alvenaper1977.blogspot.fr/
142.250.74.65302 Moved Temporarily 182 B URL HTTP/1.1 alvenaper1977.blogspot.fr/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7a1275a01fd1463afa8c7d23c961b466
0c97c9e902d3d82fea3b4c2722b029e51ed6f243
28ab9fed59923b0029f4bb00dc6df4f4098961302ef56ddc93d22f2eee8d7ac4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: alvenaper1977.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://alvenaper1977.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 09 Jan 2023 05:39:26 GMT
Expires: Mon, 09 Jan 2023 05:39:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7862
Expires: Mon, 09 Jan 2023 07:50:29 GMT
Date: Mon, 09 Jan 2023 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8509
Expires: Mon, 09 Jan 2023 08:01:16 GMT
Date: Mon, 09 Jan 2023 05:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9126
Expires: Mon, 09 Jan 2023 08:11:33 GMT
Date: Mon, 09 Jan 2023 05:39:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 04:48:21 GMT
content-type: application/json
age: 3066
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VtbKRPSiGEm9F+CSkN/ADdvwwZNFiSvql5Bcg/gxgov8V/UHlJkJBLyV9obBE0/vAuvpMveXpF8=
x-amz-request-id: 1ZET8ZS7QGNHT71M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 05:16:04 GMT
age: 1403
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 05:39:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
alvenaper1977.blogspot.com/
142.250.74.65301 Moved Permanently 182 B URL HTTP/1.1 alvenaper1977.blogspot.com/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 37c71eec3f474c643c36166081ae905a
4412717c6268cb8f7e228fda7a9f3a7c1f8f9070
361252b496b397a23b2e96a6e5ada2cd8edb1437075757368f7f970166c5d1d5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: alvenaper1977.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://alvenaper1977.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 09 Jan 2023 05:39:27 GMT
Expires: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d30bb3817130265080e196a7256d42ca
e4ac9fc5713c48fc171535024b0bf324d6111d3a
9015c6479aa414ff4875d2ba16c57518c17fc66d9f6506290d2f9c418c6309f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 05:33:44 GMT
age: 343
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
alvenaper1977.blogspot.com/
142.250.74.65200 OK 3.4 kB URL HTTP/2 alvenaper1977.blogspot.com/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5235)
Hash c1df1236928f6168dc92898f6f5b5cd9
02bf5d3fac7111658b53ca4f0af2868b788d8bf3
f5e807c50dad80d92ae8a5f7be2a89e7224d70d2502bcbd60c0a316600d54a99
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: alvenaper1977.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 09 Jan 2023 05:39:27 GMT
date: Mon, 09 Jan 2023 05:39:27 GMT
cache-control: private, max-age=0
last-modified: Wed, 04 Nov 2020 08:59:22 GMT
etag: W/"6fd142fd9cbac1117bdd7dc0b7473bc4e3dd16a924cb4e267465643666e88370"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d30bb3817130265080e196a7256d42ca
e4ac9fc5713c48fc171535024b0bf324d6111d3a
9015c6479aa414ff4875d2ba16c57518c17fc66d9f6506290d2f9c418c6309f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 47de959d130acd009043c621e6cb2a5c
f60d946b904bfc744f48c0a23bd7ed927b61c81e
2fb7524b1bcb77d997ee9a3cb821744a046b4b4e034a2daf617b6be3b5bd26d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 80c774ec8ec97a053b5800c72e4c4f7c
dae5670b100595815fe3f8056c70cb573c4134cb
9bf995e6d1febf80edcb6652d2a6acce3bb705c724667160817a4b7bd52517e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 80c774ec8ec97a053b5800c72e4c4f7c
dae5670b100595815fe3f8056c70cb573c4134cb
9bf995e6d1febf80edcb6652d2a6acce3bb705c724667160817a4b7bd52517e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2120
Cache-Control: max-age=100963
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 09:42:10 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1429)
Hash 1cc36f699291ba29dab9ec0f885b281b
d536f8bda7d333c21eae8e3d816d690402adb90c
6b20ce0ec6b6c57b33e8118f8d5d3c501ede61b8589ebab71d411b81d0fae994
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alvenaper1977.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Mon, 09 Jan 2023 05:39:27 GMT
expires: Mon, 09 Jan 2023 05:39:27 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3675762886-widgets.js
142.250.74.73200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3675762886-widgets.js
IP 142.250.74.73:0
File type ASCII text, with very long lines (2221)
Hash 05af587c82e2eb4eb2caa22ffae2168b
b5cf524b74f41124ccad34edff003b33f58a0662
6e23f93233f37dbe5f9ad92a416df7627e553b7ffa4b92e81e3b7e5880eb125a
GET /static/v1/widgets/3675762886-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alvenaper1977.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56471
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 16:14:34 GMT
expires: Sat, 06 Jan 2024 16:14:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Jan 2023 15:54:00 GMT
content-type: text/javascript
age: 221093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.73200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.73:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alvenaper1977.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 08:10:46 GMT
expires: Fri, 05 Jan 2024 08:10:46 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 01:52:49 GMT
content-type: text/css
age: 336521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 80c774ec8ec97a053b5800c72e4c4f7c
dae5670b100595815fe3f8056c70cb573c4134cb
9bf995e6d1febf80edcb6652d2a6acce3bb705c724667160817a4b7bd52517e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=3534698731957196293&zx=d953c411-f39f-439f-b978-0a4f9bf3ad2d
142.250.74.73200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3534698731957196293&zx=d953c411-f39f-439f-b978-0a4f9bf3ad2d
IP 142.250.74.73:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3534698731957196293&zx=d953c411-f39f-439f-b978-0a4f9bf3ad2d HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alvenaper1977.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 05:39:27 GMT
last-modified: Mon, 09 Jan 2023 05:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c6168f3aa5dcf2ffd76235df1c0c7ab1
dfd5d3ab975c031992fe8a017653fddd946a1d66
853f0bb6c1d574e4f5f94772416d90e6ceefb5eae0f29e6c39776505ebd66264
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3181
Cache-Control: max-age=108849
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:28 GMT
Etag: "63baa254-116"
Expires: Tue, 10 Jan 2023 11:53:37 GMT
Last-Modified: Sun, 08 Jan 2023 11:00:36 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
35.163.217.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.217.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nEyajledXX8pAhvMJSkgzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CM5W9XGXLEpFtt65NDG1owUm1zc=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c6168f3aa5dcf2ffd76235df1c0c7ab1
dfd5d3ab975c031992fe8a017653fddd946a1d66
853f0bb6c1d574e4f5f94772416d90e6ceefb5eae0f29e6c39776505ebd66264
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3181
Cache-Control: max-age=108849
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:28 GMT
Etag: "63baa254-116"
Expires: Tue, 10 Jan 2023 11:53:37 GMT
Last-Modified: Sun, 08 Jan 2023 11:00:36 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2eecacc512ce20b45c8205823ae8418e
e79e0a4b5e9271bdb22b7b331a6c3480bac8066f
8ea79e1792e684ecab86dd0865998f1d8f0575c6a6a6fa81322f74929a871b60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8EA79E1792E684ECAB86DD0865998F1D8F0575C6A6A6FA81322F74929A871B60"
Last-Modified: Sun, 08 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7861
Expires: Mon, 09 Jan 2023 07:50:30 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2eecacc512ce20b45c8205823ae8418e
e79e0a4b5e9271bdb22b7b331a6c3480bac8066f
8ea79e1792e684ecab86dd0865998f1d8f0575c6a6a6fa81322f74929a871b60
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8EA79E1792E684ECAB86DD0865998F1D8F0575C6A6A6FA81322F74929A871B60"
Last-Modified: Sun, 08 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7861
Expires: Mon, 09 Jan 2023 07:50:30 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:29 GMT
Last-Modified: Mon, 09 Jan 2023 05:21:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ia41xhx7y+ImKSbwsa56cb1AwWGphKMLxERRcB0pnXmfD3V6R7reNRC8KOcvbE5M5/FGTF4GkPWXZac83IsMBQ==
priority: u=3,i
content-length: 27613
x-fb-trip-id: 1904183273
date: Mon, 09 Jan 2023 05:39:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:29 GMT
Last-Modified: Mon, 09 Jan 2023 05:21:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/dc.js
64.233.165.154200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 64.233.165.154:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Mon, 09 Jan 2023 04:48:34 GMT
expires: Mon, 09 Jan 2023 06:48:34 GMT
cache-control: public, max-age=7200
age: 3055
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Mon, 09 Jan 2023 10:54:17 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Mon, 09 Jan 2023 10:54:17 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Mon, 09 Jan 2023 10:54:17 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Mon, 09 Jan 2023 10:54:17 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
a.pub.network/tinyurl-com/pubfig.min.js
104.18.20.206200 OK 67 kB URL HTTP/2 a.pub.network/tinyurl-com/pubfig.min.js
IP 104.18.20.206:0
Hash 4f945864b231a49a69ed78c8c032e375
9aafa75cd3ff75a4bbeeea62cb2c459fcb8a8df0
3ef2149484602faf91231a94eb6ec41b4d861880e1fe3928cad4c678f44ee43e
GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsOxnFGRCeoIdiPPNjpbYaQxZXxHzGhKPdTDCeGMeCY4lqY97l0nVfA52eiVrO9W4WxRTzpklM8dihIRUQu-CVRcQ
x-goog-generation: 1671729927538374
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170997
x-goog-hash: crc32c=qE3GUg==, md5=9A7BS8UtrTVUwmr6lDWmQQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 09 Jan 2023 06:09:29 GMT
cache-control: public, max-age=1800
last-modified: Wed, 04 Jan 2023 19:42:53 GMT
etag: W/"f40ec14bc52dad3554c26afa9435a641"
cf-cache-status: HIT
age: 293226
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad52b4c33b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee0100ded5c40b35292c57e0cde4d423
eafacf389372d4cc059d0fb7fb3e1fccf506d69b
7a2dab5cd0a5a6e96f22771ac84b86df910036186ddb7521dcc41dc82125b272
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4842
x-amzn-requestid: ff29171f-d040-479e-a4c7-d19b8bee76fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8EexoAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-04e89f5b50e2dfba7c13b3b6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VrcHN8FYhIPxGifDE34G4Q2kj6dx5dZBap4lkVHDcogkKVF85bsv3Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:18:27 GMT
age: 8462
etag: "eafacf389372d4cc059d0fb7fb3e1fccf506d69b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96aa6d7d-6f7b-4ee2-9e35-be671ef5b15d.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96aa6d7d-6f7b-4ee2-9e35-be671ef5b15d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34b8caca5fd0b67c98862c7e13595d34
53758943464ccb22ef20e8aa2bf096a13455e52d
b7139abb5db3ef4dbfdea0d9c388835bbb1b57c54adeca11ce015c93baa5982e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96aa6d7d-6f7b-4ee2-9e35-be671ef5b15d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5692
x-amzn-requestid: 1f54ef1d-4311-4cab-b496-7c7e25ce0f85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ3tbFv2IAMFVMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d322-265099f95d50d70b7c5cb59d;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:02:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n5euK4yt5FxKvqM9vWP2ebIwpVyfZcxYmGanE4Z-Vn9kZAogoaZCKg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 11:43:36 GMT
age: 64553
etag: "53758943464ccb22ef20e8aa2bf096a13455e52d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BH9GqW4F8x5-alQC2mwF8cXT20caU3Tn8jI1e3tuhDMYtKnrH3BBpQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:30:17 GMT
age: 7752
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tinyurl.com/u4lqlwo
104.20.139.65301 Moved Permanently 12 kB IP 104.20.139.65:0
Hash 12658cfe92ad601731bcbbd7a330410f
b4ced84a75491ef446657fdde824d97131d8e7f7
98c8f9906a10f992492439f2529a10fbfb91e4733bb987b8d3507ec628d5857a
Analyzer Verdict Alert fortinet Phishing
GET /u4lqlwo HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 09 Jan 2023 05:39:28 GMT
content-type: text/html; charset=UTF-8
location: https://tinyurl.com/app/nospam/tinyurl.com/u4lqlwo/terminated
x-powered-by: PHP/8.1.8
0: X-LIGHTTPD-LONGURL
1: http://dyplom.org/
2: Cache-Control
3: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786ad5245903b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b85TTh5GZmQqmHRmmdz9bAw6COe0CeTyHotfElj0qpL9H051dywT3Q==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 09:29:35 GMT
age: 72594
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 0324f9506767a217fc8e7f1a31a5797e
7790d3493f524b8f2cc8ce7764f41e4d8002f060
61454285c44b1a57ce9b41ca510f9f73d41df0b9e23a0c0090e3dd0c1719392d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 05:39:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 20:35:01 GMT
Expires: Mon, 09 Jan 2023 20:35:01 GMT
ETag: "7790d3493f524b8f2cc8ce7764f41e4d8002f060"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 0324f9506767a217fc8e7f1a31a5797e
7790d3493f524b8f2cc8ce7764f41e4d8002f060
61454285c44b1a57ce9b41ca510f9f73d41df0b9e23a0c0090e3dd0c1719392d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 05:39:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 20:35:01 GMT
Expires: Mon, 09 Jan 2023 20:35:01 GMT
ETag: "7790d3493f524b8f2cc8ce7764f41e4d8002f060"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-xsrf-token
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
set-cookie: _fsuid=f24cc0c0-4eab-4395-8705-889b5e6508c4; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-headers: x-xsrf-token
access-control-allow-credentials: true
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
54.211.150.225204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 54.211.150.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 09 Jan 2023 05:39:29 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 0324f9506767a217fc8e7f1a31a5797e
7790d3493f524b8f2cc8ce7764f41e4d8002f060
61454285c44b1a57ce9b41ca510f9f73d41df0b9e23a0c0090e3dd0c1719392d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 05:39:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 20:35:01 GMT
Expires: Mon, 09 Jan 2023 20:35:01 GMT
ETag: "7790d3493f524b8f2cc8ce7764f41e4d8002f060"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trc.pushnami.com/api/push/track
54.211.150.225200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 54.211.150.225:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
tinyurl.com/app/nospam/tinyurl.com/u4lqlwo/terminated
104.20.139.65200 OK 2.7 kB URL HTTP/2 tinyurl.com/app/nospam/tinyurl.com/u4lqlwo/terminated
IP 104.20.139.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 03281a3907d8b250ca853511cbcba386
a96263db92692e11406106efc45dad5627b931ed
fe6344de38cabe1a1b6cc14c7e008ea47b17e3556a736c2557ebf60379fd89f0
GET /app/nospam/tinyurl.com/u4lqlwo/terminated HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.8
cache-control: public, max-age=14400
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: XSRF-TOKEN=eyJpdiI6Imtyb1o0ZDlrN21QKzNQZUtlYWFzelE9PSIsInZhbHVlIjoiekNzdkJ3SGd2WUc5ZVdxS05aWnVPZXJ3RVJXcTFnWDQwZ2NPekJxaGE2WHk2SkM1ZWxEUGFwT3E5SFZOS2liM3packsvVUZ6SkJXRDhSRTNFLzlsOEVLSDh1YjZMVDQ2aUZ3d3p3SmUrN3dHTndoTkFGYXoyTE9rS0psN0M1WWYiLCJtYWMiOiJiOGJlZjdhMTljNDdhY2VmNzY1MWYwZmM4YjQ1MGNhMjY2M2UwNDExZDU4MGFkYTVjN2ViOTgxZjE1ZmE1ZjZkIiwidGFnIjoiIn0%3D; expires=Mon, 09 Jan 2023 07:39:28 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax
tinyurl_session=eyJpdiI6InhWcmk4SCtFb1MxblE5elcvYk9HZEE9PSIsInZhbHVlIjoiajU3RjEwdlVFMkNPd2NzSjJmMVJseUoxNUtZQS84NFdKUnpzaVBLTUswNlBMQWRwT3VoRkdnUWVWOHBoM2gvT3lhSVF2YVd5WkR4SFNCNTlQbUhLOEJXV3d5d3RIRXhXY3hvUHIyc3EwVDJ5VWVFczhuTWJKRjdScm1RZjZEVkQiLCJtYWMiOiIyMmZjYmM1NjcwMGU3MTFkNDZlNTMzYTk3ZGU4YjgxMmRiYjBhMzJjYzkzMzczZjIzYWZkYWM4MjNkYmY0NzcyIiwidGFnIjoiIn0%3D; expires=Mon, 09 Jan 2023 07:39:28 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax
tinyUUID=eyJpdiI6IjRja0J6M1VpcFhXRWI2aXBDb0VIbHc9PSIsInZhbHVlIjoicktUZjlDbmRLaE9YZi9pa1dFVjI5SXVYUjdjTXB2eVFqaHdjd1ROdnAvdmRqN3Y0SmhjRGkvRlBrVHc2NHlCaU5PYnFoMzNWTWNVZFpHbzM3YlRJMExXbFREcEJvdHlhZ3lCZW1Da2RPaW89IiwibWFjIjoiNTgzMGQwYTE0ZTU1ODZiOTIxMjA4MWUyMjA4YTQ3MDc4Yjc2ZDFhMWMyOTFiNTJlNTE0ZDQyZDAwNjYzOGYzMCIsInRhZyI6IiJ9; expires=Sat, 08 Jan 2028 05:39:28 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Mon, 09 Jan 2023 05:39:29 GMT
expires: Mon, 09 Jan 2023 09:39:29 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad527aa74b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6902ad360930d160b3e0c7028d8e9020
1aa17ff371ab9405687f06ebbc2d9c37cb695b85
05183bc61a23b0fcbf1606f3c1592735af6c30e89b05433878ac7ad041637dd9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "05183BC61A23B0FCBF1606F3C1592735AF6C30E89B05433878AC7AD041637DD9"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6192
Expires: Mon, 09 Jan 2023 07:22:41 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
143.204.55.88200 OK 2.0 kB URL HTTP/2 cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP 143.204.55.88:0
File type ASCII text, with very long lines (3408)
Hash f907b144c8c999182509bb7c67996915
439a72b0d4de9090cdc3ef373f489637c0b25f7f
e04a269f2420ff252564262e6643b109f4a576b3ea47aa2da0a1cd09ee7f02f5
GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Mon, 09 Jan 2023 05:39:29 GMT
cache-control: max-age=3600
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DrpK44WE7rbS9OqX9MnPNvLikmqu6OgxDQpEevu8Jgm_C6cRKslnIA==
age: 20
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6902ad360930d160b3e0c7028d8e9020
1aa17ff371ab9405687f06ebbc2d9c37cb695b85
05183bc61a23b0fcbf1606f3c1592735af6c30e89b05433878ac7ad041637dd9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "05183BC61A23B0FCBF1606F3C1592735AF6C30E89B05433878AC7AD041637DD9"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6192
Expires: Mon, 09 Jan 2023 07:22:41 GMT
Date: Mon, 09 Jan 2023 05:39:29 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
IP 142.250.74.131:0
Hash dd5310adc4762c4571779e97b83e8132
049e5c7e03c22eb9be2d57e05592b15956371fab
43766cd4d339bf8018072dc5a3b829ae66013ed75c06b622a751f2e97eb11b35
POST /s/gts1p5/9O8VcKlZFo8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d85d7af929e5b9fd5e7c920de41c110a
4f504606484b5277d0d5a6daa5b8633133962b0b
8a477c09e8f891434f74da56655cabcc664b48eabf719061c6f19642c8d78dcb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3839
Cache-Control: max-age=152750
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Etag: "63bb4b42-117"
Expires: Wed, 11 Jan 2023 00:05:20 GMT
Last-Modified: Sun, 08 Jan 2023 23:01:22 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
www.googletagservices.com/tag/js/gpt.js
142.250.74.66200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (39504)
Hash ef38f4159257f47fe2cf8e260f9af8af
288e8675f18d6eab8b80d96ffbdfd92f77962283
7d1678577e451b96e80ff74d58831239ae3150ab9582f6e2f63aa78ebc36e430
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27578
date: Mon, 09 Jan 2023 05:39:30 GMT
expires: Mon, 09 Jan 2023 05:39:30 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1446 / 797 of 1000 / last-modified: 1673046307"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
143.204.55.88200 OK 117 kB URL HTTP/2 cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
IP 143.204.55.88:0
Size 117 kB (116921 bytes)
Hash dba4a26e3c006b40a3fe37425d22d66e
a0f7e4aaf32a686bb4c27cc6f5fa90ba3e18c8c7
387da9781e2fcc089c04af24f9abe4ca099f474d134a659ea7566413c9c2634d
GET /tcfv2/cmp2.js?referer=tinyurl.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
cache-control: max-age=3600
date: Mon, 09 Jan 2023 04:42:16 GMT
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ss0ZIiocHHa3tgmRhx1swp3VuYpl6m-Bh_0DTCbrHw9rvRa2yY4xGQ==
age: 3435
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d6038562f14342dcd02a4b7e60a3f518
f9811572d9c7f69d649f264271c9b12a8c385397
e80826c2fa6744f8544a60c1db7e9042fd981839678b9ec67b995740d8ca17f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5176
Cache-Control: max-age=104395
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Etag: "63ba8925-116"
Expires: Tue, 10 Jan 2023 10:39:25 GMT
Last-Modified: Sun, 08 Jan 2023 09:13:09 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
btloader.com/tag?h=freestar-io&upapi=true
104.26.7.139200 OK 109 kB URL HTTP/2 btloader.com/tag?h=freestar-io&upapi=true
IP 104.26.7.139:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (108653 bytes)
Hash 8e3fe28691a6e8cc839ad6d6f9770e82
7574f3855534524781631ad0999f57c76b0763cf
de107f6fad9355367ebaff4666f4cc1a587d00ff23b187396400102f73f1b89c
GET /tag?h=freestar-io&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"ac570c1c82ebde8a4b25105a9142f9a9"
last-modified: Mon, 09 Jan 2023 05:32:46 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9RLgnDHfsIl5Y%2FA%2BTsVR5%2FBlBz2%2BdwK3mz7wmQCtFooC4vLmJ%2B40us7HTmvkbsoC%2BsfzCbZAI45v5eUtc6Eg22qXb5%2BJeXH8emy8q5eqXy4KfS7SSdNCSOpQ%2FrDnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786ad5309c881c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.13329759836403532
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.13329759836403532
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.13329759836403532 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdt7wuLaNsuzKspA5KyGSRiXv-BqsG3QCP2a0SnWSa24darJD293ZjLPHvTyz2Aag4Pg6qUtoxI0lDAi7a1ptJYhvg
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 06 Jan 2023 19:32:13 GMT
cache-control: public, max-age=86400
age: 209355
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDU3cQyWwcAclB%2BtW9X2YEBEbymiIbHDj5jhzwZQQTO%2Fmu%2BSuBe1lFm60nr17W%2FnHKiD3C3dRkN%2BI2hvPFTRJ%2BWN2Si9D1Kzzab0Lmn0ow1Dzbaok40nZgizI8QEg2dK%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad531cc5db50b-OSL
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.126200 OK 3.4 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.126:0
Hash 32315089417d5eda2932a0aa6d42c1cd
dbc9c7d90a894f7f030b6adb254ccf0b83610a37
4ca705428871abf438d9c8f1b29466650bb684183c18bbca1c000359366be2bf
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Mon, 09 Jan 2023 03:00:39 GMT
last-modified: Fri, 30 Dec 2022 19:52:29 GMT
etag: W/"576d8a77f1f7d5a1f043003ddd2da40e"
x-amz-server-side-encryption: AES256
x-amz-version-id: SVwDON6NI7y0s2hBQqC0oHz.O7U_wt7T
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 58AJWDkjWwjn3DugAkDsrOVelPDVasTb78l-JAxtuQXf2WzXOCtowg==
age: 9532
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
142.250.74.130200 OK 189 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (564), with no line terminators
Hash c3000987b83e1532d9d849651b8faa14
c08c4bdb521c897ceda9f017c359c56261931899
0c269a1f243173ff05eb0a2e25e0b7635647eb09299992c5d3afe17f252e0de2
GET /pagead/ppub_config?ippd=tinyurl.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Mon, 09 Jan 2023 05:39:30 GMT
expires: Mon, 09 Jan 2023 05:39:30 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 189
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Jan-2023 05:54:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.230200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.230:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 15:30:10 GMT
expires: Mon, 09 Jan 2023 15:30:10 GMT
cache-control: public, max-age=86400
age: 50960
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
142.250.74.130200 OK 132 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 132 kB (132306 bytes)
Hash 4bb5c05eee04fec4e851c63be4754945
87e1f8c31e4843f44a5032aa38ca930c65ea95d3
6104ebabbe0df8dbd510114b06ddacf583769bba79906a34662fe34abbaf9d27
GET /gpt/pubads_impl_2022120801.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 11:52:43 GMT
expires: Sat, 06 Jan 2024 11:52:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
content-type: text/javascript
age: 236807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.75200 OK 13 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.75:0
Hash c2771ad00d5c47146b530f19833bafc8
0f65c326354c91cec6c72e3936a7e94a297cc5ed
863d5c552a33cf7d61793b6f24192f894655c08a8c054de3775117e37737f634
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 09 Jan 2023 05:30:03 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P_2RN6fB8O4GHwAsMwEVLLL2dP77LbFknBNHtmOux8i4Bp8BSTmixQ==
age: 566
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash ebbec311a688952ad4195ef4933e767a
ef0933a466864394748debbee0e81d2e296bf5e0
494371f9f9e9ea41c0cc4c2b5e842072e6ad33651fca019daa4ff3ae920a5a12
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash 14e2e3888725b0b00617dca4f693040a
1591b01ae49601ad35ff7e32a57ddf522e7d9f40
bdbc1a611b4e94802bd077e2298da23b5c75a029bf37bdfb7f15befbbcd7584c
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash 14e2e3888725b0b00617dca4f693040a
1591b01ae49601ad35ff7e32a57ddf522e7d9f40
bdbc1a611b4e94802bd077e2298da23b5c75a029bf37bdfb7f15befbbcd7584c
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.btloader.com/pv?tid=zIYuoaVMQ4&w=6316674530148352&o=5714937848528896&cv=2.1.03-1-g6247d5c&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&sid=0L0FmKvu7n&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=zIYuoaVMQ4&w=6316674530148352&o=5714937848528896&cv=2.1.03-1-g6247d5c&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&sid=0L0FmKvu7n&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=zIYuoaVMQ4&w=6316674530148352&o=5714937848528896&cv=2.1.03-1-g6247d5c&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&sid=0L0FmKvu7n&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Mon, 09 Jan 2023 05:39:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Mon, 09 Jan 2023 05:39:30 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash ebbec311a688952ad4195ef4933e767a
ef0933a466864394748debbee0e81d2e296bf5e0
494371f9f9e9ea41c0cc4c2b5e842072e6ad33651fca019daa4ff3ae920a5a12
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 0 B URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.pub.network/core/prebid-analytics-7.19.8.js
104.18.20.206200 OK 173 kB URL HTTP/2 a.pub.network/core/prebid-analytics-7.19.8.js
IP 104.18.20.206:0
File type ASCII text, with very long lines (64217)
Size 173 kB (173030 bytes)
Hash a8df85986b14d9bec0706d85317ada9d
6a19e3cc1d4e17af17acadc92a7f46622991f011
0463f09846a2a245e9cd1d3da147ccb2873195e71f7783cb308b04450458cf3f
GET /core/prebid-analytics-7.19.8.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=acd4ae4a-b337-445c-91e6-6eb5a308ce2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: text/html
x-guploader-uploadid: ADPycdu2_bDDldCKKn02pUvdb8KBGve-AJgCMvOigjkBcTNqYuvBMCY-ZtfzbT8j465xex85PsksNuT4aK4W-IBOClkWyw
cache-control: public, max-age=31501710
expires: Mon, 08 Jan 2024 20:07:59 GMT
last-modified: Fri, 02 Dec 2022 16:03:29 GMT
etag: W/"51ace935aa2aa7ac94ab810fd2e22d1d"
x-goog-generation: 1669997008969213
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 560022
content-language: en
x-goog-hash: crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 34282
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad52feec6b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.88200 OK 36 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.88:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 19ec29d1f34ec9084455a3896af06125
7ee7c1d047e23ccf6b384209781640468d9acbbb
3f27ff15afd09158febd7278bdd2dbadb2bf6c9b0d502c9051548d5ecf7adea0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 09 Jan 2023 03:00:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 09 Jan 2023 03:00:26 GMT
etag: W/"04d48101974eead38bf9b0ba0cc4d9a8"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -ILLTX6yLJ9nWJbjM1YYKcHPxQVev8o5a0tW4mDbiRTd8oxHzRKQ3A==
age: 9542
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3260d451945a130cd2d142b067464b4d
a540e1f498fd3aa9b062c4f94b09d4381620af07
9b18f8d76ec12ad3a03cff27ac0addff661d581ede42fde59969510df5813c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2567
Cache-Control: max-age=139952
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Etag: "63bb1e3b-116"
Expires: Tue, 10 Jan 2023 20:32:02 GMT
Last-Modified: Sun, 08 Jan 2023 19:49:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.88200 OK 44 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.88:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash 5ffdf5cde1d7ea1327046c16971d3a21
9226d88c09e1678f9f26da196a5871f939deff3c
292a9b2f347a4d244ab0bf4aae2850cf59adab145e0270279452feb10b0be5d7
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 09 Jan 2023 03:00:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 09 Jan 2023 03:00:32 GMT
etag: W/"b455991ab0c258867af46898dfbb30bf"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GVhLSX-vB8UpaSOpXBYqx6Hh1TAUncGu9CcH2Hoj_Pvaa-QnWA7NPA==
age: 9535
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d58dd5b9395dcdec8d83f39b5b743146
3c91b7e75d5c805fc0442cce1da1fc36c856cf16
77cfcae8aff8b76845f3a2c0eb37c729772e17d7a1bfc9d8b25481ec324daa06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1305
Cache-Control: max-age=110245
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:30 GMT
Etag: "63baaf1e-13a"
Expires: Tue, 10 Jan 2023 12:16:55 GMT
Last-Modified: Sun, 08 Jan 2023 11:55:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1673242757876%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-3xiau6lpstgtkjy3a3g9%22%7D
18.184.21.4200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1673242757876%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-3xiau6lpstgtkjy3a3g9%22%7D
IP 18.184.21.4:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1673242757876%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-3xiau6lpstgtkjy3a3g9%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.66.133:0
Hash 4a4e863e0174215c941e019b1bbec892
fbb82eea8c8271ffeda105aa422ab380e34cc427
607a4cb09bc3949e189b567bb8656d93f8c05906fe24d2c23aece41d4e2830fd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 13 Jan 2023 04:37:08 GMT
ETag: "fbb82eea8c8271ffeda105aa422ab380e34cc427"
Last-Modified: Mon, 09 Jan 2023 04:37:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 09 Jan 2023 05:39:30 GMT
Age: 140
X-Served-By: cache-qpg1235-QPG, cache-bma1636-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 16, 5
X-Timer: S1673242771.904659,VS0,VE0
api.pushnami.com/scripts/v1/hub
54.230.111.75200 OK 1.1 kB URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP 54.230.111.75:0
Hash 46753f1d4486558293bbbbe6844b198d
64912a32e5577f80bceb28e04746d44e70b51ee0
037a4d1cfd43ba48a36b790c8860d19a5874dca63de4f63c08d556063bfeb8ca
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Mon, 09 Jan 2023 05:13:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jfgcoHHqtLHefSw6TYVaOQ8_aWI4hMdWPWUx90BC1zLw_3S9O0GFqA==
age: 1565
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a69908af2310901822ea7b87953e6a5d
f2beb031e2fd7788737838e26ea3ee28496ae381
d8294127feac783bc59e46cdc76348de60a55bf7208ae6b867a287a66b3b64d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 487
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Last-Modified: Mon, 09 Jan 2023 05:31:25 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 6cfc338bfd3190917a7a8670402bfebf
2f77d09ef7a59164724176fd619963175d74fe6f
5c47b0db8615a9bf0a296c7fcc147112928e08b0b703d20f0808a4a31546d957
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 6cfc338bfd3190917a7a8670402bfebf
2f77d09ef7a59164724176fd619963175d74fe6f
5c47b0db8615a9bf0a296c7fcc147112928e08b0b703d20f0808a4a31546d957
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.2.146200 OK 401 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (483), with no line terminators
Hash c5845efffabb899cabbe53c1c1f093f7
04f95a05f957677363a542f1de9f9c6a690482ca
bdf8749e13126452b1afc331f61813cfa729a679e53da67d526d43be3e11e357
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 1355691
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
s2s.t13.io/cookie_sync
34.107.140.113200 OK 603 B IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with very long lines (2227), with no line terminators
Hash 31336292696377d96162b7342141eab4
2fc5c38acdffa1589be81b8e1a3efd974f89b9ec
3f3bd9c71f2354cbe9191a3dd8a41fd3ede22fb3c9b03df9e95c5e2d8edb45a3
POST /cookie_sync HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 367
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-type: application/json
content-encoding: gzip
content-length: 603
date: Mon, 09 Jan 2023 05:39:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2s.t13.io/openrtb2/auction
34.107.140.113200 OK 168 B URL HTTP/2 s2s.t13.io/openrtb2/auction
IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 258f6b3595fded174a20c8873ce95705
6f87db30a7c2806cfd80c98a6b1537779ab7f41d
277446e56be42c1e0c61561bee2a5dadc0b834a29c6b2a1d1b8b9f5a6627b849
POST /openrtb2/auction HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3577
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
x-prebid: pbs-java/1.94.0
content-type: application/json
content-encoding: gzip
content-length: 168
date: Mon, 09 Jan 2023 05:39:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=97633776901&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=97633776901&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.7&cb=97633776901&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3927
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 6cfc338bfd3190917a7a8670402bfebf
2f77d09ef7a59164724176fd619963175d74fe6f
5c47b0db8615a9bf0a296c7fcc147112928e08b0b703d20f0808a4a31546d957
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.2.146200 OK 1.8 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.2.146:0
Hash ba2c66d28a3f9eb43c5dcb3fb486d4a9
f69c392fcc384f5ad275ba8e1f72df27207b0cd5
0c5f0e81e87a366501d9249f695fd9684f8c6f76e111f5dcb879cd6ef7fa201f
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 408156
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.53200 OK 12 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.53:0
Hash 2a4fe2a15e7358aefe09ea9b0ebb8a89
e3bebebfc87b78de2ae4f90bcfdbbbbe5c058c99
1e4cab9f1e06b7b3100d4dd51570ad2a0a6f35dc76d0501b75545c24b91910f4
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 09 Jan 2023 05:30:03 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nBMd-QDmYChrUCKykRqCqQ0BIDUhGkrM7SdzveXNrmGcRhrMW4BM6w==
age: 568
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
104.22.4.69200 OK 566 B URL HTTP/2 id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
IP 104.22.4.69:0
Hash c944f7123d839dabe0a3a4fc76ef8cf7
9cc583699973efe1d302de2439f4777264396791
cd84955a904514db1bddc0e401f18b7e533ef5b42c4c2e66472d29048c9ef4fb
GET /api/v1/pbhid?partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: application/json
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786ad5355f83b524-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae5e0938f1f2a52f95df3d39d60709e4
665d391b6e12efd09a3de54b34de419b6ccf3d61
351a043a4b33726202a456267e5cb69cd09a0e8de5c62b130406eec8761935a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5157
Cache-Control: max-age=125936
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Etag: "63badd5e-1d7"
Expires: Tue, 10 Jan 2023 16:38:27 GMT
Last-Modified: Sun, 08 Jan 2023 15:12:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.4.69200 OK 67 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.4.69:0
File type JSON data\012- , ASCII text
Hash 2612c2514bbb4dd51b9164dba3569234
839dad2fb2d7b257a045d1df253e4469e1ef200c
a634d86ccbb74f568a47529c6d9c6c354bd20100370e29f87593c6fa02a4af44
OPTIONS /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786ad537e90bb524-OSL
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
54.230.111.210200 OK 736 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
IP 54.230.111.210:0
File type JSON data\012- , ASCII text, with very long lines (736), with no line terminators
Hash 1911a93942ef8179ac2e940469a3a968
7e7d730d742c25d47f05260dff4af48ea5b19d82
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
GET /cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 736
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 09 Jan 2023 03:55:39 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0OlSrfSrpn2uDD2RtW8mvumbz5R4WIWBxc1syrYXJqTO6DhtkAcp8A==
age: 6232
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1---&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1---&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=1---&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 09 Jan 2023 05:39:31 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJOou2MCEJ72zU_lobqeUvoU94Wqqi4FEgEBAQH6vGPFYwAAAAAA_eMAAA&S=AQAAAiZqq2TZKXx_C7Uv_SIBPpI; Expires=Tue, 9 Jan 2024 11:39:31 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&pid=N3kKJYEpdFrGj&cb=0&ws=1280x939&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&pid=N3kKJYEpdFrGj&cb=0&ws=1280x939&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&pid=N3kKJYEpdFrGj&cb=0&ws=1280x939&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Mon, 09 Jan 2023 05:39:31 GMT
x-amz-rid: 0VVJGQK03VR7MCFGR7GR
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W8pFr_xX5EcQpBSqOuaxTqxLg0ewD_HpsT5JtYVFvy1xmxYOwIGBSg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a70f4ba8af50cca717b378c190a68690
e849143786b922bf6d8ba82b8bf09d86c9d6f011
2abc781b5e1c00318a2d224dc14ff5e5d0f854cf46f3cb9e9d94019a902254cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 863
Cache-Control: max-age=112311
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:31 GMT
Etag: "63bab8eb-116"
Expires: Tue, 10 Jan 2023 12:51:22 GMT
Last-Modified: Sun, 08 Jan 2023 12:36:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.61.233.63200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.61.233.63:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Mon, 09 Jan 2023 05:54:31 GMT
date: Mon, 09 Jan 2023 05:39:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 91373bc4a12da70a5eff81f36b74a82c
3df796eeb5a064c9aefa4aeeeb243aa015e6899a
4e0ffc59b5dddc99d6ee59e32a7ceb83947ac6f2ce474591cb8d419ee44b4e5b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 05:39:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 21:26:32 GMT
Expires: Mon, 09 Jan 2023 21:26:32 GMT
ETag: "3df796eeb5a064c9aefa4aeeeb243aa015e6899a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
54.230.111.4200 OK 736 B URL HTTP/2 rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (535)
Hash 2ea549f69506051a4ccc152c9e09e6be
156ec7877e5aaeb60225b7130569b6fe14032a73
039c9de7662a347c2142977c9cf84aca96ef0e1e69f6216c68458ee576033d2a
GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Mon, 09 Jan 2023 05:07:08 GMT
cache-control: max-age=3600
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pdkv7bCU2MnZq0Sxj3M-HVEoN972Lh-1jyjS8-sx6OqX0lIf6w3iAg==
age: 1951
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 631fec139a9118d4536ccc3bce120cd5
a7ed8a1c509a54afefd01d1cbfc47838043c26df
4c40ff14482ca9d7dc839e2045b188508bffb08b4a811eacf5d97c975a3a535e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136966
Date: Mon, 09 Jan 2023 05:39:32 GMT
Etag: "63bb063e-1d7"
Expires: Tue, 10 Jan 2023 19:42:18 GMT
Last-Modified: Sun, 08 Jan 2023 18:06:54 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wjRv-MMWdfmva0Lnfodb8KplE1_cjrTxAsuiSD4gdBtBCzSVCnwv1w==
Age: 5724
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 255b0965958620bb4bd2a34a3933ff40
156378b2aed85f3c5b1f535022db505d0a3274f3
89e1e40bfbab2c24a867f577f8b3738bd0cfca63d9cbf3fb0fd09d1ec920d3d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 73
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:32 GMT
Etag: "63bb38f8-139"
Last-Modified: Mon, 09 Jan 2023 05:38:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8c3ba6d9a7d87571f68e1c62d60a6544
6aae892efe1480bb53d388d81ac8179c53364bbc
17a1b879089926a764c58e1337d2887f986a01ed281c8f150df80f870e284104
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1246
Cache-Control: max-age=126035
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:32 GMT
Etag: "63baed09-117"
Expires: Tue, 10 Jan 2023 16:40:07 GMT
Last-Modified: Sun, 08 Jan 2023 16:19:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 0feb7b4e8975c2d7d8c1acaacdb07e23
ffd9270b7d08941b9ad50cca501e754cf4c65b40
9d3d5919466db1f5e03b7058acbbe36504f7cda4407847366c543708c1bc0439
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 822
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 786ad53cac03b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3675c950eb255793827e3686eefe708f
292f48001d163e505276b8b6d7f250773fee4819
c59230ca51fdd9ddbfdf16de0f4b093d75ccb18da2d0c43b748d07c81dab1121
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3073
Cache-Control: max-age=170292
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Etag: "63bb92c8-1d7"
Expires: Wed, 11 Jan 2023 04:57:45 GMT
Last-Modified: Mon, 09 Jan 2023 04:06:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 757a9fbf20cad121c44b06052740c7f7
b8623506cf7b56de3ce8309d7011f0cb9edb5819
32f84c646f160d4bf88ec6e2b18edd5c53796becc911456b7601b8ab6ba57455
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5574
Cache-Control: max-age=162017
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Etag: "63bb68b0-1d7"
Expires: Wed, 11 Jan 2023 02:39:50 GMT
Last-Modified: Mon, 09 Jan 2023 01:06:56 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673242760-3NLA4NDK-J6MH
35.165.89.71302 Found 473 B URL HTTP/2 ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673242760-3NLA4NDK-J6MH
IP 35.165.89.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash e3b99a787f27b38c0e6fec115df6def8
909ba9d9e6714e5ab0506b7b261ebd01603ad283
e497a0d344b974caa23feb1dd0b3d31bb635eba4aa17eba8e2a52b54d5ad98c9
GET /api/v1/g_hosted?id=AU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:32 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzI0Mjc2MC0zTkxBNE5ESy1KNk1I
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; Expires=Wed, 08 Jan 2025 05:39:32 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Wed, 08 Jan 2025 05:39:32 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH
35.165.89.71200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH
IP 35.165.89.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/ip_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:32 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b4355a51800288c6c14f79a933f23a0f
46f6bbd30164cd6f56d91931bcd978992988c870
76b46d71d3e73214e3fac22306dc04f2d9543a5fbac21244eb57a1689eae0f49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=107170
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Etag: "63ba8e9d-1d7"
Expires: Tue, 10 Jan 2023 11:25:43 GMT
Last-Modified: Sun, 08 Jan 2023 09:36:29 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 04:21:55 GMT
expires: Mon, 09 Jan 2023 06:21:55 GMT
cache-control: public, max-age=7200
age: 4658
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0805d2a25a147174169afa6f64c4580
57a4eeae02dbad55da4dfa4285d6efc828f507b0
c5cf5f78e5deaedbf76c734d08c51ba1a4adb64376ca420f62f35db4054af89c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Last-Modified: Mon, 09 Jan 2023 04:13:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=$UID&gdpr=0
185.89.211.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=$UID&gdpr=0
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 09 Jan 2023 05:39:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 25b1edb2-ce8b-4e6f-97e5-da163cd5f738
Set-Cookie: uuid2=2467534402408146020; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 09-Apr-2023 05:39:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:33 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1673242773090;Expires=Fri, 10 Mar 2023 05:39:33 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=7b0b54dc-29ad-4beb-a18e-7f65a1626cfc;Expires=Fri, 10 Mar 2023 05:39:33 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001673242760-3NLA4NDK-J6MH&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001673242760-3NLA4NDK-J6MH&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=50242&puid=AU1D-0100-001673242760-3NLA4NDK-J6MH&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3675c950eb255793827e3686eefe708f
292f48001d163e505276b8b6d7f250773fee4819
c59230ca51fdd9ddbfdf16de0f4b093d75ccb18da2d0c43b748d07c81dab1121
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3073
Cache-Control: max-age=170292
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Etag: "63bb92c8-1d7"
Expires: Wed, 11 Jan 2023 04:57:45 GMT
Last-Modified: Mon, 09 Jan 2023 04:06:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
p.ad.gt/api/v1/p/474
104.22.4.69200 OK 12 kB IP 104.22.4.69:0
File type ASCII text, with very long lines (40875), with no line terminators
Hash 3c8f54bc79a02b6e2f7b0634c5c05be0
c32f3e97ded78a57cbfb64e62196a0d9ae4606fb
2aac760e1f5b6d9fabb184d1a87f2d9403a2453eebed641ff9b15d2942c5a921
GET /api/v1/p/474 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Jan 2023 23:03:24 GMT
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:35:06 GMT
etag: W/"1672959804.0-40875-2713193071"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 266
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad53faf50fac8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
52.48.61.43302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
IP 52.48.61.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=23055603250801723530005880326521877357; Max-Age=15552000; Expires=Sat, 08 Jul 2023 05:39:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: q8jpRorARj0=
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b97f927202304a45944e9ac524326436
a0eb42b92d32e11826897c3a3c0c91552ea48786
a5451b67312dd02690e025b489fdfaead27ea3ecb9bfcb32110f76a62ae4c04a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 05:39:33 GMT
Last-Modified: Mon, 09 Jan 2023 04:08:06 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UZfBnzcSi1ZFSx0AkT2LsXKvlT42UKkcdd39VGOLY2BQhhUdNPhofw==
Age: 5487
pixels.ad.gt/api/v1/getpixels?tagger_id=AU1T-0100-7964F99706AC612AC3FE9966E5494DE5&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&code=%27none%27
54.244.132.174204 No Content 0 B URL HTTP/2 pixels.ad.gt/api/v1/getpixels?tagger_id=AU1T-0100-7964F99706AC612AC3FE9966E5494DE5&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&code=%27none%27
IP 54.244.132.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/getpixels?tagger_id=AU1T-0100-7964F99706AC612AC3FE9966E5494DE5&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&code=%27none%27 HTTP/1.1
Host: pixels.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 09 Jan 2023 05:39:33 GMT
server: nginx/1.20.0
X-Firefox-Spdy: h2
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 1.7 kB URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash 5449635bbe37c431ab40372453815b4b
3f73b9ba4ded12e1aa61bb68d4025e7ed6fad380
b849890cfc0e8471d1f83c43e47cc9d8e37e29fd374d44bfd588763111668916
POST /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Content-Type: application/json
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Origin: https://tinyurl.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
35.165.89.71200 OK 43 B URL HTTP/2 ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP 35.165.89.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /api/v1/halo_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:32 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:32 GMT
set-cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; Expires=Wed, 08 Jan 2025 05:39:32 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26adnxs_id%3D%24UID%26gdpr%3D0
185.89.211.84302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26adnxs_id%3D%24UID%26gdpr%3D0
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673242760-3NLA4NDK-J6MH%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 09 Jan 2023 05:39:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: 29acd5e9-8a35-4209-8d1c-3f06500f279d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
52.48.61.43200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
IP 52.48.61.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001673242760-3NLA4NDK-J6MH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: mJHLBLJFQsg=
Content-Length: 59
Connection: keep-alive
match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&_bee_ppp=1
52.212.89.6303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&_bee_ppp=1
IP 52.212.89.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/audigent?buyer_user_id=AU1D-0100-001673242760-3NLA4NDK-J6MH&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Mon, 09 Jan 2023 05:39:33 GMT
location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673242760-3NLA4NDK-J6MH
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d7a59f0ef335df15e4acd2962fb01e45
9d7f58775b8ec0368933083fe39d4ab2d7237ee8
defa70831bc57807ce82f5a7e50b52fb95d350d3b03076d23299141accd4b8b2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 05:39:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 13:57:50 GMT
Expires: Sat, 14 Jan 2023 13:57:49 GMT
Etag: "9d7f58775b8ec0368933083fe39d4ab2d7237ee8"
Cache-Control: max-age=461295,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786ad543faf4fabc-OSL
ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
67.202.105.22204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
IP 67.202.105.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP004
date: Mon, 09 Jan 2023 05:39:33 GMT
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?google_error=3
35.165.89.71200 OK 197 B URL HTTP/2 ids.ad.gt/api/v1/g_match?google_error=3
IP 35.165.89.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 0200fb56f4847e73175a29284255e529
61ae48ba338d48bf246d35141d1a636e22ba42dc
e0f00a616f4e9479d121e4ee900b16be2524750a96c00916857aa05c027851f6
GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:33 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash eaf4dc9e134818f2c88a1207a2e25527
46ca2dc80b9a893816661400f09a691a9db9e4f6
bb35d3c7dd4f872bb406e579fff6d80ee6df801ace5c3e93ce4ea23c79462b70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114806
Date: Mon, 09 Jan 2023 05:39:34 GMT
Etag: "63babe9f-1d7"
Expires: Tue, 10 Jan 2023 13:33:00 GMT
Last-Modified: Sun, 08 Jan 2023 13:01:19 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xMlsJtByE30cWvuf6zEYMtZGym1Djz7kxSzb2qaHuAoPKUdTakqBVw==
Age: 1901
eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
13.248.245.213302 Found 98 B URL HTTP/2 eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP 13.248.245.213:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 35dd0d6e0e0bdfefa1788b7d780a861b
12d298bfac14961e2f158f34078dcb472befa48e
05d0c996bffcb553aeb307ab6065accca0f85c710b749c5865c7d012e7f50043
GET /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-length: 0
set-cookie: tluid=3462613695363804141721; Max-Age=7776000; Expires=Sun, 09 Apr 2023 05:39:34 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
location: /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
X-Firefox-Spdy: h2
eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
13.248.245.213200 OK 0 B URL HTTP/2 eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
IP 13.248.245.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0e5fe742a4d03346bdb123d624592a9d
9f857fac816bed722b84c64e848d67bfa8cac2e2
aa7bf47c66648a2dc1363aa67e5713c439e71118a92c81f4e5cce527cb0a51f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 05:39:34 GMT
Last-Modified: Mon, 09 Jan 2023 04:42:20 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5OsOLrUnEESiv9C-LjP-jLrSqTaJRzj6UPVDVn53khwvOe6KmiIG_g==
Age: 3434
ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
52.209.46.92302 Found 0 B URL HTTP/2 ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
IP 52.209.46.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: application/json;charset=utf-8
content-length: 0
location: https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=gf4c9aea3347b2bf898f&gdpr=&gdpr_consent=&us_privacy=1---
set-cookie: yieldmo_id=gf4c9aea3347b2bf898f%7C1673242774463%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 09-Jan-2024 05:39:34 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
eb2.3lift.com/sync?us_privacy=1---&
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/sync?us_privacy=1---&
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync?us_privacy=1---& HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1--- HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=125495
expires: Tue, 10 Jan 2023 16:31:09 GMT
date: Mon, 09 Jan 2023 05:39:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?us_privacy=1---
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?us_privacy=1---
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?us_privacy=1--- HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Jan 2023 05:39:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&ref=&_it=freestar&partner_id=474
104.26.11.25200 OK 13 kB URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&ref=&_it=freestar&partner_id=474
IP 104.26.11.25:0
File type ASCII text, with very long lines (55891), with no line terminators
Hash dc5b89f1b23330dbf72c10be4055c076
c76ef3223be4704d6664380ec1ace3dc8fe2f816
36d830cc8806d52b7a4c1b9a7a876b2d91aec5b2629e826744ae1515654d9896
GET /hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2Fu4lqlwo%2Fterminated&ref=&_it=freestar&partner_id=474 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 4775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuQ2dUr3%2BRzvK80lzfB1RA%2BsR3a1DdXtyazb%2B6r6qgSsZk3qQ%2FmLp5pZvsGdVeBd%2BgZ0Oj3sXAjy5Ra%2B7IFNb4zBVrb348VcQYcy2qed7CtACJUO1s42TDDlGl4qfRgR8MM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad53088c6b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18728)
Hash 13e75401b9dfe76399584e42894ea0b1
914b57947b16bbcd21349e1d6c2f782479929754
f146f31807184a4a84114666c9d52b5c583cb08d7b95f63865d6913534b778af
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sun, 08 Jan 2023 14:55:37 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33365
Expires: Mon, 09 Jan 2023 14:55:39 GMT
Date: Mon, 09 Jan 2023 05:39:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
151.101.1.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.1.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 Jan 2023 17:03:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 09 Jan 2023 05:39:34 GMT
Age: 83536
X-Served-By: cache-lga13626-LGA, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 193112
X-Timer: S1673242775.603192,VS0,VE0
Vary: Accept-Encoding
contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
2.18.172.23302 Found 154 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Mon, 09 Jan 2023 05:39:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 09 Jan 2023 05:39:34 GMT
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&google_error=3
35.165.89.71200 OK 579 B URL HTTP/2 ids.ad.gt/api/v1/g_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&google_error=3
IP 35.165.89.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 430a0bfb7034ea0501e27161685e638c
fe969e0b8e43d3f6e6439e4d8418161f9e036c68
4cf6022b0932afdf9a29d175d94a4ead1136588439b981982471d2c0152192c6
GET /api/v1/g_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:33 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 05:39:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=418032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786ad54dab1cb50c-OSL
ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
52.209.46.92200 OK 43 B URL HTTP/2 ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
IP 52.209.46.92:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /v000/sync?pn_id=mnt&userid=0000EEA HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g55e4c258fdedd2a1352%7C1673242774685%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 09-Jan-2024 05:39:34 GMT; Path=/; Secure; SameSite=None; Secure
ptrmnt=0000EEA; Domain=ads.yieldmo.com; Expires=Tue, 09-Jan-2024 05:39:34 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 05:39:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=418032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786ad54daff7fac4-OSL
e1.emxdgt.com/hb_sync/
18.156.32.70204 No Content 0 B IP 18.156.32.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hb_sync/ HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biddr.brealtime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html
date: Mon, 09 Jan 2023 05:39:33 GMT
content-length: 0
X-Firefox-Spdy: h2
x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
18.194.214.184302 Found 0 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
IP 18.194.214.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent= HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=01a2e126-023c-4937-9724-0548a2af3c1e; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=yieldmo
18.194.214.184302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=yieldmo
IP 18.194.214.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=6c8b6899-b916-4731-881b-c52cbc98658d; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash be4210e83ae295d0aa9014bfb6c2cea3
19c4e80207b2eb8ed7e6c86d88338ae8836c2faf
704e4189cd8074135a99d7abcd58ae916c231186939322553ce84039f53a58e3
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sat, 8 Apr 2023 22:26:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 09 Jan 2023 05:39:33 GMT
content-length: 60
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
18.194.214.184302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
IP 18.194.214.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent= HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-length: 0
location: https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&uid=
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=yieldmo
18.194.214.184200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=yieldmo
IP 18.194.214.184:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd8574ce9b2321d6db7e276b47a8822
1185c8ee22198eb2730cc89d67b0188e71300f90
96ec387d5d99d29671279afcbca336c77acba09d8ded6222ee12112c4668825d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:34 GMT
Last-Modified: Mon, 09 Jan 2023 03:53:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 05:39:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=418032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786ad54d7db7fabc-OSL
x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
18.194.214.184302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
IP 18.194.214.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 05:39:34 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=db098168-f366-45e7-9ac9-81581b98bf3c; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673242774; path=/; expires=Tue, 09-Jan-2024 05:39:34 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5558409de448f8c8c7c3549ce34d0f86
4b47095d99840d7d59c2c39ad00ae0c12eb0e3e6
ef8c717b25cb5d79180add059f5d31a14b1aa4ddf28dfe4018844c22ca19c461
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 05:39:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 01:14:18 GMT
Expires: Fri, 13 Jan 2023 01:14:17 GMT
Etag: "4b47095d99840d7d59c2c39ad00ae0c12eb0e3e6"
Cache-Control: max-age=329082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786ad54ecbbab50c-OSL
x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
18.194.214.184200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
IP 18.194.214.184:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
rtb.mfadsrvr.com/sync?ssp=yieldmo
3.120.166.248302 Moved Temporarily 0 B URL HTTP/1.1 rtb.mfadsrvr.com/sync?ssp=yieldmo
IP 3.120.166.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=yieldmo HTTP/1.1
Host: rtb.mfadsrvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 09 Jan 2023 05:39:34 GMT
Location: https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
Set-Cookie: tuuid=47fb0527-7879-4162-baf4-3b1f82a7f665; path=/; expires=Wed, 08-Jan-2025 05:39:34 GMT; domain=.mfadsrvr.com
c=1673242774; path=/; expires=Wed, 08-Jan-2025 05:39:34 GMT; domain=.mfadsrvr.com
tuuid_lu=1673242774; path=/; expires=Wed, 08-Jan-2025 05:39:34 GMT; domain=.mfadsrvr.com
Content-Length: 0
Connection: keep-alive
rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
3.120.166.248200 OK 43 B URL HTTP/1.1 rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
IP 3.120.166.248:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=yieldmo HTTP/1.1
Host: rtb.mfadsrvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 09 Jan 2023 05:39:34 GMT
Content-Length: 43
Connection: keep-alive
ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
52.209.46.92200 OK 443 B URL HTTP/2 ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
IP 52.209.46.92:0
Hash 9ab35ffe18299f24c222010220b0bd40
5a8abe4a0d34ee0b2c024363bec5d1cbf5b10482
bb90fe152b7801214c4a2e71538b770692b22aa02d6b2deed603afcf240766dd
GET /pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
set-cookie: yieldmo_id=gd31eeb92a752a4c5f4c%7C1673242774521%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 09-Jan-2024 05:39:34 GMT; Path=/; Secure; SameSite=None; Secure
rptr=mnt%3D1162814%7Ccriteo%3D1162814%7Cbsw%3D1162814%7Cz%3D1162814%7Cm%3D1162814; Domain=ads.yieldmo.com; Expires=Tue, 09-Jan-2024 05:39:34 GMT; Path=/; Secure
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif
ads.yieldmo.com/v000/sync?pn_id=z&userid=
52.209.46.92200 OK 43 B URL HTTP/2 ads.yieldmo.com/v000/sync?pn_id=z&userid=
IP 52.209.46.92:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /v000/sync?pn_id=z&userid= HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2ed1b027b4896caf979dd2753ee1d764
43866fad9ff37628984656c479f521e6b05f74ab
24117dfc0fc53323dfa65c769bc1b510b72ce7bca03b0c59388037632519d55e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 05:39:35 GMT
Last-Modified: Mon, 09 Jan 2023 04:13:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
onetag-sys.com/match/?int_id=4&us_privacy=1---
51.75.86.98302 Found 0 B URL HTTP/2 onetag-sys.com/match/?int_id=4&us_privacy=1---
IP 51.75.86.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/?int_id=4&us_privacy=1--- HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
location: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
content-length: 0
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=25470&us_privacy=1---
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470&us_privacy=1--- HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=a9us&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif
match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/rubicon?us_privacy=1--- HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:35 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Mon, 09 Jan 2023 03:25:55 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rex8XQ2Z3UpI14AbpAIcYuLnMH4qXNlPWUk1GbTDcoDH_Yz-F7_j8g==
age: 16069
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
104.22.4.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
IP 104.22.4.69:0
GET /api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: text/javascript; charset=UTF-8
origin-trial:
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786ad5366ad2b500-OSL
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Tue, 10 Jan 2023 05:39:33 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
185.64.190.80200 OK 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH
IP 185.64.190.80:0
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=0&sc=1&u=0F14B862-DDA0-4D34-9BCE-C15F89C16E4E&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=0&sc=1&u=0F14B862-DDA0-4D34-9BCE-C15F89C16E4E&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=0&sc=1&u=0F14B862-DDA0-4D34-9BCE-C15F89C16E4E&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 05:39:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=0&gdpr=0
35.165.89.71202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=0&gdpr=0
IP 35.165.89.71:0
GET /api/v1/match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:33 GMT
set-cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; Expires=Wed, 08 Jan 2025 05:39:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Imtyb1o0ZDlrN21QKzNQZUtlYWFzelE9PSIsInZhbHVlIjoiekNzdkJ3SGd2WUc5ZVdxS05aWnVPZXJ3RVJXcTFnWDQwZ2NPekJxaGE2WHk2SkM1ZWxEUGFwT3E5SFZOS2liM3packsvVUZ6SkJXRDhSRTNFLzlsOEVLSDh1YjZMVDQ2aUZ3d3p3SmUrN3dHTndoTkFGYXoyTE9rS0psN0M1WWYiLCJtYWMiOiJiOGJlZjdhMTljNDdhY2VmNzY1MWYwZmM4YjQ1MGNhMjY2M2UwNDExZDU4MGFkYTVjN2ViOTgxZjE1ZmE1ZjZkIiwidGFnIjoiIn0=
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
set-cookie: _fsuid=acd4ae4a-b337-445c-91e6-6eb5a308ce2d; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: application/json
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.96200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.96:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 12:11:32 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Aa8r9r_lSeRgLmjlg6K45JbMAhTTNouthgSPxHtdzepRKqQx0dhMew==
age: 62878
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 18:13:57 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 09 Jan 2023 05:17:04 GMT
cache-control: public, max-age=3600
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: eXYb680WFWsurHu4asqaCCTfr6m_jirdBvW4XYpdqhocVrFoK1GxvA==
age: 1348
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.206200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.206:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
expires: Mon, 16 Jan 2023 05:39:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673242760-3NLA4NDK-J6MH
35.165.89.71202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673242760-3NLA4NDK-J6MH
IP 35.165.89.71:0
GET /api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673242760-3NLA4NDK-J6MH HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:33 GMT
set-cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; Expires=Wed, 08 Jan 2025 05:39:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
beeswax_id=; Expires=Wed, 08 Jan 2025 05:39:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
54.230.111.75200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP 54.230.111.75:0
GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 09 Jan 2023 05:37:55 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1X6-ec-gf9MTrDuToMmuCy4eRkcRQ99OqTTFoxK0YRUZrBg3dZlcsA==
age: 94
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
104.18.20.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP 104.18.20.206:0
GET /core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=acd4ae4a-b337-445c-91e6-6eb5a308ce2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:29 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsM9_WcBKa9d0jJCmfzkNuYwKr5afTfTn5jmXFJnil6Ks2-98jWuxrQVVz2V2BMhjOw0a_Kulom8_8HRGuIq15yh9cUTzJf
x-goog-generation: 1671132210032581
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 458801
content-language: en
x-goog-hash: crc32c=Vgu7jA==, md5=2Fm2J3uGZGrKse5ljLxPqA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 09 Jan 2023 06:39:29 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:30 GMT
etag: W/"d859b6277b86646acab1ee658cbc4fa8"
cf-cache-status: HIT
age: 293489
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad52f1e5eb503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
IP 178.250.0.163:0
GET /dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:34 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 09 Jan 2023 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250260
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.4.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.4.69:0
GET /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786ad53919a6b524-OSL
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
52.54.160.235200 OK 0 B IP 52.54.160.235:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:31 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 05:39:32 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Tue, 10 Jan 2023 05:39:32 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
104.18.20.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP 104.18.20.206:0
GET /core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=acd4ae4a-b337-445c-91e6-6eb5a308ce2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:30 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsDC-4LzObMo5uRqzPAcFd_1Ac-lrb4qkoRVKk2vjS01WEEErCKQdwk6DIlY-n-rHXUiClLfKIVEXrsvKN7HtwIv9gLD01j
x-goog-generation: 1671132214233304
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 236006
content-language: en
x-goog-hash: crc32c=K2FWmw==, md5=T6D+lyRyGNPHnVQ/pmPZAg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 09 Jan 2023 06:39:30 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:34 GMT
etag: W/"4fa0fe97247218d3c79d543fa663d902"
cf-cache-status: HIT
age: 293492
vary: Accept-Encoding
server: cloudflare
cf-ray: 786ad5362a7fb503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&tapad_id=5607504e-8962-436e-a27a-e4b1e4ccb5ee
35.165.89.71200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&tapad_id=5607504e-8962-436e-a27a-e4b1e4ccb5ee
IP 35.165.89.71:0
GET /api/v1/tapad_match?id=AU1D-0100-001673242760-3NLA4NDK-J6MH&tapad_id=5607504e-8962-436e-a27a-e4b1e4ccb5ee HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 05:39:33 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 17:39:33 GMT
set-cookie: au_id=AU1D-0100-001673242760-3NLA4NDK-J6MH; Expires=Wed, 08 Jan 2025 05:39:33 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
IP 143.204.55.88:0
GET /tcfv2/45/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Sat, 07 Jan 2023 14:56:50 GMT
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gt6rHz_NSh81aT77RsH2kHP9x5_tJslpMIUXShI4qWon8MR-McitMw==
age: 139361
X-Firefox-Spdy: h2