXW51BM775ZifGy-rpNUq4XwP2K5dFiEC2sAbd1aRHD-hFpNsnfdSx10nB63puB7kgF88wqB0fFNgb5DEhXEMtGzklwhxQjNFqZtlrOocmuKDzetrL-KB1EyIdAvbS5aEL7XF6Iig== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 186ms
174ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXW51BM775ZifGy-rpNUq4XwP2K5dFiEC2sAbd1aRHD-hFpNsnfdSx10nB63puB7kgF88wqB0fFNgb5DEhXEMtGzklwhxQjNFqZtlrOocmuKDzetrL-KB1EyIdAvbS5aEL7XF6Iig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0OTMyODExLDc0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYml0bHkud3MvIixudWxsLFtbOCwiQnFUZ2gwUmFRaEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a8038e436b2ec9baac0bde9fc63772cb418d4a471c14ffbe255171caa89ef0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UbNEFyU0sk1flYiRSROB6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-UbNEFyU0sk1flYiRSROB6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.revjet.com/s3/csp/1675962884649/ Frame F235 2 KB
1 KB 243ms
0ms XHR
text/html 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1675962884649/index.html
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9ACF) /
Resource Hash: b5c3ef6146aeb6a38c14a6bb5762ea31d2d1b606fdca9d262915d5773aa6ce06

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-encoding: gzip
x-amz-version-id: Frs3Dn3TeIidzwY5L91UXmseorAdb2Uh
age: 3206
x-amz-request-id: 311SFPEVDJF9FMTC
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 674
x-amz-id-2: stly6MBLgnZwmjNIp/g9uhmZRLfPN7Cq1s0KXEk3Hbwu5f0OGsPrRFIzFDyxwSKhrts0lEYkgXs=
last-modified: Thu, 09 Feb 2023 17:14:47 GMT
server: ECS (mic/9ACF)
etag: "a0bae7f429a526e0a94e3af464dabc61+gzip"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 24 May 2023 13:53:32 GMT

GET
H3 200 AGSKWxXbQ9J7n461FzCCfwwW7bG_0WGt-9oVV5wFDlVVM9yBd1uGAr_E404zTxfeqjMlvii8dRz7aZXM9ztDXrvzBMLnv5oZ9h_y5rfMOZbxl5m5PoQAaxLazofJDKcDjYYxCBH-WgZqaQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 259ms
158ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXbQ9J7n461FzCCfwwW7bG_0WGt-9oVV5wFDlVVM9yBd1uGAr_E404zTxfeqjMlvii8dRz7aZXM9ztDXrvzBMLnv5oZ9h_y5rfMOZbxl5m5PoQAaxLazofJDKcDjYYxCBH-WgZqaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0OTMyODEyLDk4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2JpdGx5LndzLyIsbnVsbCxbWzgsIkJxVGdoMFJhUWhFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8470dfa865502121c6f876d0a38ade35fc85f2d3906b8b084649cfddbdad3db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IQo5zobzGu7aYMhi0SWSBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-IQo5zobzGu7aYMhi0SWSBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1004
pix.lendingtree.com/interaction/ Frame F235 43 B
324 B 274ms
55ms Image
image/gif 2600:9000:21ea:be00:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/1004?__ads=fb0faa7ed11f427af3799fade0a94d94&__adt=8756688118116062640&__ade=1&vid=5030107368706431122&_js_gdpr=false
Requested by: Host: bitly.ws
URL: https://bitly.ws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:be00:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:32 GMT
via: 1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: H8klTg5obXAkcNACIkegEvPbasDHzfge4Bb1VNyp2ZT3-vFE5PeOqA==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 style.css
cdn.revjet.com/s3/csp/1675962884649/ Frame A0D0 5 KB
2 KB 332ms
13ms Stylesheet
text/css 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1675962884649/style.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9A9C) /
Resource Hash: 7f59c935d5fa9475a22a065d274a7ef842a4769dcf16e83fb1e370f9a3a5052e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-encoding: gzip
x-amz-version-id: qkJTWUwRTZ1hX_rPEdeJHzbkJKqxEZVI
age: 3207
x-amz-request-id: VSESQD86W3FNF7JV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1422
x-amz-id-2: tbKFrAy3Tte/XhyGGgeXlc6HqXAaKzqBXU7aczOE8P2BZ2HkWu2rtb+cGWFSg+E3IAGCtn7CfNE=
last-modified: Thu, 09 Feb 2023 17:14:47 GMT
server: ECS (mic/9A9C)
etag: "3b54d1467a1faf007ac0268fd87def63+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 24 May 2023 13:53:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A0D0 1 KB
408 B 251ms
124ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 12:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 11:12:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 12:53:32 GMT

GET
H2 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A0D0 113 KB
38 KB 2395ms
85ms Script
text/javascript 2607:f8b0:4006:808::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 12:53:34 GMT

GET
H2 200 code.js Show response
cdn.revjet.com/s3/csp/1675962884649/ Frame A0D0 5 KB
2 KB 332ms
14ms Script
application/javascript 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1675962884649/code.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B22) /
Resource Hash: c2f308ae4673145cc1db49f08590025ba36e1751b9289b7c4c5e843144102bde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-encoding: gzip
x-amz-version-id: c6ONErH96PBHUeZgn8uovqu18Y487hdq
age: 3207
x-amz-request-id: VSES4ZX7850575AV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1458
x-amz-id-2: j7rioNAMDjjwxk2s6FUV6lqATuh5V4zBgdIGdsfW4QFbcLtMS1yV7d9/gYW6dNAVV8ClEaHMIW8=
last-modified: Thu, 09 Feb 2023 17:14:47 GMT
server: ECS (mic/9B22)
etag: "15cf5aaff516dd16643dc73dcb2104a3+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 24 May 2023 13:53:32 GMT

POST
H3 204 AGSKWxVoxh8wOjZaeazcgBZ-JAS2oAG7oXOJW7Xw6GEzAo7t4MStabkaDX_cSeQ6HJywYQtlpxpkDyiBO2GwEX1KOeLnFfoOfLunFNEPl7M3T30Y9vLfCLtM5tw8ABNpMR3lFcTqr-m_uw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 190ms
129ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoxh8wOjZaeazcgBZ-JAS2oAG7oXOJW7Xw6GEzAo7t4MStabkaDX_cSeQ6HJywYQtlpxpkDyiBO2GwEX1KOeLnFfoOfLunFNEPl7M3T30Y9vLfCLtM5tw8ABNpMR3lFcTqr-m_uw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Tml4N0IIVAV4AYS02i9fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-3Tml4N0IIVAV4AYS02i9fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwmj2pSFNLHqUN2WqUJ_lrCxAxAsOlB7t8kUR5DrS_2zHfqRafZqoWzEhgjxjtbCFi3w6rjIuuJwg0or6cpm0= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 185ms
125ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwmj2pSFNLHqUN2WqUJ_lrCxAxAsOlB7t8kUR5DrS_2zHfqRafZqoWzEhgjxjtbCFi3w6rjIuuJwg0or6cpm0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4INdmY9hXGGIr1tUPu9yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_4INdmY9hXGGIr1tUPu9yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bitly.ws
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.gif
cdn.revjet.com/s3/csp/1675962884649/ Frame A0D0 46 KB
47 KB 145ms
26ms Image
image/gif 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1675962884649/logo.gif
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1675962884649/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B5D) /
Resource Hash: bca1e1fa0d811a0e38214198f000c066281cb1f76302276060dbd34851586f54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1675962884649/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
x-amz-version-id: pnWEMApR6QXqaGTtuRwZNJH_p3x03QXB
age: 3206
x-amz-request-id: 311X332AJ3YD2V15
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 47465
x-amz-id-2: GttXzCRFGf/+O1NYVoM74PKPkh/85rWa2ayzCIjiD3vznpk+5kYonRQsUMuu61Fej1tQdBKQZKE=
last-modified: Thu, 09 Feb 2023 17:14:47 GMT
server: ECS (mic/9B5D)
etag: "f24092bd6863c78bdaf10dc226568e12"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Wed, 24 May 2023 13:53:32 GMT

GET
H2 200 shine.png
cdn.revjet.com/s3/csp/1675962884649/ Frame A0D0 1 KB
1 KB 200ms
82ms Image
image/png 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1675962884649/shine.png
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1675962884649/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B13) /
Resource Hash: 3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1675962884649/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:32 GMT
x-amz-version-id: Mwf2YCCDXT2MW4gd8Tkfhsc1ESnhkFIG
age: 3206
x-amz-request-id: 311V48YERJ403BD0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1127
x-amz-id-2: B17p4my82SW4cArZsMECSDZJ6Bs9N6Z3SAPx2beephvY+fq/hwl9Dcf6qPvXzm3S442ZShVFVTg=
last-modified: Thu, 09 Feb 2023 17:14:47 GMT
server: ECS (mic/9B13)
etag: "0d595d65dcbf04768416a23c3dd4d0c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Wed, 24 May 2023 13:53:32 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame A0D0 23 KB
23 KB 254ms
154ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:29:16 GMT
x-content-type-options: nosniff
age: 69856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 17:29:16 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame A0D0 23 KB
23 KB 255ms
155ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:37:18 GMT
x-content-type-options: nosniff
age: 65774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 18:37:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 97ms
94ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b38370d847da83f862a75e3bb88a6ce734ced9474b9f068f8351ffe20af744e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11194
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 102ms
91ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 May 2023 12:53:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5790 13 KB
5 KB 99ms
66ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 15529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:34:46 GMT
expires: Thu, 23 May 2024 08:34:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E88B 783 B
534 B 128ms
94ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e0595c51ae7ba2d9f039300af7ba826b8982f0d38457df4bdfb7317dd1b4e47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lrVi7-sWJbCJ8IVkbHjETw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bitly.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-lrVi7-sWJbCJ8IVkbHjETw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 12:53:35 GMT
expires: Wed, 24 May 2023 12:53:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E88B 0
0 94ms
94ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=3344858132705297&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5790 37 KB
14 KB 89ms
89ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:43:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5790 0
10 B 69ms
68ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xcCToQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 12:53:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
84ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=3344858132705297&bg=!xsWlxZHNAAZ8_aWmXP07ADkAdvg8WoRnHjKiU1_xV6IycV56zeopk3YXji_cQflSYSCn5g9t4ed-jeX79nrvGa4VWq2-YuecRrkCAAABb1IAAAAGaAEHCgBe1T-PVh9SonO8aC-J7r0X8W5LI-seI1PqVjEZ4kV2BxmIrMEnh7RMV6cb852_Q5x5bMFOaQu8YIP3518hp4WpMHn6GvfU4umMPLT8sU9bLRX2pbrHDWIsfjPhqE7pyJkCofYyOVTTGZwem-V-jyIuUxi9gKSFs32P1zbJBe-DI4ySAQ2eR4VDevlChalIraP-BSlGV9EgrAgXTa_XnDkNL3gWIfPAHL9sbIKn_Ztt4ZubeUOvN3OnE2kDLs7cmOPKobwpTZ8OEaNdXfj9wS0HXHbtP6D_5Q4Gp-XyPDH8vAH1Uj_zKiV_utPe0FJNmhnwrlFId2AZau2zFXRhmgD3twCk3gLMPiBIKLrJqJuJUbDQpMIQF3vm1rfHasF3rTvf-qOHASnloPUgyfYLYsGpdHenzzNnUYKDua7-FDtfBXfKPVGe9P4nXw1ANUFvyJltD0s9P_Rq9YlGPJLJrtjR5hGPX8irkwJzVdzsOgBt6D-7tB0nAsDx8sNdL0AXJGUkD76CNtXxyyJq33VgFBRVd_REsyyc2msJVM18uJt3lkh8eBIsguNzbW8HkdorO8pxnUJnRpOkFOYEA-5XA7C57eseGXQV7mYjeAn4i6rq7mfxjlydR6cVXudAYejFLZiFFRACenDPJlMzIcjl2lXtG4VAgYCoRWCsyIZ_XgqOQrQ5K5UmDrA7JjdNemE3c_H09-JfEQ3UxvASMdjRsN1SPCEMAP7gE9jcrP2DH7vfL73cjczYGovFEh0uePEL9t4vIkIZjJ8i2K2U6WVTswavfaGyFqhvFvg8_zu7IUx1xMqSkEbZr0HFOywR4dTBJ_wRtJnnhbI3CfUS1ypQLJX3XiaK696WnIrp3MVgqRAUKkss2Rdw9NQB74qbTzIrTnDQuHIl8FkYVzA5hOVqDJgTJIJtUwTjqQxNOrr8SmxmxdP95jLJCWLNY5Tz9fvpobJ8zlO-RBwaLc6tik6T1FYwgvIwInAfWbgKoukqj_O6uHPFzzjP3mhPdRcgA4hLhV2ubf8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bitly.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 905
pix.lendingtree.com/interaction/ Frame F235 43 B
326 B 69ms
69ms Image
image/gif 2600:9000:21ea:be00:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/905?__ads=fb0faa7ed11f427af3799fade0a94d94&vid=5030107368706431122&__adt=8756688118116062640&__ade=1&latent=0&_js_gdpr=false&__stamp=1684932824890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:be00:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 12:53:44 GMT
via: 1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: XkKHwK6mAOn5wjEyGlGlijIjPnjQnh3LXEaIDLxC3WvGW1kI_ix7Bw==
expires: Sat, 01 Jan 2000 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitly.ws/	1970-01-20 21:38:12	Name: _ga Value: GA1.2.788386587.1684932803
.bitly.ws/	1970-01-20 12:03:39	Name: _gid Value: GA1.2.455894744.1684932803
.bitly.ws/	1970-01-20 12:02:12	Name: _gat_gtag_UA_36872558_7 Value: 1
.bitly.ws/	1970-01-20 21:23:48	Name: __gads Value: ID=cad26e6a4242f792-22c64b72aee0001b:T=1684932803:RT=1684932803:S=ALNI_MbuVnHqwqilHv_zN6kVpguW9yPhuA
.bitly.ws/	1970-01-20 21:23:48	Name: __gpi Value: UID=00000c32023b0771:T=1684932803:RT=1684932803:S=ALNI_MYm3pYB1gybp6HoHNjnJ0ua1R2hMg
.doubleclick.net/	1970-01-20 21:38:12	Name: IDE Value: AHWqTUkqP4T5nx7PviIqbj5_B5z9QLFOB7E0l_QQqPhQoxqJzZa6DkEZitCb1gWgMJQ
.doubleclick.net/	1970-01-20 12:02:13	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:02:16	Name: DSID Value: NO_DATA
.teads.tv/	1970-01-20 20:46:22	Name: tt_viewer Value: 7b953df4-2bcb-4e22-8652-bc7f9fa8ed12
.adingo.jp/	1970-01-20 12:45:24	Name: ID Value: 32e4c9f77a2e69a873e935ae05b1235c
.fksnk.com/	1970-01-20 12:03:39	Name: g_001 Value: 1
fksnk.com/	1970-01-20 12:12:17	Name: AWSALBCORS Value: SRc2I965HNCeen8rE6MjsC35z4Q0BAIsk/34UcMWbnk693CKaI2KZ64LpCRlITSVsSMxRMdKhKULVhKFjUUQ0KNKNP5x5tUuldMKzvR6WMgnFILUUhhcgqu2sVm0
.fksnk.com/	1970-01-20 14:11:48	Name: f_001 Value: 1F10A6087DBE414B
.adsrvr.org/	1970-01-20 20:49:15	Name: TDID Value: 9515ef97-6265-49cd-aea2-41556c8ca24b
.mediago.io/	1970-01-20 20:47:48	Name: __mguid_ Value: e4a5ace29e91b451fd4774484e30d240
beacon.lynx.cognitivlabs.com/	1970-01-20 20:49:15	Name: UID Value: b811e916-1a4e-4741-99cb-380043093066
beacon.lynx.cognitivlabs.com/	1970-01-20 20:49:15	Name: ss Value: LEuvjr5jv5EiYe4xIBdsZt17AlYH6TGlpGEBxDfdY5cTS9rKQ8%2FFr%2Fk19ypQwRe9VMOJ7bTfGAAiryX%2B75UOYA%3D%3D
.zemanta.com/	1970-01-20 20:47:48	Name: zuid Value: 0O1eNOV0c3ivoZDkUqDf
.yahoo.com/	1970-01-20 20:48:10	Name: A3 Value: d=AQABBMkIbmQCEO5ferMD7kRsvezfu4UgOmQFEgEBAQFab2R3ZAAAAAAA_eMAAA&S=AQAAAur0OuHT0b6-U6pEBBn9suk
.adentifi.com/	1970-01-20 21:38:12	Name: adtheorent[cuid] Value: cuid_fb88c720-fa31-11ed-bc84-125e5676ad8d
.mfadsrvr.com/	1970-01-20 21:38:12	Name: tuuid Value: b4558f1a-70b1-455b-81ff-2f3a65ef4bea
.mfadsrvr.com/	1970-01-20 21:38:12	Name: c Value: 1684932809
.blismedia.com/	1970-01-20 20:47:52	Name: b Value: 646E08C93B11FFA65AA1B85CBLIS
sync-dmp.mobtrakk.com/	1969-12-31 23:59:59	Name: chk Value: 1
.uuidksinc.net/	1970-01-20 20:47:48	Name: jcsuuid Value: BwOnKUE4axZh9pw9y2Ni
.adsrvr.org/	1970-01-20 20:49:15	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIlPmliv2X7jsQBRgFIAEoAjILCObVmK2TmO47EAU4AQ..
.mfadsrvr.com/	1970-01-20 21:38:12	Name: tuuid_lu Value: 1684932810
.mfadsrvr.com/	1970-01-20 21:38:12	Name: ssh Value: !google,1684932810
.rlcdn.com/	1970-01-20 20:47:48	Name: rlas3 Value: OgXbpXSmWLovvco0AlfA2PsTHFj4124wR3i96yO2anw=
.rlcdn.com/	1970-01-20 13:28:36	Name: pxrc Value: CMqRuKMGEgUI6AcQABIGCOndKhAA
sync-dmp.mobtrakk.com/	1970-01-20 21:38:12	Name: pid Value: NTg5ODlhZGI1ZjY0ZDQxMw
.lendingtree.com/	1970-01-20 21:38:12	Name: trx Value: 5030107368706431122
.lendingtree.com/	1970-01-20 12:03:39	Name: ads Value: fb0faa7ed11f427af3799fade0a94d94
.tribalfusion.com/	1970-01-20 14:11:48	Name: ANON_ID Value: aFntuJrZcAQ9BqEr73ydyBUoamZcyoMgFSX4RGmVTTLV1uiERAITPjvpc7eO9johfxWt2chZdGsPRVdg43cDo0cXQZbI
.bitly.ws/	1970-01-20 20:47:48	Name: FCNEC Value: %5B%5B%22AKsRol-KF5aalBlYn8gwr2aJyfqqzFrd_CPOjeyot2l01FnwVVjpXLwrfziGmN1IG5QbIECsQCfA4SJvagkJZDLDZQVb58luM11ZLtwCaCohn2-4cie_iBEYPBR7vWgdbsClHm1Zqz13hwmqFF6CgXvqGO5XEJAUMg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bitly.ws/ Message: Mixed Content: The page at 'https://bitly.ws/' was loaded over HTTPS, but requested an insecure element 'http://bitly.ws/gfx/paypal.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bitly.ws/ Message: Mixed Content: The page at 'https://bitly.ws/' was loaded over HTTPS, but requested an insecure element 'http://bitly.ws/gfx/paypal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bitly.ws/(Line 199) Message: Mixed Content: The page at 'https://bitly.ws/' was loaded over HTTPS, but requested an insecure element 'http://bitly.ws/gfx/paypal.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bitly.ws/(Line 199) Message: Mixed Content: The page at 'https://bitly.ws/' was loaded over HTTPS, but requested an insecure element 'http://bitly.ws/gfx/paypal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bitly.ws/(Line 203) Message: Mixed Content: The page at 'https://bitly.ws/' was loaded over HTTPS, but requested an insecure element 'http://bitly.ws/gfx/paypal.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bitly.ws
cc.adingo.jp
cdn.revjet.com
cm.g.doubleclick.net
dis.criteo.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id.rlcdn.com
im.bluevoox.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pix.lendingtree.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
revjet.lendingtree.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
107.23.98.28
142.250.176.194
185.11.100.204
185.196.197.130
192.229.163.26
192.229.210.155
23.41.169.52
2600:1f18:4e9:5a02:f97f:9f53:d5cc:55ef
2600:9000:21ea:be00:0:a73e:a3c0:93a1
2600:9000:24f0:2000:a:83e6:9c80:93a1
2606:4700::6812:18ad
2607:f8b0:4004:c17::9a
2607:f8b0:4006:806::200a
2607:f8b0:4006:808::2006
2607:f8b0:4006:809::2004
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
3.135.132.32
3.226.123.206
3.33.220.150
34.192.101.54
34.96.105.8
35.190.60.146
35.207.24.140
35.208.249.213
52.22.159.114
52.45.175.185
69.173.151.100
70.42.32.223
74.119.119.150
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caca06005bc577ded8bd85598934efb268dc1e4c19b0fb918c2bfa88c689aac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
1ad364a78fbc840fa882322cff042d7f14bc8534545fbc04183d73df28e4073d
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c
2c56eab631390d7c86a950e8d07fb6c4b2b383a28c3cf67e4440abd64f464e84
2c95587e137d46d276865e67b13bca4b5a9032a07771a4970152f8e046a3b3a0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46
36e32ff961adb19986bd83122116b88fd502e574775c62dde2f7eeed2352dfc4
405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400
44877256c33e2e817b533a5e8d65002971ce26d46bdd372f196c2c65a43b0433
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
463a113b5b509efe4183b42eff3b93fb51f196b0acd530f3d7eb90e440ec3119
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53bfa352de0db025ef6f5387b20605717cf3d3dec788d3e0110ac7d8a0269131
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e2ce1bae855ff87b47b491a51433ff1f5bc364c94faacec4130b1bbeb8579e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea
6a8038e436b2ec9baac0bde9fc63772cb418d4a471c14ffbe255171caa89ef0b
6d1564a008c8941bdc136f7ff9f78991209ac19ea9e1aea1ca5ff4c5b954b079
6e0595c51ae7ba2d9f039300af7ba826b8982f0d38457df4bdfb7317dd1b4e47
6ea4322fb58d7b3876a0d666454708e92dbc79d9ab4eae0cc42786db58f0b183
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
761d3e66dd85a4977a302673e2b2c885d5626287d7953ce0dc8b78c23cc90653
76cc28b7cf329dcff7c94af30f45db535f6aafe3c12d938dde86c1c333782c4d
7f59c935d5fa9475a22a065d274a7ef842a4769dcf16e83fb1e370f9a3a5052e
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
8ad06310b33aabe31b0a3ab4b8fcee3843506b1747c3ffa52d0b0917c9d1c3fc
8b38370d847da83f862a75e3bb88a6ce734ced9474b9f068f8351ffe20af744e
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
9099b6b8c46654fc957dc11aaee90ee3995929fde5c00b2f1919a5fc59ae5c2f
9118e92516f052137b5a9272ec2d12455ba1544e06052f39222dfd0b2dbb54b6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
935bad68ae41610dbf79e6714eff89644b7703848dfe34f755ea84964339da5e
94a2da14b4e4556da8475f287ca5b8870cf1fce9f67ae4a8f3b8570aaebec5fc
97a1a93deb00109ded32ef9dfb45ec78016323f7850b4a0d59d445efb45ca0c1
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a286df82d9c933c5ec925fd0587ffcc1b68e56a408f3a435a97501a645cccb2e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3
aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b
af173abbf32aa8468fe14dfcbb10f4374d9ffcf727470b6af4f5c638108c0945
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b5c3ef6146aeb6a38c14a6bb5762ea31d2d1b606fdca9d262915d5773aa6ce06
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
bca1e1fa0d811a0e38214198f000c066281cb1f76302276060dbd34851586f54
befd764f7e20c9c19314bdf97698380d9c02ea9e107c33d75d6650a8c6369608
bf5c4d7188315dfcd8963e5da82001eab414f81d948428e4ca79e4e8894d9b08
c28530634cdfc14bb5c068fc74a7071f9e27fc97f9aa03a1258f5b33f9c8ab6d
c2f308ae4673145cc1db49f08590025ba36e1751b9289b7c4c5e843144102bde
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c57d561c1ebbab6f87186097bc8757cd80ec88b063fca866c3cae199b2522f37
c7dffe6596b4b4c43727d803c0324b1bc3d4ec8943169a9658d053a3204ff81a
c9a68fdc68f03fab3c19360bf0487e6a67b27d7e388cba996474a54e4246e397
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
d40c432b37c1925460b64dbb46c73f52208196005ea4908ea750a10536e755c1
d4b837da76db01227571d14a4af6ee09449d8c0ec19282e5ebbab619a8a6f224
d61786b2e530e6420026e0bba8bec4bd8bdce55097b90f49cd3cb651543e4a01
dc4178564e7595bff5e47ec8a66e13261e00eeda4f03b77d6301a0950d62c125
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05487c49aff5d8e4a1128e173eec27987fdbe2e97f767066f1170bc6109c522
e22d23e2fd1d9d61da38348ee9831528cd025a21b491ae36de9ae9d2230cf87d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8470dfa865502121c6f876d0a38ade35fc85f2d3906b8b084649cfddbdad3db
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

bitly.ws Open in urlscan Pro 185.11.100.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

85 %HTTPS

47 %IPv6

32 Domains

40 Subdomains

26 IPs

3 Countries

1625 kBTransfer

4124 kBSize

35 Cookies

2 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bitly.ws Open in urlscan Pro
185.11.100.204 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

85 %
HTTPS

47 %
IPv6

32
Domains

40
Subdomains

26
IPs

3
Countries

1625 kB
Transfer

4124 kB
Size

35
Cookies

167 HTTP transactions
3 data transactions