r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9306
Expires: Sat, 14 Jan 2023 10:28:28 GMT
Date: Sat, 14 Jan 2023 07:53:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7942
Expires: Sat, 14 Jan 2023 10:05:44 GMT
Date: Sat, 14 Jan 2023 07:53:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 07:42:01 GMT
content-type: application/json
age: 681
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17988
Expires: Sat, 14 Jan 2023 12:53:10 GMT
Date: Sat, 14 Jan 2023 07:53:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1rsTGlLCRQHQN3mh7v9CVBQGdvdYozX5GQNyBYcmGjVjmqW1PCLn7ShGk5uHUzHBCf1tz6KO8WQ=
x-amz-request-id: R57B7RQCGXRBKSTK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 06:54:50 GMT
age: 3512
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:22 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.tinyurl.com/4pv8nw2n/
104.20.139.65301 Moved Permanently 0 B URL HTTP/2 www.tinyurl.com/4pv8nw2n/
IP 104.20.139.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /4pv8nw2n/ HTTP/1.1
Host: www.tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 14 Jan 2023 07:53:22 GMT
content-length: 0
location: http://tinyurl.com/4pv8nw2n/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894cc28bbffb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 07:17:25 GMT
age: 2157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6542
Cache-Control: max-age=97346
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:22 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 10:55:48 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2MckBJmSZZrH4wemfEWQNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W6mDJm9WhIch3oaeJnM2Pt9ZFUs=
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0276f2c169c9a109599bf90a06ea1e39
641ee711b3bd723d1feac5bc2082f40f749bb430
f13f373c39f4457784e7f7f190c927f919ae616c32cc8ab7ba1bb4f172cca1d4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F13F373C39F4457784E7F7F190C927F919AE616C32CC8AB7BA1BB4F172CCA1D4"
Last-Modified: Fri, 13 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16993
Expires: Sat, 14 Jan 2023 12:36:36 GMT
Date: Sat, 14 Jan 2023 07:53:23 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0276f2c169c9a109599bf90a06ea1e39
641ee711b3bd723d1feac5bc2082f40f749bb430
f13f373c39f4457784e7f7f190c927f919ae616c32cc8ab7ba1bb4f172cca1d4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F13F373C39F4457784E7F7F190C927F919AE616C32CC8AB7BA1BB4F172CCA1D4"
Last-Modified: Fri, 13 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16993
Expires: Sat, 14 Jan 2023 12:36:36 GMT
Date: Sat, 14 Jan 2023 07:53:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: max-age=103571
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:24 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 12:39:35 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bcjTN2b5EJt1qM1yq039KBjB994K7+8ymmfA7EtmIFasxXY5RhpSHLgntLKT5k9665gevo4faklKV3uBEn8jRw==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Sat, 14 Jan 2023 07:53:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: max-age=103571
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:24 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 12:39:35 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/dc.js
173.194.222.157200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 173.194.222.157:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Sat, 14 Jan 2023 07:20:43 GMT
expires: Sat, 14 Jan 2023 09:20:43 GMT
cache-control: public, max-age=7200
age: 1961
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 04113547be3545537d1b2a28a1de9423
72a8a60dd991c1b8ea42639c80b547500a8c0cd2
cf29f585574ee8bf22d1deef0239adcce1a62611bc65be7c6f67bd5b5407113d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 07:53:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 13 Jan 2023 20:24:02 GMT
Expires: Sat, 14 Jan 2023 20:24:02 GMT
ETag: "72a8a60dd991c1b8ea42639c80b547500a8c0cd2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 04113547be3545537d1b2a28a1de9423
72a8a60dd991c1b8ea42639c80b547500a8c0cd2
cf29f585574ee8bf22d1deef0239adcce1a62611bc65be7c6f67bd5b5407113d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 07:53:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 13 Jan 2023 20:24:02 GMT
Expires: Sat, 14 Jan 2023 20:24:02 GMT
ETag: "72a8a60dd991c1b8ea42639c80b547500a8c0cd2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:53:24 GMT
Connection: keep-alive
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-xsrf-token
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
set-cookie: _fsuid=34649691-1313-4715-a189-a4531d1f0c44; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-headers: x-xsrf-token
access-control-allow-credentials: true
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SUGIIWi8jWe9RoRu-3dQXvLAddjwjH05V1ubKzEOEQrFonzVjQdbtw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:33:07 GMT
age: 15617
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3c35722c1c8a0b7a17b5a48a352aa64
4a939794eb33d9fb1b2cc56ca92f683a7d28e407
073d355bfc201c7feb4af2d1fac623fe7803f081c28467fa72b363074b0446a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7437
x-amzn-requestid: 0efc1457-5919-4244-9837-6e75d03ef1d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAd0F0poAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7abe-24df70ad7e1811a744a7c9de;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezdnQ-2RPpSESm42QCywHIZf4AmanMmy2f19NcUhzQ-PRjsFQfLNkg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:43:58 GMT
age: 14966
etag: "4a939794eb33d9fb1b2cc56ca92f683a7d28e407"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198805f8-79dd-4ac3-8fb7-22c15cbb9cb9.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198805f8-79dd-4ac3-8fb7-22c15cbb9cb9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb8fb3720ec05dd59482cb49e4bffd5c
99b1ea4060e5332b23fdfdc679f61be5af1a7bf7
c44e3c07c1fb842a741c22862afa738e3fbdda05947e9de59267791357f9f09a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198805f8-79dd-4ac3-8fb7-22c15cbb9cb9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5918
x-amzn-requestid: f1786e4a-9ab0-45bd-8f45-ce687f9568d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAczGTJIAMFaCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ab8-4d96e5b066d83750238865b8;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:12:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -rUFJZIRgG5I8m6Gx4X1YiZbutCjeQfA1De_jrKkRlrMlKOuAGA33Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:26:55 GMT
age: 15989
etag: "99b1ea4060e5332b23fdfdc679f61be5af1a7bf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uJjDFuqKCZyyAorUVUq9PyCb_8fWukPf6YE3LwqK2FrwMFzDNkftFQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 11:16:26 GMT
age: 74218
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:20 GMT
age: 36244
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9c918c3f0569cbf09fdcd8998e2fc00
ad06e348d49e8ae0550d922b50bc2a1d4905457a
8f96e49cf0dbbad59d260d0f991d79eb72ea25dcc0caa5ba4480056bd918d07d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5371
x-amzn-requestid: fcbafc8b-5b89-49e6-8ebd-157cb3b24a55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qnERXoAMFsZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce43-3eb3b4d84dbf415a3dec1308;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AbaES_6874zaabJY_z0_FOZfJx86Zsv-osNxWqzef8DDNyelo0HRtQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 36263
etag: "ad06e348d49e8ae0550d922b50bc2a1d4905457a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 04113547be3545537d1b2a28a1de9423
72a8a60dd991c1b8ea42639c80b547500a8c0cd2
cf29f585574ee8bf22d1deef0239adcce1a62611bc65be7c6f67bd5b5407113d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 07:53:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 13 Jan 2023 20:24:02 GMT
Expires: Sat, 14 Jan 2023 20:24:02 GMT
ETag: "72a8a60dd991c1b8ea42639c80b547500a8c0cd2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trc.pushnami.com/api/push/track
3.216.234.227204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 3.216.234.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:24 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
3.216.234.227200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 3.216.234.227:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
104.18.21.206200 OK 138 kB URL HTTP/2 a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP 104.18.21.206:0
File type Unicode text, UTF-8 text, with very long lines (50547), with NEL line terminators
Size 138 kB (138102 bytes)
Hash 76af62cea2c6cd9c0a3eb081539337dc
ade6b9ee0488229e5edff8bdaf370339f6b35429
41438a5f11340d0eb89d77e51635b9f6eca398a36f71035195000e999e94c9d8
GET /core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=3c77c429-1ede-4407-8965-ba7ce5043e4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsbfDwOSvYBQuMS6KDCn_w7_BNLxvF1EG49L8DOKiKpe_pZXenixzP7ouZatCfqcJgIMOYVZGACyCcDLBOuLQpKzroEjwr4
expires: Sat, 14 Jan 2023 08:53:24 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:30 GMT
etag: W/"d859b6277b86646acab1ee658cbc4fa8"
x-goog-generation: 1671132210032581
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 458801
content-language: en
x-goog-hash: crc32c=Vgu7jA==, md5=2Fm2J3uGZGrKse5ljLxPqA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 138842
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc386a23fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
freestar-io.videoplayerhub.com/gallery.js
104.26.9.50301 Moved Permanently 345 B URL HTTP/2 freestar-io.videoplayerhub.com/gallery.js
IP 104.26.9.50:0
Hash af5eba53443952a2d803adc5fff30e68
af6ff9683588fa6abda6e97edce30dd8bd187ce8
eba9de8992ab6cbc86af971e6022a108298a945033818c87e602524c8abfa352
GET /gallery.js HTTP/1.1
Host: freestar-io.videoplayerhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 14 Jan 2023 07:53:24 GMT
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
expires: Sat, 14 Jan 2023 08:53:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nayJGmFcSa22inRhzM%2Fz%2BPgvJ76fQbrB6V699ebeny4%2FeRw9RzzcEH3qAeurT67VdEgSjCH84XtgtGDREGnZXiRmLdnxTDJekw0XQJjmDO9lLPlBefByHk5GVvRgigKj%2BIEdG%2Fm8PnB1o2bAKJjVcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc39c9c1b4f7-OSL
X-Firefox-Spdy: h2
btloader.com/tag?h=freestar-io&upapi=true
104.26.6.139200 OK 113 kB URL HTTP/2 btloader.com/tag?h=freestar-io&upapi=true
IP 104.26.6.139:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 113 kB (113196 bytes)
Hash acafba82dcf38a84d441a92305499564
32b9e2e220143436f716acdcd081ffce192a75ea
7eade45b310627a17d74b0ea5fc6c6ce942033826a1633eb9c74b3fbe62a40c7
GET /tag?h=freestar-io&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"b1f778c665bf578e5ac1fdbd55a9b21b"
last-modified: Sat, 14 Jan 2023 07:33:53 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8TxhloAoteFt8m1ZyNj4QYLumwdn7bow0HCQVQHOguRiq9inCj8Vl84RVawNGL4qwOW7UYmLNK%2B%2FiDYbk3We30WnbtuUqwDGvw0VQw29cryRGQX1SB9E5qf7ESy5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7894cc3a2d011c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071607
142.250.74.130200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071607
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 133 kB (132895 bytes)
Hash da4d1e0146d0010b29b3ad56988092bc
7c1e872c25b763f209f882112dddbcc0480c3aa6
ef976e0b90afdafd2c3271291252e153e9734afda4d878f9f2521fa8ffb9c1d2
GET /gpt/pubads_impl_2023010501.js?cb=31071607 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132895
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 01:34:06 GMT
expires: Sun, 14 Jan 2024 01:34:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
content-type: text/javascript
age: 22759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.058466735820717264
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.058466735820717264
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.058466735820717264 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdt7wuLaNsuzKspA5KyGSRiXv-BqsG3QCP2a0SnWSa24darJD293ZjLPHvTyz2Aag4Pg6qUtoxI0lDAi7a1ptJYhvg
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 06 Jan 2023 19:32:13 GMT
cache-control: public, max-age=86400
age: 649390
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j85Y%2FqSRoq4FIU7BsEUGICIBPRbv%2F3p3%2F5V4RtTj2K04P9CP9I7Mr80QXBmGzcgs%2FsxLWwt5vu%2FpJy0Zm1KCG1zqoQiZ0Q1CObv%2B3LmzH%2B%2BcUYi5S8%2BqiVyWXVmTOk9Sdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc3c5ca7b4ed-OSL
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.126200 OK 2.6 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.126:0
File type JSON data\012- , ASCII text, with very long lines (10104), with no line terminators
Hash 76ca931cbfa35e7c50a5a2f2234b503e
c41a802e65fad548100ed15b878b2bd761af63b6
18dbda1deec0df43f27e572d54bf02a900df8362cfc05829bf87af594e092203
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sat, 14 Jan 2023 03:00:36 GMT
last-modified: Fri, 30 Dec 2022 19:52:29 GMT
etag: W/"576d8a77f1f7d5a1f043003ddd2da40e"
x-amz-server-side-encryption: AES256
x-amz-version-id: SVwDON6NI7y0s2hBQqC0oHz.O7U_wt7T
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iVGzNFwyYIkOIbVBEEouuII9qwRnMan_RupUTuO7WfnOOwOdoc7Ihg==
age: 17570
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1673682788409&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=461&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
143.204.55.94204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1673682788409&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=461&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
IP 143.204.55.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1673682788409&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=461&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:25 GMT
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zp5AN1ePPy9rgmFh7wiP8ndRluAga-4E3iiv39kzNaXE1zt1sToaWg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.230200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.230:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 16:06:45 GMT
expires: Sat, 14 Jan 2023 16:06:45 GMT
cache-control: public, max-age=86400
age: 56800
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.76200 OK 36 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.76:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 3f217d473ca36dd9f5974002051cb151
bd9115271956ed7aad68bd2f4434cfad7f3c8ce2
cd69e1d1613720063d6608c7ae96cb802ad2413828239cf6829e96f8c2273eac
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 14 Jan 2023 03:00:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 14 Jan 2023 03:00:26 GMT
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WhzqzbfglgL7Z5KiXDVZvDUHbXrec2MkFwjSr-_2cRerXFRmMGIYWw==
age: 17576
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash b9c54ab66b6acea6909ee99f500c7537
590128e3b7c5b201a2e2cb23e75ffe326b284722
c5afc78602278c2d14bba3a37adedccf2c21d1f9556c53800319a7530c7d93e7
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
143.204.55.76200 OK 62 kB URL HTTP/2 cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
IP 143.204.55.76:0
File type ASCII text, with very long lines (65469)
Hash 15cd821266ccc78c2589bd4e9f59a1ea
fac8ec465e9572463e05a5c9c9bd14470bb051eb
fb52c03375bd351bfbd61758bedc503506a9705410d3af87d453d7566d302a46
GET /tcfv2/45/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Thu, 12 Jan 2023 19:01:01 GMT
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aP_Cfmea5_20hEWlx6G5qDBaTJUDo-4lswVlq1uJphRNXQsTOBAXmQ==
age: 132745
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash b9c54ab66b6acea6909ee99f500c7537
590128e3b7c5b201a2e2cb23e75ffe326b284722
c5afc78602278c2d14bba3a37adedccf2c21d1f9556c53800319a7530c7d93e7
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash bc7526a9e0400cf0067db03a8a150b75
b70d3545671130859533e70d06870fe27bc12e8d
40730fe3a1358910bf0b4f5c15a9b659226dae22e4e2d59ae27ff30bb5c5bd0f
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash bc7526a9e0400cf0067db03a8a150b75
b70d3545671130859533e70d06870fe27bc12e8d
40730fe3a1358910bf0b4f5c15a9b659226dae22e4e2d59ae27ff30bb5c5bd0f
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 0 B URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash bc7526a9e0400cf0067db03a8a150b75
b70d3545671130859533e70d06870fe27bc12e8d
40730fe3a1358910bf0b4f5c15a9b659226dae22e4e2d59ae27ff30bb5c5bd0f
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.76200 OK 44 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.76:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 27c04c0f0378e0e29586e400fdb6bd7c
0caee87f149dfc93be20e7bd69ec7c1e40acd0cc
7fe107fa7e6f5c3e15fc8bed3290c887979e52eb3c8af5363eaf7c3932026de5
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 14 Jan 2023 03:00:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 14 Jan 2023 03:00:33 GMT
etag: W/"af085776b37add6191a20a83398daa43"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BCllU4aalgJI1ALkCBY_mvShe4HJGD3yVkeoqi9uRe5wFxyTCZdUuA==
age: 17563
X-Firefox-Spdy: h2
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Sat, 14 Jan 2023 07:53:25 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash b9c54ab66b6acea6909ee99f500c7537
590128e3b7c5b201a2e2cb23e75ffe326b284722
c5afc78602278c2d14bba3a37adedccf2c21d1f9556c53800319a7530c7d93e7
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec748ffc7af0db1630122e52a5fa162a
0d44582521bbb65f1f3cc4ff8575a82e95bbe9d3
697ec3fa74a8b28e98638cdc6e0f7450d020ec88f3507d215fda89dea509766e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Etag: "63c1469c-139"
Last-Modified: Sat, 14 Jan 2023 06:20:01 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec748ffc7af0db1630122e52a5fa162a
0d44582521bbb65f1f3cc4ff8575a82e95bbe9d3
697ec3fa74a8b28e98638cdc6e0f7450d020ec88f3507d215fda89dea509766e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Etag: "63c1469c-139"
Last-Modified: Sat, 14 Jan 2023 06:20:01 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9a27ccfaf88852540978fe6cb6ecb14
81f31673ea2c21376e099ba2d7f2f2485908e708
f976fabe09ebc30d0759de0596e1d0626fd8b2b5a98e0fd8b4167439e17888ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:25 GMT
Last-Modified: Sat, 14 Jan 2023 06:11:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 23320bd691b7fed1a59167c5cc8c08a5
dd0a81b469912491b37fd2b9fb7d191baad302c2
3bd17b7149c3f290c1ba798867f64c070f82a0a9897dbd1a3f7af2d15bf815ef
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:53:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 18 Jan 2023 05:32:46 GMT
ETag: "dd0a81b469912491b37fd2b9fb7d191baad302c2"
Last-Modified: Sat, 14 Jan 2023 05:32:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 854
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7894cc3fca7fb509-OSL
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 5477a483336174352bce34d808ae85cf
bd9254516515ba522e37fd958779758c307abe5a
c7802cf191763eb8f865a1a8977eca2a9ee781e84a662bf491d856b65da06913
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 5477a483336174352bce34d808ae85cf
bd9254516515ba522e37fd958779758c307abe5a
c7802cf191763eb8f865a1a8977eca2a9ee781e84a662bf491d856b65da06913
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.2.146200 OK 58 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.2.146:0
Hash a1345dc4ad3beb0b0d4f891517c15133
e571e936ed6cc89d8bc6963f0c4902661566e8a1
c0465303ebbe81b2fe87c6bd066e96b983bf3d67476560947d8ee4d4fa970452
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 232307
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 2.1 kB URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash 83a9532461964c690159b4fe7cd6564a
5a7942e8d5684ade98aaf44a2593138bcfea65f6
93d70ea9fac70e0cd0a667c9856cf294d981229a764bbf35cc9c38e7ce8a59c6
POST /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Content-Type: application/json
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Origin: https://tinyurl.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2s.t13.io/openrtb2/auction
34.107.140.113200 OK 168 B URL HTTP/2 s2s.t13.io/openrtb2/auction
IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f1fffc8e83f846d395f53265bf138d30
a8f3ad13cc03c62e8dc32ff681e42e178e2381d4
c984ef9711e24c41843dae407fb73a75f52a642cdaa46bffdf39cfa29d32055c
POST /openrtb2/auction HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2454
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
x-prebid: pbs-java/1.94.0
content-type: application/json
content-encoding: gzip
content-length: 168
date: Sat, 14 Jan 2023 07:53:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b50c2e3626b57c1c930410913bfe24e1
99f33ddf6452744200bd817de1a695da30d61d66
2324995a7e5cb166835cd024fcf9cda7083fa19ba9d281ef459c68e2995a4aa2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3863
Cache-Control: max-age=96444
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Etag: "63c1261b-1d7"
Expires: Sun, 15 Jan 2023 10:40:50 GMT
Last-Modified: Fri, 13 Jan 2023 09:36:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP 142.250.74.131:0
Hash 5477a483336174352bce34d808ae85cf
bd9254516515ba522e37fd958779758c307abe5a
c7802cf191763eb8f865a1a8977eca2a9ee781e84a662bf491d856b65da06913
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=76576888415&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=76576888415&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.7&cb=76576888415&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3928
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash fe51b80af31242e891e1e1817c284453
d1eb56754d4b316c3845d86c055ecc5ba0235118
0cb960eb52ab5cbe304882b84b6dc8e900f5955bfa792171ae3109957d5ef5ed
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:53:26 GMT
Last-Modified: Sat, 14 Jan 2023 06:09:19 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p2JZwPGJDCjQbye8D0muSucXR0s2eD9ezxGgiZ0GvVj-GTd2kFaS4Q==
Age: 6247
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4380
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 14 Jan 2023 07:53:25 GMT
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tmax=1200&us_privacy=1---
3.71.223.43200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tmax=1200&us_privacy=1---
IP 3.71.223.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tmax=1200&us_privacy=1--- HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1462
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 753a91716059d7669c13f33d25a1b3db
12ab6778db156ef1cb12a977179892f2f5aefb6c
14e924ca2f746a4de95f5353265e2bc1ac3469b9c0123e8ea33ca89ef13e63f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168657
Date: Sat, 14 Jan 2023 07:53:26 GMT
Etag: "63c236fc-1d7"
Expires: Mon, 16 Jan 2023 06:44:23 GMT
Last-Modified: Sat, 14 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vqh1God5w-UXwYGP8-kLYl7HhFrq_6R9kGxv_jHA61sMMx5FdUUpXQ==
Age: 6219
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 753a91716059d7669c13f33d25a1b3db
12ab6778db156ef1cb12a977179892f2f5aefb6c
14e924ca2f746a4de95f5353265e2bc1ac3469b9c0123e8ea33ca89ef13e63f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:53:26 GMT
Last-Modified: Sat, 14 Jan 2023 06:08:55 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OjTGlrhrK8VHfPNGRsTbYvrNAVws1p5u06xtr6YpPDntemZoHo68Sg==
Age: 6271
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 753a91716059d7669c13f33d25a1b3db
12ab6778db156ef1cb12a977179892f2f5aefb6c
14e924ca2f746a4de95f5353265e2bc1ac3469b9c0123e8ea33ca89ef13e63f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168702
Date: Sat, 14 Jan 2023 07:53:26 GMT
Etag: "63c236fc-1d7"
Expires: Mon, 16 Jan 2023 06:45:08 GMT
Last-Modified: Sat, 14 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6Gb4CoHsW-Rw4RjvQdT8-fyjIC00wbdxWLZD77OBi3oVcxXa2IK5jw==
Age: 6264
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 753a91716059d7669c13f33d25a1b3db
12ab6778db156ef1cb12a977179892f2f5aefb6c
14e924ca2f746a4de95f5353265e2bc1ac3469b9c0123e8ea33ca89ef13e63f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:53:26 GMT
Last-Modified: Sat, 14 Jan 2023 06:08:45 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -75EamRSyglsPFGSLEMlyEpMHI9SAHbuchCR3veSm0QUxkeL-ZNsLA==
Age: 6281
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 753a91716059d7669c13f33d25a1b3db
12ab6778db156ef1cb12a977179892f2f5aefb6c
14e924ca2f746a4de95f5353265e2bc1ac3469b9c0123e8ea33ca89ef13e63f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168622
Date: Sat, 14 Jan 2023 07:53:26 GMT
Etag: "63c236fc-1d7"
Expires: Mon, 16 Jan 2023 06:43:48 GMT
Last-Modified: Sat, 14 Jan 2023 05:00:44 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wO-uNQzOSwATBPf_yOL368Qmr0CDfcXcYsTXghDPqk07eKSHzBgQXQ==
Age: 6184
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32b4235c94b77c53ed6886da3a1623cb
fdc2413e113b7affff29cd0cd128d9e2bd00976d
263c37c723e9068fdf6654dd91390d18b80233cfade1d3c63a526dc6024dcefc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Last-Modified: Sat, 14 Jan 2023 06:36:22 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 659eec6053625c6661493da85c2855cb
f7cef848f0e9d820e4f4fea96e7099d7e697ab9b
89409a1676f8889bf1f9ce9aa931f114c7454ed5dcc58f89a64915df89bf8e6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4741
Cache-Control: max-age=111722
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Etag: "63c15e5b-139"
Expires: Sun, 15 Jan 2023 14:55:28 GMT
Last-Modified: Fri, 13 Jan 2023 13:36:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1212
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=UiOhil80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhLeG50ZVNhU0Y5RXVaJTJGMSUyRjBqSUlqZzJ0MzU4V2ZjQ2VUZlJaRFNMbjg3; expires=Thu, 08 Feb 2024 07:53:26 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 242626
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 518580afe0a8c5e986d76da646b2dc96
b11074ab729726e6eca62fe0babef297ed949cad
a08d65a53012c113a271f8519c0d504428fab911efff29acc73fa115aa261da7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 07:53:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 13 Jan 2023 20:22:08 GMT
Expires: Sat, 14 Jan 2023 20:22:08 GMT
ETag: "b11074ab729726e6eca62fe0babef297ed949cad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1230
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1211
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1228
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 257 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 303c3e32079d2a5c8cc6aad4387db81b
3583f779849df0c312171f42d9bcfd06613bd9f6
373c306e6dc7d3ad8dafbc143b822d85223b17d28834465806ed92b02b5fa857
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1275
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:53:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 257
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 97fe57af-4a9f-4a68-9a3c-9adbd1400ed5
Set-Cookie: icu=ChgIodc0EAoYASABKAEw9r6JngY4AUABSAEQ9r6JngYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:53:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3209438700417487535; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:53:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.70.105.175204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.70.105.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1211
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:26 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
colossusssp.com/?c=o&m=multi
80.77.87.217200 OK 2 B URL HTTP/1.1 colossusssp.com/?c=o&m=multi
IP 80.77.87.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /?c=o&m=multi HTTP/1.1
Host: colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2668
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jan 2023 07:53:26 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tinyurl.com
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e0504df44312ac2e4362e0d13517da52
12c7681b0fb82f0e1556750ad314d0454e524197
88611ff21e1a897eff69af874fdf97593bfba8c8a9957ba738654e1b950fb778
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:53:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 01:56:50 GMT
Expires: Sat, 21 Jan 2023 01:56:49 GMT
Etag: "12c7681b0fb82f0e1556750ad314d0454e524197"
Cache-Control: max-age=582802,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7894cc43de48b4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ebf180030d494bf6261445b10ace7bd
97af69477682de917c9bb25ead9f01ec3f4b6fb5
5bb8fd04c2753d500cff77572e2baef1b4830d192e23a7b88e422c96ee8d8dff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5327
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:26 GMT
Last-Modified: Sat, 14 Jan 2023 06:24:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
grid.bidswitch.net/hbjson
35.156.77.249200 OK 49 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 35.156.77.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fe18187a58744ce48bc19ec630c6cd8e
1fd5e267360470c7ed208eaa53b7388894150f6d
75a63cb995aee2c85583f0f34c72cf3e8aafec06d262bb7579f1402426d0ce40
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3604
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json
content-length: 49
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
p.ad.gt/api/v1/p/474
172.67.23.234200 OK 12 kB IP 172.67.23.234:0
File type ASCII text, with very long lines (40929), with no line terminators
Hash 4d6b87efa4f58049778c241d7c850dfe
67318418fb5b8f4910ffd19e2353da17488bbdb6
34dfa9be370415af01870ff15f3ca0ef891850e3235a4be4bcc7bc788ad7d132
GET /api/v1/p/474 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 12:14:30 GMT
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:50:49 GMT
etag: W/"1673612070.0-40929-2713193071"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 156
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc463f74b50f-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3d68c58452d41745e480b6f9f70c2510
eb5a065e302fc902af513b73fb565e2311f8b064
2c6d845ab07fbe9c5756a5fd2ccf4a808ed1d3ff604d30333aed09359ef2aaf0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:53:27 GMT
Last-Modified: Sat, 14 Jan 2023 07:00:03 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eF5DhCN-VvsZsXSPBg5C9wMwL9OZ0rPRYS1ljNDsvp3PaiyQ31BXPQ==
Age: 3204
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3d68c58452d41745e480b6f9f70c2510
eb5a065e302fc902af513b73fb565e2311f8b064
2c6d845ab07fbe9c5756a5fd2ccf4a808ed1d3ff604d30333aed09359ef2aaf0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126194
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c19dbe-1d7"
Expires: Sun, 15 Jan 2023 18:56:41 GMT
Last-Modified: Fri, 13 Jan 2023 18:06:54 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6K3h049KRtD4a0PXEH0p5ZELVdzVjiNaq_O27Tb6Rg-UMlJg_GunIA==
Age: 2987
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3d68c58452d41745e480b6f9f70c2510
eb5a065e302fc902af513b73fb565e2311f8b064
2c6d845ab07fbe9c5756a5fd2ccf4a808ed1d3ff604d30333aed09359ef2aaf0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:53:27 GMT
Last-Modified: Sat, 14 Jan 2023 06:59:44 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: esXXljTsmpP2o72MpAaYg37ppScBx4DVJMVdDTzWbSp5whcTWH6udQ==
Age: 3223
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9e401e6d58864863237a7430b20e3dfe
b302d934ffc4609b6445d7a5cf21d87ef1cd68d9
003b776b32166e9fe09d14b70018a4e2f296af83f0216fabab1e22582363be7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2182
Cache-Control: max-age=109547
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c15fdc-139"
Expires: Sun, 15 Jan 2023 14:19:14 GMT
Last-Modified: Fri, 13 Jan 2023 13:42:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
psp.pushnami.com/api/psp
52.54.160.235200 OK 540 B IP 52.54.160.235:0
Hash bf9bd932fb244c5e676ddbd7bc84f702
4e110fea0ec0098cc9616859111c8bb7e82cf947
e36c41587aeca2a2ef645198f06c54fbeadda01551cd275be768ea60441e2cdf
OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
51.89.9.253302 Found 0 B URL HTTP/2 onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store
location: https://s2s.t13.io/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=1---&f=b&uid=
content-length: 0
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
a.ad.gt/api/v1/u/matches/474?_it=prebid
104.22.5.69200 OK 4.2 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/474?_it=prebid
IP 104.22.5.69:0
Hash 89347018f3832259b40aabbaf81873f8
537c494eb31d5c8a05660ec05c7344ad44dbd155
3312ae54489d09c7f3f69fd7f2c0e89049631124c0b811def31c816ad82b85c0
GET /api/v1/u/matches/474?_it=prebid HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 297
last-modified: Sat, 14 Jan 2023 07:48:29 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc4578b90b65-OSL
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
44.240.136.93200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 44.240.136.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/ip_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.0
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
52.54.160.235200 OK 1.8 kB IP 52.54.160.235:0
Hash 656bb80a829c0521c511ee6258525a3c
982852aff8b51c792d2548eba2502abfc8eb19f1
b6957e34af8f1a608fb07cdfe5eb23715825090a85c7a90688e92fff43a89913
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pixels.ad.gt/api/v1/getpixels?tagger_id=84ff5a7409c275fc9f77509de6ad4e0f&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&code=%27none%27
35.155.137.18204 No Content 0 B URL HTTP/2 pixels.ad.gt/api/v1/getpixels?tagger_id=84ff5a7409c275fc9f77509de6ad4e0f&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&code=%27none%27
IP 35.155.137.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/getpixels?tagger_id=84ff5a7409c275fc9f77509de6ad4e0f&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&code=%27none%27 HTTP/1.1
Host: pixels.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:53:27 GMT
server: nginx/1.20.0
X-Firefox-Spdy: h2
cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
18.156.32.70204 No Content 0 B URL HTTP/2 cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP 18.156.32.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sat, 14 Jan 2023 07:53:26 GMT
content-length: 0
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.5.69200 OK 137 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.5.69:0
Hash 92eeb5ae994a5e49214c0c03659d5b21
bd50b8ec483d783908222ef0166b63a1766049a9
96c4243a9311351294809e273f70ceaebf152c10c06bb10eb0d17c79a1461dc4
GET /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894cc43aed0b521-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6c8736f0ec051760c64f065450f8b2ba
a6ab0614d8535705ad4408459c4be41de8459068
a694595e79c68d651fe61890d8773c4cc3d2b8089c4d8a80d53b1e4747b97e50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Last-Modified: Sat, 14 Jan 2023 06:53:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92175cdd015808f0776871063caa711e
a4487a19c34f6f019deac5a36e2fe69b96bbad40
e6496923aa91ae3e292a476b07e36d68a4125c67815877497fc680692be53b52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4028
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Last-Modified: Sat, 14 Jan 2023 06:46:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
143.204.46.73200 OK 715 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
IP 143.204.46.73:0
File type JSON data\012- , ASCII text, with very long lines (715), with no line terminators
Hash 71ff2249d73ae3bdd364ac707917b8af
403fc7f58e7f37982c229dad752925209b870fba
37242aa83971c2832d43401e931308e46b5c6946ffbface43876d30110b2e191
GET /cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 715
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sat, 14 Jan 2023 04:12:23 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W8Jlbt0UCM45qyggCJYVmdeaekL6kdBZ35_oIQsRpSSVMJ8zVmj_Tw==
age: 13264
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
216.58.207.194302 Found 381 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ac25d28bc1493609e24064becb74a742
b19eb9c3b87bfc8bb15c5e71d10bb917cd24b2ba
00f91217ebd213784cb63ffa8b99f854d35d7acbf261a168f61b0e1b9802f228
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_tc=
date: Sat, 14 Jan 2023 07:53:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 08:08:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
37.157.2.238200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
IP 37.157.2.238:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c7f8a21f5392f56f4f5da835b8d6f135
451cf1e630c1618c4e9ba70f40e9359db62239bc
f8f49ea42de002fe8a1f5dd8591e3eaf692c62358fad8b64ecbb36e0fa64cc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6067
Cache-Control: max-age=129269
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c19db9-1d7"
Expires: Sun, 15 Jan 2023 19:47:56 GMT
Last-Modified: Fri, 13 Jan 2023 18:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_tc=
216.58.207.194302 Found 288 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_tc=
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 69647206c777031501c828b004e03f04
ee586de9660a573910c5704821979e7c9d1d45a8
e0a39666dc01484c0b2feae4665654bbb2205d4975ef68057b3f4fa49b309272
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_error=3
date: Sat, 14 Jan 2023 07:53:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 14 Jan 2023 06:41:07 GMT
expires: Sat, 14 Jan 2023 08:41:07 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 4340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 990923111e9bdf458f09f9c8df7e4158
8ee4ce1cd7d6da1ce3a798483824eb47aacd82f4
8e01d8cb21cf9ecd2b4e07089004d7fb019473c199eb8f51b928ad8be7d6cd55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 272
Cache-Control: max-age=124586
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c1a211-13a"
Expires: Sun, 15 Jan 2023 18:29:53 GMT
Last-Modified: Fri, 13 Jan 2023 18:25:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzY4Mjc5MC1DNVE5RU42Uy1DNUpQ
216.58.207.194302 Found 345 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzY4Mjc5MC1DNVE5RU42Uy1DNUpQ
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 842f03ca80340977ea71d7d467c25f92
ba9cfbd64d04852ddcd4be3811d9264cafea9668
1d751513d03feb731e8750908874f3d0e7d9b2d89f017837a2d754e8587856ef
GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzY4Mjc5MC1DNVE5RU42Uy1DNUpQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzY4Mjc5MC1DNVE5RU42Uy1DNUpQ&google_tc=
date: Sat, 14 Jan 2023 07:53:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 345
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 08:08:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:53:27 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1673682807710;Expires=Wed, 15 Mar 2023 07:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=a25aaeb1-58a4-47a8-8454-399f739d538c;Expires=Wed, 15 Mar 2023 07:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=$UID&gdpr=0
37.252.171.53307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=$UID&gdpr=0
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:53:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 1ad19302-4c85-47e4-bbbe-f0b3ab4d7c6a
Set-Cookie: uuid2=468864487871188451; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:53:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 977e8b760a0cf7463b0d752df7fcbc06
53ca59d879b9a11a30cab28b11f9ddaf5c707d41
572a2d857a3b010f2a2e3f3e100467f5851453419651ee1f81977824a71c3b73
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5599
Cache-Control: max-age=117280
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c170b8-1d7"
Expires: Sun, 15 Jan 2023 16:28:07 GMT
Last-Modified: Fri, 13 Jan 2023 14:54:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/plugins/ua/ec.js
142.250.74.110200 OK 1.1 kB URL HTTP/2 www.google-analytics.com/plugins/ua/ec.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (523)
Hash 17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7
GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:44:34 GMT
expires: Sat, 14 Jan 2023 08:44:34 GMT
cache-control: public, max-age=3600
age: 533
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/ecommerce.js
142.250.74.110200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:50:44 GMT
expires: Sat, 14 Jan 2023 08:50:44 GMT
cache-control: public, max-age=3600
age: 163
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.61.233.63200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.61.233.63:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Sat, 14 Jan 2023 08:08:27 GMT
date: Sat, 14 Jan 2023 07:53:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92175cdd015808f0776871063caa711e
a4487a19c34f6f019deac5a36e2fe69b96bbad40
e6496923aa91ae3e292a476b07e36d68a4125c67815877497fc680692be53b52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3965
Cache-Control: max-age=163146
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c22a44-1d7"
Expires: Mon, 16 Jan 2023 05:12:33 GMT
Last-Modified: Sat, 14 Jan 2023 04:06:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&pid=tjcO81vM1zZM7&cb=0&ws=1280x939&v=23.105.2110&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
143.204.52.189200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&pid=tjcO81vM1zZM7&cb=0&ws=1280x939&v=23.105.2110&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&pid=tjcO81vM1zZM7&cb=0&ws=1280x939&v=23.105.2110&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Sat, 14 Jan 2023 07:53:27 GMT
x-amz-rid: X9BH8XQ2SMS79DDCH2WJ
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _uy6-N1LTuOe9KQ-0bOZ3He_y_-4goqVdGumkZPsOWTIRi8qObDs2A==
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
185.64.190.80302 Found 286 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 185.64.190.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 72fdf9fbb0545be5aa743be595bae612
577d12050e40a8af847c1998efbca50729aa6953
6811cc1ce7900864c08def4d5c23cd10a00976c47bf02dfffc3ff1097e8b8992
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 14 Jan 2023 07:53:27 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Fri, 14-Apr-2023 07:53:27 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf7bc60edb6dc9ebd04acb78e3ef351d
3fe537e1d1540baaed5bbb41985c6ea80cad2397
0e78fa29c13ed19de3ba10efea4f4fcde814095c7cfa0fcc1ad4523e4ea59ad6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3962
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Last-Modified: Sat, 14 Jan 2023 06:47:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26adnxs_id%3D%24UID%26gdpr%3D0
37.252.171.53302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26adnxs_id%3D%24UID%26gdpr%3D0
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:53:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: 1847b425-e28e-45be-a27b-39baf37cf615
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6ba4200d41c2576ad67e1e7e26232791
2b2390f865d3c724d38e23ec5f501f0ebff4e282
288c1b8907bb58870a88e3835c9e4d534ab97b3d1dcc615571f1c1ef17cfd7fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102291
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c13f8e-1d7"
Expires: Sun, 15 Jan 2023 12:18:18 GMT
Last-Modified: Fri, 13 Jan 2023 11:25:02 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hms96xvredMtCyfzBLZDrLFKZEWwJQOSlEfWYojyvHDmWNsX8dlmyA==
Age: 3196
secure.quantserve.com/quant.js
91.228.74.208200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.208:0
File type ASCII text, with very long lines (25892)
Hash 8545b0e77a9b4752182f79024cb4596e
9dffa9c505bc6a0d59521bd46fde481c2b8a95ac
310eba2723063e0ff75128486f494869a190d6844d73c07a3674425659ca3895
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
expires: Sat, 21 Jan 2023 07:53:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26auid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
35.244.159.8200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26auid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 35.244.159.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP%26auid%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 977e8b760a0cf7463b0d752df7fcbc06
53ca59d879b9a11a30cab28b11f9ddaf5c707d41
572a2d857a3b010f2a2e3f3e100467f5851453419651ee1f81977824a71c3b73
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: max-age=118228
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:27 GMT
Etag: "63c170b8-1d7"
Expires: Sun, 15 Jan 2023 16:43:55 GMT
Last-Modified: Fri, 13 Jan 2023 14:54:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
52.211.150.89303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 52.211.150.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 14 Jan 2023 07:53:27 GMT
location: https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 14 Jan 2023 08:03:27 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&_bee_ppp=1
52.211.150.89303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&_bee_ppp=1
IP 52.211.150.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/audigent?buyer_user_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 14 Jan 2023 07:53:27 GMT
location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=0&gdpr=0
44.240.136.93202 Accepted 197 B URL HTTP/2 ids.ad.gt/api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=0&gdpr=0
IP 44.240.136.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 0200fb56f4847e73175a29284255e529
61ae48ba338d48bf246d35141d1a636e22ba42dc
e0f00a616f4e9479d121e4ee900b16be2524750a96c00916857aa05c027851f6
GET /api/v1/match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:27 GMT
set-cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; Expires=Mon, 13 Jan 2025 07:53:27 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
54.230.111.16200 OK 1.2 kB URL HTTP/2 rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP 54.230.111.16:0
Hash bbb563087cbf7a3ac427f449dd7ff478
a6df41b0a2c05eab8fad2ca86f674f0f0355e281
6dc587a120b3ea08930d62b72bca25bc32199a3db202c2e8e6149e873b80cfd7
GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sat, 14 Jan 2023 07:12:39 GMT
cache-control: max-age=3600
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a7qy6oxrGaJzj88mtBLCXemAjkPvPAgeLQl2EaCD4zveHSUylPqjwA==
age: 2451
X-Firefox-Spdy: h2
ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
67.202.105.21204 No Content 98 B URL HTTP/2 ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
IP 67.202.105.21:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 35dd0d6e0e0bdfefa1788b7d780a861b
12d298bfac14961e2f158f34078dcb472befa48e
05d0c996bffcb553aeb307ab6065accca0f85c710b749c5865c7d012e7f50043
GET /ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP018
date: Sat, 14 Jan 2023 07:53:28 GMT
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
185.64.190.80200 OK 5.6 kB URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 185.64.190.80:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash d468b0cb37d87e6eb9e135159d63f548
41255baad01f4e94bd9611f7af09c91709a999b9
019d2575972aef9e842d1ded3755dedc61802e2fb69b9a7b11448a78262a626e
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?us_privacy=1---
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?us_privacy=1---
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?us_privacy=1--- HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Jan 2023 07:53:29 GMT
Connection: keep-alive
Vary: Accept-Encoding
eb2.3lift.com/sync?us_privacy=1---&
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/sync?us_privacy=1---&
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync?us_privacy=1---& HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:29 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.193.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.193.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 08 Jan 2023 06:27:18 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 14 Jan 2023 07:53:29 GMT
Age: 5159
X-Served-By: cache-lga13626-LGA, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 17328
X-Timer: S1673682810.825374,VS0,VE0
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 77cc4aa9f5c4d193cc55998f62501cc0
dba8adbfc79912ed4310bd7ea613313c939d9558
64a6035e0db07c275c992b47ef2407b201954124d5fd374f20ddc15de1947f2b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167612
Date: Sat, 14 Jan 2023 07:53:29 GMT
Etag: "63c247d8-1d7"
Expires: Mon, 16 Jan 2023 06:27:01 GMT
Last-Modified: Sat, 14 Jan 2023 06:12:40 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zpw328IZxMW3_1YCLxD8u-gNq-lbQkmXxpOPIK4k2faVvjUPCxOO7A==
Age: 861
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash 9bc56ffd4c997abe5269e7f5eb26bcb7
00881c14ffe6e5fb8a49811e5ecd73703c2266ed
c1e2f90a09af558c0094eb5939aed812d3e1a5dceb85615b670cdda722c4d26f
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 13 Jan 2023 18:57:20 GMT
Content-Encoding: gzip
Content-Length: 10036
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=39812
Expires: Sat, 14 Jan 2023 18:57:01 GMT
Date: Sat, 14 Jan 2023 07:53:29 GMT
Connection: keep-alive
Vary: Accept-Encoding
x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
18.196.254.35302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
IP 18.196.254.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:53:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=7428aa58-f54c-4d83-a807-e6f60a5f4aa0; path=/; expires=Sun, 14-Jan-2024 07:53:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673682809; path=/; expires=Sun, 14-Jan-2024 07:53:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673682809; path=/; expires=Sun, 14-Jan-2024 07:53:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673682809; path=/; expires=Sun, 14-Jan-2024 07:53:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
63.32.186.190302 Found 0 B URL HTTP/2 ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
IP 63.32.186.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:53:29 GMT
content-type: application/json;charset=utf-8
content-length: 0
location: https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g38d379e1ad0fb43e20a&gdpr=&gdpr_consent=&us_privacy=1---
set-cookie: yieldmo_id=g38d379e1ad0fb43e20a%7C1673682809885%7C0%7C; Domain=.yieldmo.com; Expires=Sun, 14-Jan-2024 07:53:29 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 77cc4aa9f5c4d193cc55998f62501cc0
dba8adbfc79912ed4310bd7ea613313c939d9558
64a6035e0db07c275c992b47ef2407b201954124d5fd374f20ddc15de1947f2b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167415
Date: Sat, 14 Jan 2023 07:53:29 GMT
Etag: "63c247d8-1d7"
Expires: Mon, 16 Jan 2023 06:23:44 GMT
Last-Modified: Sat, 14 Jan 2023 06:12:40 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RhJoqIjPTiZdMdhnJYjmGxPehv4c4femxoesgN5WZCD4ewrqu6J1BA==
Age: 664
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_error=3
44.240.136.93200 OK 103 B URL HTTP/2 ids.ad.gt/api/v1/g_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_error=3
IP 44.240.136.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 207a046486151f10471a104a5c50b70d
9c8d44b4a71a849c0572f3b3da77f596b7a3bd1e
94e20ea9f4d267147e0f6cc91845146f412dba4f3b5ba0c513f49b03b5e2a9c7
GET /api/v1/g_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:27 GMT
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
18.196.254.35200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
IP 18.196.254.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:29 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83a865b131c2f9f6996af16f828ef8ac
41a73185b6dc4757de33c9b93123868a139f2f41
66d5bfeea970954f3775c1db78e4890af8efaafbc447919344817508cbeca71b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=113306
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:30 GMT
Etag: "63c1642f-117"
Expires: Sun, 15 Jan 2023 15:21:56 GMT
Last-Modified: Fri, 13 Jan 2023 14:01:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
104.18.33.19302 Found 98 B URL HTTP/2 ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
IP 104.18.33.19:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 35dd0d6e0e0bdfefa1788b7d780a861b
12d298bfac14961e2f158f34078dcb472befa48e
05d0c996bffcb553aeb307ab6065accca0f85c710b749c5865c7d012e7f50043
GET /usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP/1.1
Host: ssum.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:53:30 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=189517&us_privacy=1---&C=1
cf-ray: 7894cc5abdddb4ff-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8Jfetb3.V0NuVrtsRaMTAAA; Path=/; Domain=casalemedia.com; Expires=Sun, 14 Jan 2024 07:53:30 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=700; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 07:53:30 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=700; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 07:53:30 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IFSHtbOOUgTIImjCdcXpIt6efJZVJAc4HZ8RyWv1L%2B11C4YilhueZC2CYIICJBHDg1ArxGTBDPebc1znq43%2BtwMsaMPHXcRQol6EMVjVvMhlfAhGxxhH8i9iqkhNny%2BoYX40UIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83a865b131c2f9f6996af16f828ef8ac
41a73185b6dc4757de33c9b93123868a139f2f41
66d5bfeea970954f3775c1db78e4890af8efaafbc447919344817508cbeca71b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:30 GMT
Last-Modified: Sat, 14 Jan 2023 06:35:38 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=8441CF19-B9C8-4D90-B892-49B72B7A2F21&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
198.47.127.20200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=8441CF19-B9C8-4D90-B892-49B72B7A2F21&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
IP 198.47.127.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash 874d143a1fef809b888d65da9b6fe8b6
0f39c3105131d0fd8e89bcf5f6a5d826307e7395
d377e3213e73fb8e717ebb98d932df2153e9eff78e8abe9acb1c96f91de1e7a9
GET /AdServer/SPug?o=1&p=156696&sc=1&u=8441CF19-B9C8-4D90-B892-49B72B7A2F21&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:29 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=189517&us_privacy=1---&C=1
104.18.33.19302 Found 0 B URL HTTP/2 ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=189517&us_privacy=1---&C=1
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=189517&us_privacy=1---&C=1 HTTP/1.1
Host: ssum.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:53:30 GMT
content-length: 0
location: https://s2s.t13.io/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0
cf-ray: 7894cc5b1e49b4ff-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNNdvxU023i4hIYkPIJpsnqY6EO3un6peMozA675TR58Qjzb1CiKrRcV04qj7WgIGFr7qZao%2FnR07AYFEcywO6uLJXNU9bvumyQKh3CkBp447Ypbsb%2FMQAuu1zaXeMrOudQ7tlkf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e9d3f0434e0645064badf42d044043ea
14dc7a161d209f6796ce4b2a4e83260cc309b5aa
6e69d762e4cb712634ad9669e65b9ea845eeb9392df0d85f3e00f8562aa7ea6c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:53:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 18 Jan 2023 05:10:35 GMT
ETag: "14dc7a161d209f6796ce4b2a4e83260cc309b5aa"
Last-Modified: Sat, 14 Jan 2023 05:10:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7894cc5b7c5db509-OSL
pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=yieldmo HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 569 B IP 93.184.220.29:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 120428bd0d0d0a7629e92c75c94607cf
39aa2c011c9c849f4853eaa354a0afa3434167f7
cf450907b1de48fecc613b5548ddf677cf0585613e47aea53f4d1c2cbdc811b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4792
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:53:30 GMT
Last-Modified: Sat, 14 Jan 2023 06:33:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
89.207.16.140204 No Content 0 B URL HTTP/2 yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
IP 89.207.16.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/bounce/current?networkId=42851&version=1 HTTP/1.1
Host: yieldmo-match.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 14 Jan 2023 07:53:30 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
64.202.112.31302 Found 76 B URL HTTP/1.1 b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
IP 64.202.112.31:0
File type HTML document, ASCII text
Hash e80e910ca2fd15f952aeaf7cfc8f5044
b2f21b388408b5877247430b7a8a1954bdf48bfd
96f5e718924d2a760110aa7444eadf7b0c5eaf105d0cd486adabd8f6e6f09de9
GET /usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 76
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Pragma: no-cache
Date: Sat, 14 Jan 2023 07:53:30 GMT
ads.yieldmo.com/v000/sync?pn_id=z&userid=
63.32.186.190200 OK 43 B URL HTTP/2 ads.yieldmo.com/v000/sync?pn_id=z&userid=
IP 63.32.186.190:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /v000/sync?pn_id=z&userid= HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:30 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
IP 143.204.55.76:0
GET /tcfv2/cmp2.js?referer=tinyurl.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
cache-control: max-age=3600
date: Sat, 14 Jan 2023 07:42:27 GMT
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FvhQrXmBEKdDxfEjGP5XLxCKKKaoazS7Bj4yhKtW8uvKBgmGLA4t5A==
age: 658
X-Firefox-Spdy: h2
a.pub.network/core/prebid-analytics-7.19.8.js
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/core/prebid-analytics-7.19.8.js
IP 104.18.21.206:0
GET /core/prebid-analytics-7.19.8.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=3c77c429-1ede-4407-8965-ba7ce5043e4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: text/html
x-guploader-uploadid: ADPycdtM2KBgnZrpc6xDQeGM9apVNOgMqw--SZJypyQNyMw6WWLSKCyhWCBLI9GHNEJ3UuzlzY-PMsucpc1D_6T6oUqkJ4EgCcJC
cache-control: public, max-age=31483559
expires: Sat, 13 Jan 2024 17:19:23 GMT
last-modified: Fri, 02 Dec 2022 16:03:29 GMT
etag: W/"51ace935aa2aa7ac94ab810fd2e22d1d"
x-goog-generation: 1669997008969213
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 560022
content-language: en
x-goog-hash: crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 52436
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc397a73fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
104.18.16.107200 OK 0 B URL HTTP/2 cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
IP 104.18.16.107:0
GET /gptprebidnative/202212211045/wrap.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: WZ3d5nz6Q78/yNm0wY3JWuRPSlIEK6G6n01doQRCRXQepnSVM6il3PFJ+DEQYqj5Nlr+nFOqmq0=
x-amz-request-id: JQCRHGREJ92MCEV5
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
etag: W/"fa407ba001f2ac06196124f41d523471"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 139735
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc3a1858b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Sun, 15 Jan 2023 07:53:27 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&tapad_id=2fdb5105-d0cb-4c16-a68f-68997092b0f6
44.240.136.93200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&tapad_id=2fdb5105-d0cb-4c16-a68f-68997092b0f6
IP 44.240.136.93:0
GET /api/v1/tapad_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&tapad_id=2fdb5105-d0cb-4c16-a68f-68997092b0f6 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:27 GMT
set-cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; Expires=Mon, 13 Jan 2025 07:53:27 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
a.pub.network/tinyurl-com/pubfig.min.js
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/tinyurl-com/pubfig.min.js
IP 104.18.21.206:0
GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:23 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdu9ojOiEhnm6A0G8KvzEkaLov9IoYCh_Z66q1Sz4qR2WBCEeK39lhSBp5V6Lvqbq2IvXoQxgoEKu77eJXfUpgEqMgXDr8i4
x-goog-generation: 1673385064585346
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170997
x-goog-hash: crc32c=qE3GUg==, md5=9A7BS8UtrTVUwmr6lDWmQQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 14 Jan 2023 08:23:23 GMT
cache-control: public, max-age=1800
last-modified: Tue, 10 Jan 2023 21:11:04 GMT
etag: W/"f40ec14bc52dad3554c26afa9435a641"
cf-cache-status: HIT
age: 138703
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc34b8b7fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.5.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.5.69:0
OPTIONS /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894cc427dc0b521-OSL
X-Firefox-Spdy: h2
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
104.18.16.107200 OK 0 B URL HTTP/2 cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
IP 104.18.16.107:0
GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: text/javascript
x-amz-id-2: 1TUVLd7S+MkMmwzID2OfoMdENwaLJZiLY7txuWP6vt8qloc1ndqhM6AV2sVL1gjHkC9kPO1kG6RZua/uubKWgg==
x-amz-request-id: YKNGA7MZM1VQNHP5
last-modified: Sat, 14 Jan 2023 07:37:40 GMT
etag: W/"a73e3cd12b67a411a67fe56e42d9ad52"
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-cache-status: HIT
age: 146
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc39d820b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?google_error=3
44.240.136.93200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/g_match?google_error=3
IP 44.240.136.93:0
GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:27 GMT
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
54.230.111.113200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP 54.230.111.113:0
GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 07:46:02 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AJUZHOuc9NhujJx0oyYiIVNOLeS15KvmOUdGUGEmVKBEvwLBpoTg-g==
age: 441
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
44.240.136.93200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP 44.240.136.93:0
GET /api/v1/halo_match?id=AU1D-0100-001673682790-C5Q9EN6S-C5JP&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:27 GMT
set-cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; Expires=Mon, 13 Jan 2025 07:53:27 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sat, 14 Jan 2023 05:33:02 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cT-cUVUshnFSfUduocYSzRqa4qbrm2cTVqndyEe6dMq75NBuShGunA==
age: 9416
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sun, 15 Jan 2023 07:53:27 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP 143.204.55.76:0
GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sat, 14 Jan 2023 07:53:24 GMT
cache-control: max-age=3600
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wei6GX9eMbJVvUj0eYNKSeycX6SNafZA-jc60n_Xy4eJvD03A6Ol4Q==
age: 4
X-Firefox-Spdy: h2
ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
63.32.186.190200 OK 0 B URL HTTP/2 ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
IP 63.32.186.190:0
GET /pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:29 GMT
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
set-cookie: yieldmo_id=gf1e1caf0a651f97887c%7C1673682809956%7C0%7C; Domain=.yieldmo.com; Expires=Sun, 14-Jan-2024 07:53:29 GMT; Path=/; Secure; SameSite=None; Secure
rptr=rc%3D1163119%7Cc%3D1163119%7Ccriteo%3D1163119%7Ceps%3D1163119%7Cz%3D1163119; Domain=ads.yieldmo.com; Expires=Sun, 14-Jan-2024 07:53:29 GMT; Path=/; Secure; SameSite=None; Secure
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Ill4Y3YvcGhzcXdRQnREdFNHaVhvTUE9PSIsInZhbHVlIjoiZ0JHTmU0SlZ5ekhXdEZVcGhZbUVWdE1xZjN6dExrbmxXd25jZWN2WG95Z24xc1NoNkRYOXBTQmhmWXhxVy9RK2dkN1FqbEswdDViY2dKK2VBcitHQURzRFhuLzduYkNxdEhjV0J3Vm1mTDBUSmpKUWRGSnNpaWdrSnZkdTFIaEsiLCJtYWMiOiI0MTcwNzkzNWViZTZhN2UwN2ZlMDQwYTQ4NjFkM2I1ZmJiMWZhMDBkY2E0NzQwNmU2NWRjZTQ5NmU5MDkyZmJhIiwidGFnIjoiIn0=
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
set-cookie: _fsuid=3c77c429-1ede-4407-8965-ba7ce5043e4a; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: application/json
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&ref=&_it=freestar&partner_id=474
172.67.73.228200 OK 0 B URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&ref=&_it=freestar&partner_id=474
IP 172.67.73.228:0
GET /hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&ref=&_it=freestar&partner_id=474 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:24 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 6627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lqUWHIGJUiG031OMO3S0IQ1J2NGeO9miZ8gud2dpaSfYsMWeZgezyXsI%2FXjFTuhombAK45IC8tY%2BBMHztoDtMxMS5ABvxu%2B1XjH4EUfqWhxETI9WA3ATx9ui5d3IF85Wp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc39dc86b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.53200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.53:0
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 07:50:07 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SzoUbjCIWR1tKA-3A_r75G486hXVhNOlNRROoCdNW63fltIsR4vVQQ==
age: 198
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
172.67.38.106200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 172.67.38.106:0
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:27 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: XA0Xcb9PtCWzlolHa2vPg4nTx4VoCXMvA5uHcJO0xOfC14c6yuHkYE/5KbbzOyylMzBoIGEj/bg=
x-amz-request-id: ZZGCY2GTHYQWTE2M
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2996
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7894cc4c7fb2fab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 198.148.27.140:0
GET /bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-548d8dffc6-qjm8n
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=LGKeOYWSlV3m&ev=1&pid=562316&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=LGKeOYWSlV3m;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 09-Jan-2024 07:53:27 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=c4b440e76456b145; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
44.240.136.93202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 44.240.136.93:0
GET /api/v1/beeswax_match?beeswax_id=&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 14 Jan 2023 07:53:28 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:28 GMT
set-cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; Expires=Mon, 13 Jan 2025 07:53:28 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
beeswax_id=; Expires=Mon, 13 Jan 2025 07:53:28 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ppnt_match?uid=LGKeOYWSlV3m&ev=1&pid=562316&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
44.240.136.93200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/ppnt_match?uid=LGKeOYWSlV3m&ev=1&pid=562316&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP
IP 44.240.136.93:0
GET /api/v1/ppnt_match?uid=LGKeOYWSlV3m&ev=1&pid=562316&id=AU1D-0100-001673682790-C5Q9EN6S-C5JP HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:28 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:53:28 GMT
set-cookie: au_id=AU1D-0100-001673682790-C5Q9EN6S-C5JP; Expires=Mon, 13 Jan 2025 07:53:28 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.113200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.113:0
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 07:50:07 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2z6Np-6y0ELFSeiLl4HtqeZL-v8Xgnnke5Kp0m_xJsSkTQCXUpP7ug==
age: 197
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.94200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.94:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 13 Jan 2023 12:11:34 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HpYB9K7dUPPuZsW59ctF40mRhO_C9RojsZNV3EQHunHI5pdb61yRBQ==
age: 70910
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
104.22.5.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
IP 104.22.5.69:0
GET /api/v1/pbhid?partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
content-type: application/json
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894cc3fdb4eb521-OSL
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
104.22.5.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
IP 104.22.5.69:0
GET /api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: text/javascript; charset=UTF-8
origin-trial:
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894cc410af3b4e8-OSL
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP 104.18.21.206:0
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:23 GMT
content-type: text/css
x-guploader-uploadid: ADPycdstTA9_vZLcFQha2lti_lCP6NHPudd2LeJw_APH3Gzszv-AKGwFgmIcRMz127xKFH8yANOeDV67sL8DhGs8tc6jQc6hvxx1
x-goog-generation: 1666967770269941
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2096
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 14 Jan 2023 08:53:23 GMT
cache-control: public, max-age=3600
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
etag: W/"816783146b3907e634d0e822ca759864"
cf-cache-status: HIT
age: 1937
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc34b8b6fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=ebbff7cc-b4b7-450f-b172-13eb131570b9%5E1&ppuid=3c77c429-1ede-4407-8965-ba7ce5043e4a&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=1e5d9fed-980f-40e2-b185-d2ff1939388d%3Bf318c794-574c-44e4-b8d8-063330b576e3&l_pb_bid_id=513a2d9dd28a30b8%3B523dd30f53bf79b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.1367611427740698
213.19.162.51200 OK 0 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=ebbff7cc-b4b7-450f-b172-13eb131570b9%5E1&ppuid=3c77c429-1ede-4407-8965-ba7ce5043e4a&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=1e5d9fed-980f-40e2-b185-d2ff1939388d%3Bf318c794-574c-44e4-b8d8-063330b576e3&l_pb_bid_id=513a2d9dd28a30b8%3B523dd30f53bf79b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.1367611427740698
IP 213.19.162.51:0
GET /a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=ebbff7cc-b4b7-450f-b172-13eb131570b9%5E1&ppuid=3c77c429-1ede-4407-8965-ba7ce5043e4a&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4pv8nw2n%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=1e5d9fed-980f-40e2-b185-d2ff1939388d%3Bf318c794-574c-44e4-b8d8-063330b576e3&l_pb_bid_id=513a2d9dd28a30b8%3B523dd30f53bf79b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.1367611427740698 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:53:26 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVNJ2II-F-JSQ; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:53:26 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Eh49/3HLIDUge9DtVM30fCgLyeqvALYT7lAwuqyJhV2wMoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:53:26 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LCVNJ2II-F-JSQ; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:53:26 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Eh49/3HLIDUge9DtVM30fCgLyeqvALYT7lAwuqyJhV2wMoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:53:26 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP 104.18.21.206:0
GET /core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=3c77c429-1ede-4407-8965-ba7ce5043e4a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:53:25 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtjKqO9R0XNMjHNHQCspILzR7rDrzSHFHxYkOepFV-zpYAGAZJoy_cOUC4IDICqUPlFAHGkqai34189A2I2O4bs-Q
x-goog-generation: 1671132214233304
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 236006
content-language: en
x-goog-hash: crc32c=K2FWmw==, md5=T6D+lyRyGNPHnVQ/pmPZAg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 14 Jan 2023 08:53:25 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:34 GMT
etag: W/"4fa0fe97247218d3c79d543fa663d902"
cf-cache-status: HIT
age: 138842
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894cc3fcd2bfac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2