r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5296
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 07:13:30 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6344
Cache-Control: max-age=104605
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:16:55 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Fri, 25 Nov 2022 08:23:22 GMT
Date: Fri, 25 Nov 2022 07:13:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 06:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3366
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8ubx4Y5tsVzJ5BruFMUuavlRom3U2TmyG3fUFn9ee0Cz/4b3N39ALz0tJRHGBF81oSBQ9DNob60=
x-amz-request-id: XVVS75KV3DNRHFDW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 06:43:44 GMT
age: 1786
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 07:13:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 07:08:53 GMT
cache-control: public,max-age=3600
age: 278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5983
Cache-Control: max-age=99181
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:31 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:46:32 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0PUX1YmvzVlV0IoSYeyGBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3GkcqrqV6KcfeXOD1ENgPyV6Hhs=
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 76530106075e8490414dcc48640a3ed4
3df2e8ec83217f875e23d4ffca80e02b48483dfa
975c8bfedf5ed821d7ea35e040ed9fd50509e954a5bcebd5f99df0574ee73b04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "975C8BFEDF5ED821D7EA35E040ED9FD50509E954A5BCEBD5F99DF0574EE73B04"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3384
Expires: Fri, 25 Nov 2022 08:09:56 GMT
Date: Fri, 25 Nov 2022 07:13:32 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 76530106075e8490414dcc48640a3ed4
3df2e8ec83217f875e23d4ffca80e02b48483dfa
975c8bfedf5ed821d7ea35e040ed9fd50509e954a5bcebd5f99df0574ee73b04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "975C8BFEDF5ED821D7EA35E040ED9FD50509E954A5BCEBD5F99DF0574EE73B04"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3384
Expires: Fri, 25 Nov 2022 08:09:56 GMT
Date: Fri, 25 Nov 2022 07:13:32 GMT
Connection: keep-alive
d.pub.network/v2/init?siteId=3163&env=PROD
200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-xsrf-token
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-length: 0
set-cookie: _fsuid=b14cc7f3-1d62-4745-b842-5d0eb483f165; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-methods: GET
access-control-allow-headers: x-xsrf-token
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f89510fbbfb51e-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1428
Cache-Control: max-age=166608
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:32 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:30:20 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/dc.js
200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Fri, 25 Nov 2022 06:02:39 GMT
expires: Fri, 25 Nov 2022 08:02:39 GMT
cache-control: public, max-age=7200
age: 4253
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:32 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: b4Q+YhsDuOo2KRwD80GcPkOgL7ZNAo3MfuSPYZaSSqAH0vPUwXUbYP9DDprOeMd4PMz63WTw6M12hx/NJ6a5Jg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 07:13:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
200 OK 13 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP
Hash f321c96eca78a88054e2b77ce5059ff9
382d44b8b4380ede2aee21271a3a212d8b029fd3
e483da3b1969b733521b42997650542653eeb59b0773e8103162b8cc3a579881
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 25 Nov 2022 07:03:55 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ybynUZB3e6a8yl14Ppiwnnheng6TeXXnp250soNQahmr7JHe_ah9SQ==
age: 577
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash eced8c38cddf82f0651d4d6972834e18
14f6de13e3301c1ee2af0fa7e6ca014de685ec0f
7526a80eadb4c180f857729eab9f88ef0586cde5317a1e3659720b9e27bbd58a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5959
Cache-Control: max-age=142356
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:32 GMT
Etag: "637fdce9-117"
Expires: Sat, 26 Nov 2022 22:46:08 GMT
Last-Modified: Thu, 24 Nov 2022 21:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 2088cf5dc99d1034e08f82bbaa4c88db
684494a58c577556d5f5ce959f5256a893bca18e
624dd6411f108432d15f87a33c01e68c8311324320c6415cb84fd3d629eeba37
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "624DD6411F108432D15F87A33C01E68C8311324320C6415CB84FD3D629EEBA37"
Last-Modified: Thu, 24 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3810
Expires: Fri, 25 Nov 2022 08:17:02 GMT
Date: Fri, 25 Nov 2022 07:13:32 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 8d1529df13181dbc99768b639f7ac182
30b0283b6b6faa1bcdf113a1dd2f5bf8bb02f0f7
766d0c1ccd153d8268aab97818f5991d41a0e5fda59953bbab1f0a9fe401bf5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:32 GMT
Last-Modified: Fri, 25 Nov 2022 06:49:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
freestar-io.videoplayerhub.com/gallery.js
301 Moved Permanently 95 kB URL HTTP/2 freestar-io.videoplayerhub.com/gallery.js
IP
Hash fd638aa41f306e4667abb20f16cba1f5
2e7288e48eecd46c2ee8caf51fcdd245900fe394
748edebfe69e74a5ea21188850422098ef6a1018204ce0d59dc0481b4fcd9032
GET /gallery.js HTTP/1.1
Host: freestar-io.videoplayerhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 07:13:32 GMT
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
expires: Fri, 25 Nov 2022 08:13:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeR%2BFi7C1oNlIpmA5nhmsaXaePvFDj3YsZrKiA3IMk6yvY2cd2i6p5GZHZVy4BYxNu6zsnQb1%2FxCVhuW0FYlHsALkYCSLmvIowWX%2Bd0WJAZi12xYu2Z3kn0W7PCSLnJKgR9EUx3Oxk1Ib55HcC%2FDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f895145a3ab529-OSL
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&rl=&if=false&ts=1669360412474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669360412473.329975961&it=1669360412127&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&rl=&if=false&ts=1669360412474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669360412473.329975961&it=1669360412127&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=196261077476671&ev=PageView&dl=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&rl=&if=false&ts=1669360412474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669360412473.329975961&it=1669360412127&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 07:13:33 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8121
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:13:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8121
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:13:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8121
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:13:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8121
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:13:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:32:11 GMT
age: 31282
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2580ebded0a32ceecc3083ae1db2b37
2ec124224738807229328a3ade6ca493ccf4b287
010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4J3VEM5IAMFtcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AqpyU32i39pVq4O_-tSo8Bup9eNgoPGBq_lKyeXYUsN1BapLq-xGGg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:12:05 GMT
age: 3688
etag: "2ec124224738807229328a3ade6ca493ccf4b287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 50166
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e97ba6c4c94a299553238e643a3acc7
9be5a5497a8566ea66e81765ef8566e6b716ab5b
bda1bb57f0198e711c3018417513237b9533cfe2e5856ada5383f7461090f40a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1abe4f62-70d8-471a-89fc-79dd854e637c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 49acad5a-bb12-4da8-a303-ea2b76b53822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cF8HPEIdoAMF3tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f0d61-674576450ade0e1e4bd601fd;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 06:21:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rAHhaTW3Gn6HW5DWXuUMyR68h5DAgKK5qDBiAbhk4VVu4rbSebZEmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:24:38 GMT
age: 71335
etag: "9be5a5497a8566ea66e81765ef8566e6b716ab5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 44523
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58d104a028a45c82a7310de66477b256
e94f119e32bcff525f9b1a1c239e77747b6fc101
84d79596f4a2c255d1ecb98f557cfa4a2a42230eb92228122df7db6662140250
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15116
x-amzn-requestid: 8babc46e-4964-4296-b13d-a3ad113d3095
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCDsiGC8oAMFwLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d7fe9-38b816f81940abb71ad60fdd;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:05:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FBWmZXoDHzX-tjUXMn4pkKwf1XU28Mz2JkuiikoIcKtYEqx3NFWpUw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:12:05 GMT
age: 3688
etag: "e94f119e32bcff525f9b1a1c239e77747b6fc101"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3f0d965d64f8e3468509750c6f57abba
3b11f4ec2c09c78262bfd879f49f5850cc4ff5cf
52eb5bdc37273925772afeeb01d191c902d1ea91fdc58e50e02a34a39432c617
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5782
Cache-Control: max-age=99353
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Etag: "637f35a0-117"
Expires: Sat, 26 Nov 2022 10:49:26 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 3f0d965d64f8e3468509750c6f57abba
3b11f4ec2c09c78262bfd879f49f5850cc4ff5cf
52eb5bdc37273925772afeeb01d191c902d1ea91fdc58e50e02a34a39432c617
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5782
Cache-Control: max-age=99353
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Etag: "637f35a0-117"
Expires: Sat, 26 Nov 2022 10:49:26 GMT
Last-Modified: Thu, 24 Nov 2022 09:13:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ad-delivery.net/px.gif?ch=2
200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdt6VCtqtIBnBTdsF1vvDPQfLazGd9ibEd203R5L043lLiuyTx5erfdDBO4fPOmvTjQfhaq1ovVTvyGIn5JVehsmeQ
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 05 Nov 2022 18:30:05 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1690935
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqAzxbE97km%2FBtbqCSDVQ6YvCHO7mngDszCGJtDH9hAeDIR84fqNE9QIEyAJPq4%2BKzpu8ky6EqBuHBubzNb%2F1j1VZHu873rIdIK0pl6apQvsf7zI5x4O7hJykCVkoopRww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f895168b02b500-OSL
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
200 OK 589 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP
Hash c23953e995d3c6c6235c1ec9d5bd98a8
2e6f6dfdd10831fd1246878cb16d6f39b7595057
44879d091413b5197d10539ca522838cf66a3dda6eb36d949c650289b98694ef
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: text/css
x-guploader-uploadid: ADPycdt9Q3ZKgvjYKwq7Ggdfd-lb2KonbbloZTam1eNYJxDPzuSPD660DRxjMwJxLwYz8vQl3Lcc5Snl4IVZvC_JFTYPoRlJQOQM
x-goog-generation: 1666967770269941
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2096
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 25 Nov 2022 08:13:32 GMT
cache-control: public, max-age=3600
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
etag: W/"816783146b3907e634d0e822ca759864"
cf-cache-status: HIT
age: 784
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8951009fcb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 60951c730d96e02c20219f2765873699
64d0ecb0d9001990841e9faa434d9239af4b6927
9eb0e510930409a6eed080afd7759a51ca4ecb58dd30ea04221cea917358f658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
200 OK 189 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tinyurl.com
IP
File type JSON data\012- , ASCII text, with very long lines (564), with no line terminators
Hash c3000987b83e1532d9d849651b8faa14
c08c4bdb521c897ceda9f017c359c56261931899
0c269a1f243173ff05eb0a2e25e0b7635647eb09299992c5d3afe17f252e0de2
GET /pagead/ppub_config?ippd=tinyurl.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Fri, 25 Nov 2022 07:13:33 GMT
expires: Fri, 25 Nov 2022 07:13:33 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 189
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 25-Nov-2022 07:28:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 11:00:31 GMT
expires: Fri, 25 Nov 2022 11:00:31 GMT
cache-control: public, max-age=86400
age: 72782
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
200 OK 132 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
IP
File type ASCII text, with very long lines (65395)
Size 132 kB (132177 bytes)
Hash 3308ca8addf332f89a8f9ae5fada3b60
69a0af021add1aa44292528532ef632aff2ab1d0
7c1c9e093bf8e56cf2ba9af1d8cfc092f7a98c4b9472abc3257147aa97ec0ee3
GET /gpt/pubads_impl_2022111501.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132177
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 10:34:42 GMT
expires: Fri, 24 Nov 2023 10:34:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
content-type: text/javascript
age: 74331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 60951c730d96e02c20219f2765873699
64d0ecb0d9001990841e9faa434d9239af4b6927
9eb0e510930409a6eed080afd7759a51ca4ecb58dd30ea04221cea917358f658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/8WDrLhpUxOc
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8WDrLhpUxOc
IP
Hash 545443e38e99a95c04bffc0f8170e2f2
9a393e6ab942b2ece2642ab2bf47fbe88728fe8b
990cdc4714ef4090fb18da9ae59de0911d01f60ac45daeb7aa1b1c5be12d9a4b
POST /s/gts1d4/8WDrLhpUxOc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.pub.network/core/prebid-analytics-7.19.5.js
200 OK 173 kB URL HTTP/2 a.pub.network/core/prebid-analytics-7.19.5.js
IP
Size 173 kB (173345 bytes)
Hash bea582d3c0b39e75d9cd134a7ba7251b
df8aa332db106db6aeb45f890776ae5f29ac496b
c3aa20a449c14a51c92e7cb96847683502d165640c70842473673aa286eab27b
GET /core/prebid-analytics-7.19.5.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=d665edaf-a0b8-4954-b316-e71d69ab16a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: text/html
x-guploader-uploadid: ADPycduG-Vn2mcUMylsia-2BoBBGi7NDvbRR4_vSb47LJEWdhZx5CipRbOG-cq0SEj-gHSP6kEwNoTiVxlxGDuO-3uBF4jt1iRGs
cache-control: public, max-age=31495559
expires: Fri, 24 Nov 2023 19:59:31 GMT
last-modified: Wed, 02 Nov 2022 16:16:55 GMT
etag: W/"fb286f34785177cf76cd5dc824642aba"
x-goog-generation: 1667405815729831
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 559623
content-language: en
x-goog-hash: crc32c=8D0MRw==, md5=+yhvNHhRd892zV3IJGQqug==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 40335
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f895142f84b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Kv93g70ZFQU
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Kv93g70ZFQU
IP
Hash 0c82ed3d18443131e4571ea8522abcf7
bcd5a1e34320aa52166f810b81ef099b8f937b72
a45da46774b49f077c68cb722ef11650bd8fa51162f69475679ff1cdf8b8c2f9
POST /s/gts1d4/Kv93g70ZFQU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.btloader.com/country
200 OK 16 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Fri, 25 Nov 2022 07:13:33 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Kv93g70ZFQU
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Kv93g70ZFQU
IP
Hash 0c82ed3d18443131e4571ea8522abcf7
bcd5a1e34320aa52166f810b81ef099b8f937b72
a45da46774b49f077c68cb722ef11650bd8fa51162f69475679ff1cdf8b8c2f9
POST /s/gts1d4/Kv93g70ZFQU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
test.cmp.quantcast.com/GVL-v2/cmp-list.json
200 OK 2.5 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash 3e79d2480714e25c09b8c049841c4e41
fa793cf9bd041851c671d33501f706d8a5bcee8b
85f2bd7c0c1b5fcc2768cfc18ce34130744a252655afa0559dfc60a0fc86d154
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Fri, 25 Nov 2022 03:00:37 GMT
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
etag: W/"67643b5faa0950a5532c47758ba39d2f"
x-amz-server-side-encryption: AES256
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dijX_P1JCm-3UZ3yOOTBZcwA5QbTmR2lHAvuEHGeVd3rLs0Nzd5Uzg==
age: 15177
X-Firefox-Spdy: h2
api.floors.dev/sgw/v1/floors
200 OK 0 B URL HTTP/2 api.floors.dev/sgw/v1/floors
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8WDrLhpUxOc
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8WDrLhpUxOc
IP
Hash 545443e38e99a95c04bffc0f8170e2f2
9a393e6ab942b2ece2642ab2bf47fbe88728fe8b
990cdc4714ef4090fb18da9ae59de0911d01f60ac45daeb7aa1b1c5be12d9a4b
POST /s/gts1d4/8WDrLhpUxOc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.pub.network/tinyurl-com/pubfig.min.js
200 OK 60 kB URL HTTP/2 a.pub.network/tinyurl-com/pubfig.min.js
IP
Hash 07a3d9fc36a144b9f801cc829135cb15
7da6dff1b9134ffc2a39c7509a0175226ebbf010
1fe807b44e1b4fc22f1f63ebb1ed50f981a16ed98da1db38ff41233145a52ec5
GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycds2A4gPxQLHNI8OdGfdR09301zMIVZzC-sqbrQ130a335f0ToOMCKPT7_sLFVGpr_DM9reiFFdIKUgirluKbmlEIQ
x-goog-generation: 1668794421501534
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170264
x-goog-hash: crc32c=q9IFaQ==, md5=y7cPlLqLhwaBER8K/9ZLQg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 25 Nov 2022 07:43:32 GMT
cache-control: public, max-age=1800
last-modified: Tue, 22 Nov 2022 22:46:00 GMT
etag: W/"cbb70f94ba8b870681111f0affd64b42"
cf-cache-status: HIT
age: 126809
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8950ff9f9b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1669360412304&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=534&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1669360412304&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=534&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1669360412304&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=534&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:33 GMT
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zcw82rwj_OjLMiMY5InaCKH1XyBEMH54oC58GnZYpqxch2DgA9s0cw==
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
200 OK 36 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash c58fd962b2c3238babfdacef17fce8e8
f852242343c68041be43bf17f2c51e56015dead8
dd5ec8cc46ea64259b82b53874a1fb7268c31c1b6b02dc920b13fe8ad48b14c3
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Fri, 25 Nov 2022 03:00:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Fri, 25 Nov 2022 03:00:26 GMT
etag: W/"5e5c32e11030f411462907ffac99a722"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yuuNeHnlhWAElJMzTxjs2-VsbpPczsYcCCRuDOC4UjLlTNA_1kbuDw==
age: 15183
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash bd6296ec9daaa3e6ab202fa297b046d2
e445c212d58f4b056fa94af4874536155df6d319
0736f933641c57d8b8bf830ebcc29e65dbea9b926c2865fd5fbd02ea24ab1fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4519
Cache-Control: max-age=104913
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Etag: "637f5047-13a"
Expires: Sat, 26 Nov 2022 12:22:06 GMT
Last-Modified: Thu, 24 Nov 2022 11:06:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash bd6296ec9daaa3e6ab202fa297b046d2
e445c212d58f4b056fa94af4874536155df6d319
0736f933641c57d8b8bf830ebcc29e65dbea9b926c2865fd5fbd02ea24ab1fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4491
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:33 GMT
Last-Modified: Fri, 25 Nov 2022 05:58:42 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash a38d65209916a7eb0c61430bd1b1b7d9
9d52e173fd7e8e61d56d31777845f16fab0e6b2d
33e5b67c1478dd9ca9610594bf50998e7aa1bb84618124d13d7099be0086ea88
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:13:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 06:23:10 GMT
ETag: "9d52e173fd7e8e61d56d31777845f16fab0e6b2d"
Last-Modified: Fri, 25 Nov 2022 06:23:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 413
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f8951a4a44b51d-OSL
match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 3f98f64ed68adcbf2ccef6960811e25b
9e7a43e33e56b77247c4841464246ff3c4ae6cbb
eec18a82c22587dcd9de353143cb65e4a746ebec8bf3fef1d80c6b22bcdf690d
GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sun, 25 Dec 2022 07:13:33 GMT
vary: Origin
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash b34281faa0bc7a56182a93ccfa0ecc83
9677f530a228ef42d252376785e0bdf6d7e579f8
7123d3f5992306fb32c0cf5134221ed732618c452e27a15d43d47c401fdec440
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4401
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Last-Modified: Fri, 25 Nov 2022 06:00:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
200 OK 80 B IP
Hash 9f3fd846c2710bae4e1e8e370728785a
e1d1293e5ab02840b8a5dd581039f7f25be84595
77881cc1d9d083762521558abde63e33fd54a7902b526c985e3807c63acef9d4
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=QFHVg180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkNmZGkwUlIlMkJGdmVZaUFmem8xRzRvQWlMeUltRGVLZiUyQmxWNzRNT3FtZzY; expires=Wed, 20 Dec 2023 07:13:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 229167
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP
Hash 2d3cd8b9fdba7c0360eb67a455822073
f6cf39ec62932bc934717d77b9b5d4638cddd32c
935f9d26587fe4f4840714e999d111071319d08abeeb7a0db8d19793c7348c76
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 3c2523cfbf08070355cb038bedfef4c0
7477773dcc5a72ce90250ad82cb68e389f944bfb
1593ef062a33a8f1411169fe7f2d86ea7a730e7eb1c4a85b90c19d76efe994b4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151967
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63800463-1d7"
Expires: Sun, 27 Nov 2022 01:26:21 GMT
Last-Modified: Thu, 24 Nov 2022 23:55:15 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qnIgXy-di1BcCiCHUcy-7-5vf3O4Op96UWh_q8vyIjhvREHYepL5bw==
Age: 5466
s2s.t13.io/openrtb2/auction
200 OK 168 B URL HTTP/2 s2s.t13.io/openrtb2/auction
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4ece5a14a86755a6f3789f0ec276fc38
82815b0c209be0ebf1a993d8537de520d3e9d30c
f80929abcd8d7bc930f5920e2b9472965c346b6dd90b204e07b7546d684bd0a9
POST /openrtb2/auction HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2428
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
x-prebid: pbs-java/1.94.0
content-type: application/json
content-encoding: gzip
content-length: 168
date: Fri, 25 Nov 2022 07:13:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP
Hash 2d3cd8b9fdba7c0360eb67a455822073
f6cf39ec62932bc934717d77b9b5d4638cddd32c
935f9d26587fe4f4840714e999d111071319d08abeeb7a0db8d19793c7348c76
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 2b8950887e4a6bc5532a786a2018e6ff
0e475765fff5cf24b0939887d29fa2f010098726
a23a642e1b716feec565dfa8cdb844530af49c0bb8f555b6bc47677ccacc11f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3072
Cache-Control: max-age=98051
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "637f3b21-1d7"
Expires: Sat, 26 Nov 2022 10:27:45 GMT
Last-Modified: Thu, 24 Nov 2022 09:36:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=21605980237&lsavail=0
200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=21605980237&lsavail=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=21605980237&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3928
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3922
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
date: Fri, 25 Nov 2022 07:13:32 GMT
X-Firefox-Spdy: h2
s2s.t13.io/cookie_sync
200 OK 656 B IP
File type JSON data\012- , ASCII text, with very long lines (2256), with no line terminators
Hash b583e208880d541c31e4aca09ca9a874
9ec3be57dd53dd869f03e00ae3f675a5d5425200
942f86577bf0a920310380f28e0db98a28ff31f8e3fe227e3f7559dce4de06bf
POST /cookie_sync HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 164
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-type: application/json
content-encoding: gzip
content-length: 656
date: Fri, 25 Nov 2022 07:13:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d451e227869c10fecdf35081940bf550
e1ac7b9aec55adc792987e67f4631f800c7a7c56
1471b6fa55f24be2015f7067e94c3a70d3b84ff2a48d7ceab9f634efc38b4e8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 07:13:34 GMT
Last-Modified: Fri, 25 Nov 2022 06:41:05 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AvKbcZAsCnc8RHZOMLP_Uyemi5qub02dekWwrSlUXyROFJQH31Cf8Q==
Age: 1949
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e65c67106ad1eaa211b41641e2a93896
3a32b5bddf4e3d674a5a24ef588555ecac10444f
6b9de9adb11b59122b8a162f95e0ab02f7565aa260397b80aff5d06bdcb1db0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166426
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63804bfc-1d7"
Expires: Sun, 27 Nov 2022 05:27:20 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:44 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Cfst1KoyjDxBQF-_WawvsA6qK8hMEfD36_JrnXNhFSK9cSe1y4Zl8g==
Age: 1596
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e65c67106ad1eaa211b41641e2a93896
3a32b5bddf4e3d674a5a24ef588555ecac10444f
6b9de9adb11b59122b8a162f95e0ab02f7565aa260397b80aff5d06bdcb1db0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165735
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63804bfc-1d7"
Expires: Sun, 27 Nov 2022 05:15:49 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:44 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WxZW2BaTzZop2FIQ2JFh_tJgNC3giG_83LAD3C7sHRKn6VO8u6E0Eg==
Age: 905
ib.adnxs.com/ut/v3/prebid
200 OK 11 kB URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20773), with no line terminators
Hash d8fd6b7f78117573e76d48bb9c9af07c
c01643bf1037d94eec91b51fbcf5c02fb9ecb0ac
f1f7674a4f95c8db65c2d9a57c01d5812e8fbeb100a319e6106d6fa0565c2ddc
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1274
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 25 Nov 2022 07:13:34 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
AN-X-Request-Uuid: 4262f92b-f173-4de4-889f-fc52cc9a86f5
Set-Cookie: icu=ChgIodc0EAoYASABKAEwntaBnAY4AUABSAEQntaBnAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 23-Feb-2023 07:13:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5591924874759624913; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 23-Feb-2023 07:13:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e65c67106ad1eaa211b41641e2a93896
3a32b5bddf4e3d674a5a24ef588555ecac10444f
6b9de9adb11b59122b8a162f95e0ab02f7565aa260397b80aff5d06bdcb1db0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165993
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63804bfc-1d7"
Expires: Sun, 27 Nov 2022 05:20:07 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:44 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WQAPmcAwTxeUfJSGT5IhMOBpvM0kJVglF-Us-pFLl62ZAw7lvZja_g==
Age: 1163
ocsp.digicert.com/
200 OK 471 B IP
Hash b72b4945b79257bd56b26b9ee27153d6
47c25a1393cee643d89b645e2cb8c073328fea5a
cb275292d0789cbe42170b263436a29a8f13a5158da00244572dc4061496de27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2790
Cache-Control: max-age=153597
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63801535-1d7"
Expires: Sun, 27 Nov 2022 01:53:31 GMT
Last-Modified: Fri, 25 Nov 2022 01:07:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/i2z-CsId4wM
IP
Hash 2d3cd8b9fdba7c0360eb67a455822073
f6cf39ec62932bc934717d77b9b5d4638cddd32c
935f9d26587fe4f4840714e999d111071319d08abeeb7a0db8d19793c7348c76
POST /s/gts1d4/i2z-CsId4wM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tmax=1200&us_privacy=1---
200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tmax=1200&us_privacy=1---
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tmax=1200&us_privacy=1--- HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1462
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e65c67106ad1eaa211b41641e2a93896
3a32b5bddf4e3d674a5a24ef588555ecac10444f
6b9de9adb11b59122b8a162f95e0ab02f7565aa260397b80aff5d06bdcb1db0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167532
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "63804bfc-1d7"
Expires: Sun, 27 Nov 2022 05:45:46 GMT
Last-Modified: Fri, 25 Nov 2022 05:00:44 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F81_1QNhdzHkQjt6ZX41UxMPGn0CmZlQF1GCQ6tfC6AsMBEmFGYB6g==
Age: 2702
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1210
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c145c20398911e1e7ad5437c05ebe7d6
d2a3e6a3b792c23d5e75d0bcca26001ed6f03b47
d4490ed6e71a7ce605c86832a0b7ba25bfb436619ddac8884bb5bc0f6b6fd239
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87759
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "637f0b5b-1d7"
Expires: Sat, 26 Nov 2022 07:36:13 GMT
Last-Modified: Thu, 24 Nov 2022 06:12:43 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZXMl4A7DansN53VixJz1TsWjBMfmeVFnuLWAKRUh6oH9whV1ot8JhA==
Age: 5010
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1210
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1230
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ads.yieldmo.com/exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22tinyurl_right-multisize-2.0%22%2C%22callback_id%22%3A%22311c4a25d8a531%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%22%2C%22tid%22%3A%225a6ac461-6b58-42cb-b022-fd40f9e48202%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%2C%7B%22placement_id%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22callback_id%22%3A%223292ceba3578c8a8%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%22%2C%22tid%22%3A%22e2d3bee3-64dd-4570-9bff-203bfaaced8e%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&bust=1669360413568&dnt=false&description=TinyURL%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&pr=&scrd=1&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1280&h=939&pubcid=3a445b25-7ecf-4833-b567-e556776252cc&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221214%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a445b25-7ecf-4833-b567-e556776252cc%22%2C%22atype%22%3A1%7D%5D%7D%5D
204 No Content 0 B URL HTTP/2 ads.yieldmo.com/exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22tinyurl_right-multisize-2.0%22%2C%22callback_id%22%3A%22311c4a25d8a531%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%22%2C%22tid%22%3A%225a6ac461-6b58-42cb-b022-fd40f9e48202%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%2C%7B%22placement_id%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22callback_id%22%3A%223292ceba3578c8a8%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%22%2C%22tid%22%3A%22e2d3bee3-64dd-4570-9bff-203bfaaced8e%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&bust=1669360413568&dnt=false&description=TinyURL%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&pr=&scrd=1&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1280&h=939&pubcid=3a445b25-7ecf-4833-b567-e556776252cc&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221214%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a445b25-7ecf-4833-b567-e556776252cc%22%2C%22atype%22%3A1%7D%5D%7D%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/prebid?pbav=7.19.0&p=%5B%7B%22placement_id%22%3A%22tinyurl_right-multisize-2.0%22%2C%22callback_id%22%3A%22311c4a25d8a531%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%22%2C%22tid%22%3A%225a6ac461-6b58-42cb-b022-fd40f9e48202%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%2C%7B%22placement_id%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22callback_id%22%3A%223292ceba3578c8a8%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0%22%2C%22tid%22%3A%22e2d3bee3-64dd-4570-9bff-203bfaaced8e%22%2C%22auctionId%22%3A%225449d809-9151-413c-a73a-b5ebf693bea8%22%7D%5D&page_url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&bust=1669360413568&dnt=false&description=TinyURL%20is%20the%20original%20URL%20shortener%20that%20shortens%20your%20unwieldly%20links%20into%20more%20manageable%20and%20useable%20URLs.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&pr=&scrd=1&title=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&w=1280&h=939&pubcid=3a445b25-7ecf-4833-b567-e556776252cc&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221214%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223a445b25-7ecf-4833-b567-e556776252cc%22%2C%22atype%22%3A1%7D%5D%7D%5D HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 2cd8e43893959092b7846a15e42725ca
8a7e5f08f7ea6c242d91f2f24c5e58d82ad8170c
9ecf703708b904d19eca025cf5523236d412978e319f869c3093481e49bbecd0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 25 Nov 2022 07:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 24 Nov 2022 19:46:52 GMT
Expires: Fri, 25 Nov 2022 19:46:52 GMT
ETag: "8a7e5f08f7ea6c242d91f2f24c5e58d82ad8170c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:56:48 GMT
Expires: Tue, 29 Nov 2022 13:56:47 GMT
Etag: "23054ddd051e653c90cc3232bbe1ecb88820b29a"
Cache-Control: max-age=369192,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f8951deb87b50b-OSL
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1211
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 07:13:34 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
colossusssp.com/?c=o&m=multi
200 OK 2 B URL HTTP/1.1 colossusssp.com/?c=o&m=multi
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /?c=o&m=multi HTTP/1.1
Host: colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2665
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 07:13:34 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tinyurl.com
Access-Control-Allow-Credentials: true
grid.bidswitch.net/hbjson
200 OK 50 B URL HTTP/2 grid.bidswitch.net/hbjson
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1e820534c05d549d02a2497cfca1e583
4b90f52f8f886fb34edf328db05373e65755acf0
fd6feaa72c8d0b4dfca8aed35d20b9b66dcb60ff0c22d872c3bbee4eb475681c
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3606
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json
content-length: 50
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a2d10df9576c631d6ae0a646998c7494
4194dac1a72b1c7d88f77864ae26ee09c64e80b3
109c6b4555d14db09e05f817143d122377d6930ce901e22198d8a7f0cc572164
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1915
Cache-Control: max-age=127512
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:34 GMT
Etag: "637fb2bb-1d7"
Expires: Sat, 26 Nov 2022 18:38:46 GMT
Last-Modified: Thu, 24 Nov 2022 18:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669360413212%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-94fupn401r6mwzjkstev%22%7D
200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669360413212%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-94fupn401r6mwzjkstev%22%7D
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669360413212%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-94fupn401r6mwzjkstev%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:35 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
c.pub.network/c
200 OK 36 B IP
File type ASCII text, with no line terminators
Hash 5f1d89006f44666dc57000793f111412
221877a5228e3721963d025d507c5dd204899364
8244a77982f75af2d5c6c12424d552a07821d28405d4ff2163639f30c5a060cc
POST /c HTTP/1.1
Host: c.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1976
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=d665edaf-a0b8-4954-b316-e71d69ab16a5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:35 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: text/plain;charset=utf-8
content-length: 36
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
200 OK 736 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
IP
File type JSON data\012- , ASCII text, with very long lines (736), with no line terminators
Hash 1911a93942ef8179ac2e940469a3a968
7e7d730d742c25d47f05260dff4af48ea5b19d82
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
GET /cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 736
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Fri, 25 Nov 2022 03:25:50 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGSzmfeM1_g60Mdf0Y4A_2F5UvoIAKIu9WyJlSgVqT-zQNNM6y6kkw==
age: 13665
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f699315975475145c6ccdfd14f02cbf0
fd0a041d26f72e8c6c4218ea5811e966a88cde8f
977a964ed84c0c8700239edf3c9dd7acb4b16d33fd8c53e128aa1c0e2b985177
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4181
Cache-Control: max-age=109991
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:35 GMT
Etag: "637f6572-116"
Expires: Sat, 26 Nov 2022 13:46:46 GMT
Last-Modified: Thu, 24 Nov 2022 12:37:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&pid=2p79eEgZ1VeQO&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&pid=2p79eEgZ1VeQO&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&pid=2p79eEgZ1VeQO&cb=0&ws=1280x939&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Fri, 25 Nov 2022 07:13:35 GMT
x-amz-rid: 6ZE5X16JYE8SM9T28TQ7
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 03oYpreufR8fFvWFDQZM9JHDvxPyCwkkLqJisba36oJLahksKV_A7w==
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
200 OK 2.5 kB URL HTTP/2 rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP
Hash cd5456334f9b01b12820bcd1dc72c0ca
87b1a626dfc03eb6b7d9629afda2f8a69deb3708
b1242bb9227cd1b47d07502f89af4d5719770c2da9d7d5b129d0ab28eca57af0
GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Fri, 25 Nov 2022 06:29:59 GMT
cache-control: max-age=3600
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HJCC-ud4P4_aGYTaKzzFAlN6JapwQHB_LvSv50V6pgQTOsN_r4WdWQ==
age: 2621
X-Firefox-Spdy: h2
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Fri, 25 Nov 2022 07:28:35 GMT
date: Fri, 25 Nov 2022 07:13:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E
302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Sat, 25 Nov 2023 07:13:35 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Fri, 25 Nov 2022 07:13:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 07:13:35 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 9f20542e07df0465c2f191eecaeef84f
72188c3e500f0475798650319cd734341765a569
7fc455be9809ff8e96ea666349b67c8ea62e13c3d1b6b86edc891a16af195e5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6278
Cache-Control: max-age=144865
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:35 GMT
Etag: "637fe57b-139"
Expires: Sat, 26 Nov 2022 23:28:00 GMT
Last-Modified: Thu, 24 Nov 2022 21:43:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Fri, 25 Nov 2022 07:13:34 GMT
content-length: 0
X-Firefox-Spdy: h2
x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
302 Found 0 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent= HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 25 Nov 2022 07:13:35 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=&f=i&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=f60c54e6-13fb-4c8e-af1b-9b9d85f8a40a; path=/; expires=Sat, 25-Nov-2023 07:13:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360415; path=/; expires=Sat, 25-Nov-2023 07:13:35 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669360415; path=/; expires=Sat, 25-Nov-2023 07:13:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360415; path=/; expires=Sat, 25-Nov-2023 07:13:35 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash bbbd132fbb4521efab3424dde506f3e8
e1e32d7a353e71a31574cb7844d110b07a292da7
5db894ce82e66b17efb50ddc1b8cea0e89b9dbae688eb50050a2c4b8f6137259
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 07:13:35 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sat, 26 Nov 2022 07:13:35 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
200 OK 45 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash a0570bd3ec30a06244b7118abc0f069c
0b836cfdf93d52582b21705b8a9df804a942636d
bddd82da49c300d703bdd87b07894512adce9cf0088771fd5bb5caef0bef6744
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Fri, 25 Nov 2022 03:00:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Fri, 25 Nov 2022 03:00:33 GMT
etag: W/"2dd01dbde56e1bed0bb9207725823abc"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lAxC-C8DavJ3w860th8aCNDcinVslvG_D4ioocJ4aSjQ9Xk9IGtaow==
age: 15169
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash d7845396670d1851b90002a729dfd858
34b5662c430900c476eb903a9f06b6203334d681
adfd73129620754fc7d1ccdfc3b88db51186146858d7d88dcac537eef821d021
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 25 Nov 2022 07:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 06:33:39 GMT
Expires: Sat, 26 Nov 2022 06:33:39 GMT
ETag: "34b5662c430900c476eb903a9f06b6203334d681"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
200 OK 471 B IP
Hash e9e2b3102f4a8b07611ae813f27118f0
f0fe7ec3d81f5bbbf3581d266bb43a90c0892678
36e3f5a86b7c1eed61b9d917aca0901a3c1614f4213b7d87bb1e1c2b554bed07
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:57:50 GMT
Expires: Wed, 30 Nov 2022 01:57:49 GMT
Etag: "f0fe7ec3d81f5bbbf3581d266bb43a90c0892678"
Cache-Control: max-age=412452,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f895274efeb50b-OSL
ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
204 No Content 98 B URL HTTP/2 ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X
IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 35dd0d6e0e0bdfefa1788b7d780a861b
12d298bfac14961e2f158f34078dcb472befa48e
05d0c996bffcb553aeb307ab6065accca0f85c710b749c5865c7d012e7f50043
GET /ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP011
date: Fri, 25 Nov 2022 07:13:35 GMT
X-Firefox-Spdy: h2
eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
302 Found 0 B URL HTTP/2 eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 25 Nov 2022 07:13:36 GMT
content-length: 0
set-cookie: tluid=1141836854194532822036; Max-Age=7776000; Expires=Thu, 23 Feb 2023 07:13:36 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
location: /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
X-Firefox-Spdy: h2
eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
200 OK 0 B URL HTTP/2 eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:36 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash dfdb6781ec9a9aeb1b52f24b7a0c899e
a5f3e1cc61fdc391e7bf40aaf6c596e101a37fb8
cb4ce831cd77759f231fc0f8b94b79c8ff4c97ca4a881fa7170809e7304f987f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:36 GMT
Etag: "637f93cb-139"
Last-Modified: Fri, 25 Nov 2022 07:02:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
302 Found 0 B URL HTTP/2 ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
IP
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP/1.1
Host: ssbsync-global.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
date: Fri, 25 Nov 2022 07:13:36 GMT
location: https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=43085566115746135
set-cookie: pid=43085566115746135; expires=Tue, 26 Dec 2023 07:12:36 GMT; domain=smartadserver.com; path=/; secure; samesite=none
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash e0f86189be5b68a128b3e9ed0c895a4c
840290b326c575c771e540fbdf1683c18da6bdcb
8b11ccd1d5545cfbacc7ca7b7cc144a49cd80c69e62db2b232eeb31e326f5ea3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2310
Cache-Control: max-age=116383
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:37 GMT
Etag: "637f85ba-1d7"
Expires: Sat, 26 Nov 2022 15:33:20 GMT
Last-Modified: Thu, 24 Nov 2022 14:54:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
200 OK 118 B URL HTTP/2 u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 018b5fd58d526d4c45ea84437d90518c
a50be955f68df0ee14049e35a9e0e5bfd025ae4d
a44c77720091bdc8126650b6a9691de8175e7e5f360e35b5ccf061a9c1b25082
GET /w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=3a445b25-7ecf-4833-b567-e556776252cc%5E1&ppuid=d665edaf-a0b8-4954-b316-e71d69ab16a5&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5a6ac461-6b58-42cb-b022-fd40f9e48202%3Be2d3bee3-64dd-4570-9bff-203bfaaced8e&l_pb_bid_id=64e2d82ac8bbf17%3B6580743c735f5098&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.9733955120695947
200 OK 1.1 kB URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=3a445b25-7ecf-4833-b567-e556776252cc%5E1&ppuid=d665edaf-a0b8-4954-b316-e71d69ab16a5&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5a6ac461-6b58-42cb-b022-fd40f9e48202%3Be2d3bee3-64dd-4570-9bff-203bfaaced8e&l_pb_bid_id=64e2d82ac8bbf17%3B6580743c735f5098&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.9733955120695947
IP
Hash a32397558c8ec795f58635c567e19d43
7d49c5e3f39631abed0bee1740107865868e2b31
047467fa6f69d9ef629666fdc2463bfe8e91a39e387d040a1f2c12aae6fe0fa6
GET /a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=3a445b25-7ecf-4833-b567-e556776252cc%5E1&ppuid=d665edaf-a0b8-4954-b316-e71d69ab16a5&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5a6ac461-6b58-42cb-b022-fd40f9e48202%3Be2d3bee3-64dd-4570-9bff-203bfaaced8e&l_pb_bid_id=64e2d82ac8bbf17%3B6580743c735f5098&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.9733955120695947 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LAW637HL-M-KG4F; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 07:13:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr13kfptNtpSu9DtVM30fCgE1oKbX1bV6tnvRFK2/DWYsoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 07:13:34 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LAW637HL-M-KG4F; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 07:13:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr13kfptNtpSu9DtVM30fCgE1oKbX1bV6tnvRFK2/DWYsoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 07:13:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
200 OK 106 B IP
Hash 3baccabc07bd0b0cfa1730b5de694a85
15fd1a3690e25685fdfbb73fed7bab9ed3399443
48589bca35122dec0f38bc5627da6d958ae9cef7151585c6b83c56a5cdcd87c8
OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=117872
expires: Sat, 26 Nov 2022 15:58:09 GMT
date: Fri, 25 Nov 2022 07:13:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 25 Nov 2022 07:13:37 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=917170fa-c901-476c-a865-15314026ddba; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?us_privacy=1---
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?us_privacy=1---
IP
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?us_privacy=1--- HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 25 Nov 2022 07:13:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 26 Nov 2022 07:13:39 GMT
Date: Fri, 25 Nov 2022 07:13:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
200 OK 3.3 kB URL HTTP/2 id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
IP
Hash 51d3b591ce90787b8350ff55c0a71600
ed91d8ec02669d652f6c987aaba85e653ee5a251
b662396e4f966f8507eff4652e19fe957619b498ab98a01547ce1fcf8d268839
GET /api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: text/javascript; charset=UTF-8
server: nginx/1.20.0
origin-trial:
content-encoding: gzip
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18728)
Hash cc52a626f840b6576c1ea9f344b57571
258d9f7a516b715aef1a95cbc6811f72991fad95
fc89f708dd749af4e3d0d6c3b3afff2d9ab276173f476de31e36960e065f4496
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 24 Nov 2022 13:40:49 GMT
Content-Encoding: gzip
Content-Length: 10066
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=23232
Expires: Fri, 25 Nov 2022 13:40:49 GMT
Date: Fri, 25 Nov 2022 07:13:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
x.bidswitch.net/sync?ssp=yieldmo
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=yieldmo
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 25 Nov 2022 07:13:37 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=5f36d0f8-4d46-42f7-a28e-8af00f619ef2; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669360417; path=/; expires=Sat, 25-Nov-2023 07:13:37 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
302 Found 154 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Fri, 25 Nov 2022 07:13:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 07:13:37 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 38a4c60ccd492f07d07cdec1b3989143
f765e9a4bd2865776288d911bf2cd262cad38c8b
846c6a519d5effaf3940585d597d52d51294bb46f003591b4eab95fe35e65b36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1917
Cache-Control: max-age=133615
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:13:37 GMT
Etag: "637fca93-1d7"
Expires: Sat, 26 Nov 2022 20:20:32 GMT
Last-Modified: Thu, 24 Nov 2022 19:48:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
c1.adform.net/serving/cookie/match?party=1283
302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1283
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1283 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 07:13:37 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1283
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sun, 25 Dec 2022 07:13:37 GMT; domain=adform.net; path=/
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=yieldmo
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=yieldmo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
File type ASCII text, with no line terminators
Hash abdafc38b9bd42109dbb0d1663383852
df63ac86cf79e3c67e3fad90b8aaa7e076cac739
37c52c04f3a2545cc658c73cc1615b6945825a72256e15cb02a19aef7995e775
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Wed, 22 Feb 2023 22:26:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 25 Nov 2022 07:13:36 GMT
content-length: 60
X-Firefox-Spdy: h2
ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
200 OK 43 B URL HTTP/2 ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /v000/sync?pn_id=mnt&userid=0000EEA HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g1a02e9ca61065aae416%7C1669360417977%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 25-Nov-2023 07:13:37 GMT; Path=/; Secure; SameSite=None; Secure
ptrmnt=0000EEA; Domain=ads.yieldmo.com; Expires=Sat, 25-Nov-2023 07:13:37 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
302 Found 327 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
IP
File type HTML document, ASCII text, with very long lines (325)
Hash bae2da9862e215880f8d59faf28b2b06
029fe2c23b7d368af9adb8f71950c779a08d160f
a61bf30b2c69f4c3cda8bfe7dfc157949d96bd843712f9b01756a373eb3b162f
GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Fri, 25 Nov 2022 07:13:37 GMT
content-length: 327
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:36 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6174ee588911dc7f24915410ea864ae5
81cfcfb4784bfe352ce07ef3302db970bac14ada
106d894d8fd55d85f260e228834835be7a432d9b57ea9342c1ce856d2db0f716
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 07:13:38 GMT
Last-Modified: Fri, 25 Nov 2022 05:46:40 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rAi8oZkGn-0AsOvHtBMWeV6iT22QEfkaECYgtjl9Hnj61o2GVSgM7A==
Age: 5219
simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=46C1AA0B-8BAA-434F-BF90-8C273390476B&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=46C1AA0B-8BAA-434F-BF90-8C273390476B&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash 6c38d49b06e24ce3a752699967feffd0
d53ad478a48315f0507cbf879d5530f3275f192f
04a440fd376a0cccd29926d17452d7f24468bb63898aaa18b45cbad37c3dbbea
GET /AdServer/SPug?o=1&p=156696&sc=1&u=46C1AA0B-8BAA-434F-BF90-8C273390476B&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=21
302 Found 128 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=21
IP
File type HTML document, ASCII text
Hash 3236685f17e6f55ab57fcb5d5f9e6305
0e45c3206faa81ead6a2624042cdaf0510c50687
c4a21fe7e1e39d68c74da11c37376cc550dd978fc0818608eaf945de288a94d9
GET /sync?nid=21 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Nov 2022 07:13:38 GMT
Location: https://ads.yieldmo.com/sync?pn_id=stk&userid=_S2xwDVuSzxE-ptGoW8rmVtaKpo&gdpr=&gdpr_consent=
Set-Cookie: sa-user-id=s%3A0-fd2db1c0-356e-4b3c-44fa-9b46a16f2b99.iyFlqCpj2Uusz%2FSMxbaTTtI6uegaTIA4krVJbLCDfLQ; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3A_S2xwDVuSzxE-ptGoW8rmVtaKpo.b0Yxy91owkxokjPE4nVAinS%2BLRUTDhQlW6QhVZecMk8; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 128
Connection: keep-alive
ads.yieldmo.com/sync?pn_id=stk&userid=_S2xwDVuSzxE-ptGoW8rmVtaKpo&gdpr=&gdpr_consent=
200 OK 43 B URL HTTP/2 ads.yieldmo.com/sync?pn_id=stk&userid=_S2xwDVuSzxE-ptGoW8rmVtaKpo&gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?pn_id=stk&userid=_S2xwDVuSzxE-ptGoW8rmVtaKpo&gdpr=&gdpr_consent= HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:38 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gbdff7aa72f1f9b65d61%7C1669360418296%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 25-Nov-2023 07:13:38 GMT; Path=/; Secure; SameSite=None; Secure
ptrstk=_S2xwDVuSzxE-ptGoW8rmVtaKpo; Domain=ads.yieldmo.com; Expires=Sat, 25-Nov-2023 07:13:38 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
biddr.brealtime.com/check.html
200 OK 536 B URL HTTP/1.1 biddr.brealtime.com/check.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (926), with no line terminators
Hash 0033ea2ac7bf71369f3ca914869bd7f4
02cb500ceeafb2659c849f0233a01b1ad54849dc
e15c3b7839bfc0e44b766cc6e09520867e821936580e3cab19c0046a9815ac0e
GET /check.html HTTP/1.1
Host: biddr.brealtime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:13:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: WeqF89pYIGWpFNs426rAd5J4pPA0pX7StLc3dP4FJwbYenlb1hONdEOob5jWo4xU9l+FdgGxHIU=
x-amz-request-id: H6ZYF8B5P5AMX1X7
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4689
Expires: Fri, 25 Nov 2022 08:13:38 GMT
Cache-Control: public, max-age=3600
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f895399bd0b51d-OSL
Content-Encoding: gzip
e1.emxdgt.com/hb_sync/
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hb_sync/ HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biddr.brealtime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html
date: Fri, 25 Nov 2022 07:13:37 GMT
content-length: 0
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
200 OK 0 B IP
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:35 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 65
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f89522ffa30b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tinyurl.com/2eqd4ztu
301 Moved Permanently 0 B IP
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /2eqd4ztu HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 07:13:31 GMT
content-type: text/html; charset=UTF-8
location: https://tinyurl.com/app/nospam/tinyurl.com/2eqd4ztu/terminated
x-powered-by: PHP/8.1.8
0: X-LIGHTTPD-LONGURL
1: http://event-login.net/FEP/MDB?id=1569337591
2: Cache-Control
3: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f895069982b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.floors.dev/sgw/v1/floors
200 OK 0 B URL HTTP/2 api.floors.dev/sgw/v1/floors
IP
POST /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Content-Type: application/json
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Origin: https://tinyurl.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 540200
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
IP
GET /core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=d665edaf-a0b8-4954-b316-e71d69ab16a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsKaq5j1uC6qZYTXO7Jgwrn8pTY0WO1eWq8sGMdiatrhLllDUEufsUzqN97IMDyex1wrVbkHSx8ELuOkWZSl3IY-A
x-goog-generation: 1668791818927146
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 235209
content-language: en
x-goog-hash: crc32c=HN+LuQ==, md5=fmyjFSvl6JqGBChHrVa2ww==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Fri, 25 Nov 2022 08:13:33 GMT
cache-control: public, max-age=3600
last-modified: Fri, 18 Nov 2022 17:16:58 GMT
etag: W/"7e6ca3152be5e89a86042847ad56b6c3"
cf-cache-status: HIT
age: 126857
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8951a8f54b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 863308
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1283
200 OK 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1283
IP
GET /serving/cookie/match?CC=1&party=1283 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 07:13:37 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP
OPTIONS /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json
server: nginx/1.20.0
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP
GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 25 Nov 2022 07:04:34 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qj3XTJgNjH1zNdWWt83_mURNXyF77_Jhq1OPonye3jDCQiQ6GFFMJw==
age: 538
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 25 Nov 2022 07:03:55 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FtVSAILSt54cHf82ZJcYPYkziCRILU5C4ctdi3gGh_DEV6KRA7YlRg==
age: 578
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP
GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Fri, 25 Nov 2022 07:13:32 GMT
cache-control: max-age=3600
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 04tdl7lQTPeC4HC-CmfSObjDtxYqaPxZ2ynR5AIukP5K3q9lUGJgZg==
age: 50
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&ref=&_it=freestar&partner_id=474
200 OK 0 B URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&ref=&_it=freestar&partner_id=474
IP
GET /hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F2eqd4ztu%2Fterminated&ref=&_it=freestar&partner_id=474 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 857
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1kHLHlEB5K5VmPe6eoCC5JseVQSBfF3zUumvj1tHO9hXQbAPS%2BX7EiI6j2rQGi5AJO%2Bzdn%2Bt%2BQc2Q9sxDM1oH%2FCl4XOOhhCLCFUJ4ZFNT%2Ft8WgCoLWACCfyIDG4a3F3Xxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f895143e371c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/hub
200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Fri, 25 Nov 2022 06:29:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QR0il4bSdzeIA_qw-xLbdgthmmKSxeuo69TVBj0j9LshWCv1WbSEvg==
age: 2649
X-Firefox-Spdy: h2
tinyurl.com/app/nospam/tinyurl.com/2eqd4ztu/terminated
200 OK 0 B URL HTTP/2 tinyurl.com/app/nospam/tinyurl.com/2eqd4ztu/terminated
IP
GET /app/nospam/tinyurl.com/2eqd4ztu/terminated HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.8
cache-control: public, max-age=14400
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 25 Nov 2022 07:13:31 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IitDUzQyRnZtNkZIV3R1SmFpQVNDc2c9PSIsInZhbHVlIjoic2oyajN3RUN5bENzdmR0aktpVk9xeDFjdk9JcXVaVjdvUTgvcVRzNUNkbHFxVHo1WEUyeVlPZ3NwS29nM3FRNUdyRnNqV0dRd2ZjbmJCMW1hOUs3YVRsc29VL0ZjaU9VWThCR0dLcHJ3TFFQZFpZSk81OWh4KzJtY1RKRWtkbHMiLCJtYWMiOiIwNjgyYzY2MWNiOGRiMjcxMjg3MGYyOTk3N2ZhNzIyOWJhYzFkZDk4Y2FhZDlmYzU5OTI3MWJkMTdkY2FiZTlhIiwidGFnIjoiIn0%3D; expires=Fri, 25 Nov 2022 09:13:31 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax
tinyurl_session=eyJpdiI6IldLdnNLV0Y5eWdsWjVtb09JeW42WGc9PSIsInZhbHVlIjoicGFya2YrclBtVTl1NGFVZWJ1alJHQTY1MFB1aVQ0NzZFT0J0RGxWRkx6TnlGbVhUcCtoYUtZYUdHTTY5QkNyN3JHR0dGTHJvV255UDRxTTBZYm1lczFaelUwcnBraTNTeWJKYUtpdUhPVzV4eFV4QkdQbWtTYnBjaXpoUFdDK1giLCJtYWMiOiJlZTQyZmQwODMzY2Y4NWU0OTI1NWU4MWY4NWJjZTc0ODg5OGExMTk4ZWE3MzJlY2NmNGJiZWE3ZTQ1ODQ5MTM1IiwidGFnIjoiIn0%3D; expires=Fri, 25 Nov 2022 09:13:31 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax
tinyUUID=eyJpdiI6IlBDL3QrVDV1K25xYVRhWU90eTVuWmc9PSIsInZhbHVlIjoiWTRrZTU5cXU4TzRoSDM4QWdxYXVRZHVadU9VTkxvS0swc3F2ZlFmNFpLS0ZqUGJ3M0d1WlNuRXl6YjMzL1ZQQ3lSQzFJZjMvN2tzTjFUWmwzQVpPanQ5b2NEVjV6bjdDY2w1cVZJQWxWdFE9IiwibWFjIjoiMmJkNTVhZGFkNDFjNDczODY3ZGQwNDQ1OGY3YjE2ZGFkNzJiNDc5Y2Y4NDhlYTk3NTljM2ExOWYxNWIxNTMyNCIsInRhZyI6IiJ9; expires=Wed, 24 Nov 2027 07:13:31 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; httponly; samesite=lax
cf-cache-status: MISS
expires: Fri, 25 Nov 2022 11:13:31 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8950a0e06b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d.pub.network/v2/init?siteId=3163&env=PROD
200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP
GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IitDUzQyRnZtNkZIV3R1SmFpQVNDc2c9PSIsInZhbHVlIjoic2oyajN3RUN5bENzdmR0aktpVk9xeDFjdk9JcXVaVjdvUTgvcVRzNUNkbHFxVHo1WEUyeVlPZ3NwS29nM3FRNUdyRnNqV0dRd2ZjbmJCMW1hOUs3YVRsc29VL0ZjaU9VWThCR0dLcHJ3TFFQZFpZSk81OWh4KzJtY1RKRWtkbHMiLCJtYWMiOiIwNjgyYzY2MWNiOGRiMjcxMjg3MGYyOTk3N2ZhNzIyOWJhYzFkZDk4Y2FhZDlmYzU5OTI3MWJkMTdkY2FiZTlhIiwidGFnIjoiIn0=
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: application/json
set-cookie: _fsuid=d665edaf-a0b8-4954-b316-e71d69ab16a5; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f89511dcbab51e-OSL
X-Firefox-Spdy: h2
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
200 OK 0 B URL HTTP/2 cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
IP
GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:32 GMT
content-type: text/javascript
x-amz-id-2: Z5Vho5abtuFqq4RL6WYbC0U3jst8BfrbffVyR/YtNH4j8n25mqstvNw3s6JBTCsvgAxwAEkIRsI=
x-amz-request-id: 9HYX7CH7WYG9SYQB
last-modified: Fri, 25 Nov 2022 06:33:27 GMT
etag: W/"0fe8632d9c2013aa032e13d6aa6f7f4e"
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-cache-status: HIT
age: 184
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f895146af1b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
200 OK 0 B URL HTTP/2 id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
IP
GET /api/v1/pbhid?partner_id=474&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json
server: nginx/1.20.0
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
d3div1mtym39ic.cloudfront.net/aax2/apstag.js
200 OK 0 B URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js
IP
GET /aax2/apstag.js HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 25 Nov 2022 07:00:07 GMT
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: br
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nbVNZe7UUave8jr8HRpqGZEDTuxBxT-sLQKHu4KlSHpGTGJ-wHKsZQ==
age: 808
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP
GET /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:13:34 GMT
content-type: application/json
server: nginx/1.20.0
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
server: AmazonS3
content-encoding: gzip
date: Fri, 25 Nov 2022 03:25:50 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HRtHb_sSW7t4t9BuDq0nqksVhGRWJ047iJJ3zVyN5uxHVWqX81kW3A==
age: 14617
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 25 Nov 2022 01:57:21 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ows5T4LfQLMwPP8G-2y-wwKZ6g-7URRBoPOcn7ZMqM-gxndJMXW3FQ==
age: 18972
X-Firefox-Spdy: h2
172.67.1.225
213.19.162.31
23.38.200.189
18.158.77.24
104.18.32.68
178.250.2.130
157.240.200.35
54.247.70.95
2.23.134.137