tiny.one/ING6588
104.19.138.56301 Moved Permanently 0 B IP 104.19.138.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ING6588 HTTP/1.1
Host: tiny.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 11:12:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 12:12:28 GMT
Location: https://tiny.one/ING6588
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754d7b8f69afb4e8-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2894
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 11:12:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 10:38:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cF4OGMs2ctnbGtXZleOYSV_y3EssxuTDJk3PxoTwFdypSEc_CW2Yaw==
Age: 2051
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nYz0DLiiExVgSKmC9moVAwaQX6uUGzWvRCE1_L30GQBndk5qb8SV3Q==
age: 20641
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b231e716a29cd2d0403d3303218ff457
aee7d0c6f3652bf0003b72f68802e11756c84f14
41029f913b7569d9efa36d713fdf9315672b2b57a276213c7fc66827e2a7f4c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "41029F913B7569D9EFA36D713FDF9315672B2B57A276213C7FC66827E2A7F4C0"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8953
Expires: Tue, 04 Oct 2022 13:41:41 GMT
Date: Tue, 04 Oct 2022 11:12:28 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:12:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 10:29:33 GMT
Expires: Tue, 04 Oct 2022 11:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oMdhY6oTVPjZijsrT4Y7egGomCS9y7eSkQP2qy25JpWEO06-Wl6Gmw==
Age: 2575
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4719
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:29 GMT
Last-Modified: Tue, 04 Oct 2022 09:53:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RMAtYRe97ORHckJ0XMX/aQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xhUCPzFT4nSEtBBogtyoXqyV7OI=
trc.pushnami.com/api/push/track
50.19.102.53204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 50.19.102.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:30 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
50.19.102.53200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 50.19.102.53:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.53200 OK 14 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.53:0
Hash 4182c53688c08a60d936ee7080d49891
7dfb1f8aa3a9c8daabe157225195cf06ebd52d1b
f7e7426a6b6bbadc895295d573043505755c9d7199dcbd0e3e534477427837b8
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 11:10:34 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k9Y5MMGfH7gm17bceCDTh2Go-nkqJgy7D7KuQKZg1Z88IJ-75SLX-w==
age: 115
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3929
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Last-Modified: Tue, 04 Oct 2022 10:07:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hqnx5yLzT67TdVAmPQ94yMgC5nfhR3Gx3b9mRwD6GZASMPebQvEem4a35ybZJZJH7+0kGQqn46NEqrMST+vKog==
content-length: 26840
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 11:12:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
54.230.111.53200 OK 64 kB URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP 54.230.111.53:0
Hash bdadf1f963989e6efdba9076f79a886e
2152cfae9283db0dd56bcedc8d21cd5b722b8593
2278af17514123f49bd293fd4446064525785adebf182c5c63119108f3dbe75a
GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 11:05:45 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ofU-AY1-FRzm2jd8Ng2DocEIA9VGSOsPZ20B9p5fHymL1-8LST7pbQ==
age: 404
X-Firefox-Spdy: h2
stats.g.doubleclick.net/dc.js
74.125.131.157200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 74.125.131.157:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Tue, 04 Oct 2022 10:22:11 GMT
expires: Tue, 04 Oct 2022 12:22:11 GMT
cache-control: public, max-age=7200
age: 3019
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:12:30 GMT
Connection: keep-alive
d.pub.network/v2/init?siteId=3163&env=PROD
35.201.71.192200 OK 5.7 kB URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 35.201.71.192:0
Hash f3b2a79b0c5df3b6e85c4e9c1b8b4fc4
c9c0fbc0805583662844633e5cd8c9e32a1c3e39
7e8c9ea3a7b786c9efd20fa744e608ce1a8d2da41da661107f07bc696e9097d6
GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
set-cookie: _fsuid=63af29e3-cca2-40b5-bf87-b06cfac3bdd3; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: application/json
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 48477
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48490
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czAJIO54qhc57-FC2v3o_6iUysen6MFHxo4KWJL7Uhs3ZBmRalqgMw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 09:44:26 GMT
age: 5284
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48490
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48490
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae824db4a95391149198a4b6b8556c70
db07d58d8feff4ea01866d095e5264ee5c8e1ca3
19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 44993
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash da163f1fbcf6acbff5e54c190a7026fa
68c3fef4518c1e7085a2924977b78488655ceac8
a69e8ba108b7425c0315496850fd906c829258d5ed945d67314c7125800fd844
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 11:12:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:04:08 GMT
Expires: Tue, 04 Oct 2022 21:04:08 GMT
ETag: "68c3fef4518c1e7085a2924977b78488655ceac8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.14200 OK 30 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.14:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash ff108c5a4f5bba70e702476daaae2309
e169f12a6737a12e42fbcebc87268e763d9e1277
d1f006f168ae7dcb4ca22ca63032698979107400924cdd861d5cd2b425d3a5b0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Tue, 04 Oct 2022 03:00:38 GMT
last-modified: Sat, 01 Oct 2022 19:52:29 GMT
etag: W/"0f68ab46c6b39b51f198c61b68273ad3"
x-amz-server-side-encryption: AES256
x-amz-version-id: 0num3lmuQDBnlCI8qTm_5NozfgHVSa_q
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4fnrBx7t0G9W-Zm6jj8s4CIm9dDsFQCH5YwfCx8NBc8wH7ZUHrBV_Q==
age: 29513
X-Firefox-Spdy: h2
freestar-io.videoplayerhub.com/gallery.js
104.26.9.50301 Moved Permanently 105 kB URL HTTP/2 freestar-io.videoplayerhub.com/gallery.js
IP 104.26.9.50:0
Size 105 kB (104962 bytes)
Hash 5c1d5339880099aa8feb78cf14da18bb
1286b8ecb3f7044eb02e326d5bf626e1423670dd
91787f25d984023dbba5543c66e2890e2fdb86172dc27035fa28ee019b752ab1
GET /gallery.js HTTP/1.1
Host: freestar-io.videoplayerhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 04 Oct 2022 11:12:30 GMT
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
expires: Tue, 04 Oct 2022 12:12:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdPfEEd9HZEUBCYMvPOmG2EQczoMhxjIzPOXKmwAPKyZOIyHUrqbGGkLxdSEErfCScdASEjyvwHuB9MTebLA8ZVU14Sw9%2BFCc59XrynS1S31HJNKkcBjn3B5AY5j4NAo3droxSvkeZt0eurOnyxPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b9f3c2c1c0a-OSL
X-Firefox-Spdy: h2
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202210031351/wrap.js
151.101.85.194200 OK 68 kB URL HTTP/1.1 confiant-integrations.global.ssl.fastly.net/gptprebidnative/202210031351/wrap.js
IP 151.101.85.194:0
File type Unicode text, UTF-8 text, with very long lines (21704)
Hash bfa2cb2fcba193a15075ce5a72776e05
6371fe8061e615413c2cc5a34f2340658d0ad01e
dc4a7bcee066f96cc5666f08f67e8023acb340f66a780fc7d762006be4c9b6f1
GET /gptprebidnative/202210031351/wrap.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 68048
x-amz-id-2: rksvOfd6xadJRKTCdtzdG9rys4rFoAjA+JTfveDSa+te4Birw4UDNtqQyru9Bod84ov9ecXbux4=
x-amz-request-id: 9ZSP8JVSK2DD7283
Last-Modified: Mon, 03 Oct 2022 18:35:15 GMT
ETag: "bfa2cb2fcba193a15075ce5a72776e05"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 11:12:30 GMT
Via: 1.1 varnish
Age: 57048
X-Served-By: cache-bma1627-BMA
X-Cache: HIT
X-Cache-Hits: 9779
X-Timer: S1664881951.683288,VS0,VE0
cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
143.204.55.76200 OK 254 kB URL HTTP/2 cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
IP 143.204.55.76:0
File type ASCII text, with very long lines (65469)
Size 254 kB (253693 bytes)
Hash c26dab36f353a381230d68d0a5c0fa59
134d563057794578e237628dbfe442cd02ead8ce
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
GET /tcfv2/44/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 253693
access-control-max-age: 86400
last-modified: Wed, 14 Sep 2022 18:13:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=172800
date: Mon, 03 Oct 2022 07:48:12 GMT
etag: W/"c26dab36f353a381230d68d0a5c0fa59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oQVk6FKSyhBx6XWEQQpoipoRcBlgti7WehVYAlNa8BgaGlBSe4ptZQ==
age: 98659
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
216.58.207.226200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (45162)
Hash 0cbfbbc6234e034e2314ed147da2adf5
f90387a4d7e86451fbb8cb5c952028fe0d11041e
1c1b39cf0664f760adf0eb93ca742a81458c9c4f1db897b0e0117cca48c3ea72
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27730
date: Tue, 04 Oct 2022 11:12:30 GMT
expires: Tue, 04 Oct 2022 11:12:30 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1353 / 462 of 1000 / last-modified: 1664879912"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664881950028&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=186&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
143.204.55.94204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664881950028&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=186&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
IP 143.204.55.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664881950028&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=186&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:30 GMT
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zNfw3ec2RiUVGG7hmngzz5KQE3T2gUOBYLXNBO2heTwfoNqp28crtQ==
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdt6VCtqtIBnBTdsF1vvDPQfLazGd9ibEd203R5L043lLiuyTx5erfdDBO4fPOmvTjQfhaq1ovVTvyGIn5JVehsmeQ
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sun, 04 Sep 2022 17:35:10 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2569274
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JWScK6O87tnf9Tl2hW5UORzNNIs%2F%2FpGsUmuyPY6nngL00Fh48xzOWnqRy9NsnkEfVZ%2FjsK63HLs4QaarNdXbtOWyiF24hkA5i2nCtWrct%2BL%2F4%2FPJPkxS6arQod%2BHD0%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7ba07b1cb512-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.7448961663670531
104.26.2.70200 OK 130 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.7448961663670531
IP 104.26.2.70:0
Hash 4c96b9b9f1c51630612b36fb61d84fd7
9a246cd1c4ff706b6fea43aa3ab6957bba8515b9
fe49693c26261a730e1e8631a52a15d4ee091c0a808e2cc68ad156850eaa9938
GET /px.gif?ch=1&e=0.7448961663670531 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdt6VCtqtIBnBTdsF1vvDPQfLazGd9ibEd203R5L043lLiuyTx5erfdDBO4fPOmvTjQfhaq1ovVTvyGIn5JVehsmeQ
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sun, 04 Sep 2022 17:35:10 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2569274
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYCMSN2lipSQCalGuWlLWXySZsUOfzNut0R%2FF4Nb3w8%2Bfc65bhdgB%2FklRHaYr9yYEL2emHxR%2FaZyHnqxq9f8u%2FCJhIA2VnFYPMmHPcLHXnb3RXbTtsQE%2Bq1RJe4L82qFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7ba08b22b512-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.198200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.198:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 11:25:17 GMT
expires: Tue, 04 Oct 2022 11:25:17 GMT
cache-control: public, max-age=86400
age: 85633
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/vfctweU0iRw
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vfctweU0iRw
IP 142.250.74.3:0
Hash 95daffe923384157bfdb959df668a96c
e385ebeccb8abbbaf8e814b7b6deec8deb8c44ff
1be85cd1d12636f0c6bfc2b9f64be416f50af265a23cf7066311891c9b84734b
POST /s/gts1d4/vfctweU0iRw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.76200 OK 43 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.76:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash ead769f1a2e327159ac02539ae2d3d62
4670abb9696fa114bb73962023f63bba6208e068
31845c9da4b8cd38fba0c44b45c7cb2be51d2029f86b6b5e0bd15cd986ea74c1
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Tue, 04 Oct 2022 03:00:43 GMT
last-modified: Tue, 04 Oct 2022 03:00:32 GMT
etag: W/"713348369662589da640d1e1195993b4"
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ey719RNd8q-xGojH3gZsCHVqC7cajUB7Gf0b8GJPsCS1_fQ4H0G0CQ==
age: 29508
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.76200 OK 36 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.76:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash b961b08bc486e213743eaa81dcb635a3
bb64aa8599e60dc2c5b19d8b2ecd5814e94b4787
6a5fa3b0fd16913d6507bc434d0f823aa618d84f512f63bc76b56d527879b3a5
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Tue, 04 Oct 2022 03:01:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Tue, 04 Oct 2022 03:01:30 GMT
etag: W/"62506e65c6a8201a32eb8553540dd4f4"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cnACxqKZCe1CINGK_D8_KqAz8FA3udc7_MCg4srbs1wYfChebzRtJw==
age: 29458
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070107
216.58.207.194200 OK 130 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070107
IP 216.58.207.194:0
File type ASCII text, with very long lines (65439)
Size 130 kB (130415 bytes)
Hash fee6ca1bc4bd6903dcaf6974f3f04933
8295469b9d2d1d5f5955132336257e4e0be51c18
fcbf35bf9fa6c6237472612f8fdc1cfd8a843ebcea6175b319d299dd5f80dbdf
GET /gpt/pubads_impl_2022092901.js?cb=31070107 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 130415
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 10:52:39 GMT
expires: Tue, 03 Oct 2023 10:52:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 29 Sep 2022 08:35:48 GMT
content-type: text/javascript
age: 87591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=P70wASyn&w=6316674530148352&o=5714937848528896&cv=2.0.10-11-g48983ca&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=P70wASyn&w=6316674530148352&o=5714937848528896&cv=2.0.10-11-g48983ca&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=P70wASyn&w=6316674530148352&o=5714937848528896&cv=2.0.10-11-g48983ca&r=false&vr=1280x939&pageURL=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Tue, 04 Oct 2022 11:12:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.75200 OK 13 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.75:0
Hash 42f09e2b0fe2f669754e5f92bc3e02cd
9f3947643d477a3d32ebda3a2606d3d8f96419cd
8c124cf08b92a0c3051d6cd49b4be9ff139f4ec04b64fd95f30bb292b7a929bd
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 11:10:34 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nkW8-e3PcoaJA57MWBfIy1Oq-WEiUaHHhn_qXK2XV4NyIlk0UbqLfQ==
age: 117
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
143.204.46.73200 OK 1.4 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
IP 143.204.46.73:0
File type JSON data\012- , ASCII text, with very long lines (1421), with no line terminators
Hash d243b21cce72027d70b697699201f844
313d9560ebebc846a205a01f627c39951d053213
730e96616988922cd538428876c21d36306d05852666fc86b1b3af3486e87d8a
GET /cdn/prod/config?src=600&u=https%3A%2F%2Ftinyurl.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1421
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 04 Oct 2022 09:45:44 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TA1HHdSVsQWkW3h4YX3e57phKNIlorXbWL6YxWDgJLf6-ni4rlLQkQ==
age: 5206
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20010202973e252f3cee542da9713843
75cd8f2646000c608a614cc3104a14d92480258d
f5d45deec4702401bcde7876d2f46f952153ae43c5cecb3f2d4182e5c9a374dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2618
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 10:28:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 904a0d87402d9eecfec00481cdb28d62
6b37e41d4321718433996e4c1f4eed2f8f1727fc
e0884556a581a67e0e212887e97ca7f4438ef644fea7a0efd10175902f5e77e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:32:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 314
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&pid=r5vzUlKTRxO7R&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&pid=r5vzUlKTRxO7R&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&pid=r5vzUlKTRxO7R&cb=0&ws=1280x939&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Tue, 04 Oct 2022 11:12:31 GMT
x-amz-rid: YV2KW7D4BW3WPMHNJHTD
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7C1dugauMQuUBINE7ZknRxUXZ0zStDHC17WdmrSORvTg18ChAqatDw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 904a0d87402d9eecfec00481cdb28d62
6b37e41d4321718433996e4c1f4eed2f8f1727fc
e0884556a581a67e0e212887e97ca7f4438ef644fea7a0efd10175902f5e77e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:32:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 314
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 4d14e8883a835d1f47bbf1005f05f2de
1d6f095e14cb9e2e93291eb0f40a1484cb33a8bb
759553c7de504c2667c4fb5341deb5546be9b3846d494d94214544d7f3e98c18
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:12:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 08 Oct 2022 07:12:45 GMT
ETag: "1d6f095e14cb9e2e93291eb0f40a1484cb33a8bb"
Last-Modified: Tue, 04 Oct 2022 07:12:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2335
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754d7ba3ac44b4f3-OSL
match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9175999abc2de9ca4ad0d9095af594b9
fc6f7c7d3092e8c6c49740967a631432557024a7
c8413b6c0a1f5e8b4547b700f5547d585a5d30c8fd2457fede43220d4e53fbf4
GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Thu, 03 Nov 2022 11:12:31 GMT
vary: Origin
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
IP 142.250.74.3:0
Hash 8bf20c50f49ab0085bf9b9a9dc701f3d
e346db1dbc83d6df1e2be46aa40d664e288b6aa7
6a43d02ff3f8569b7b10c200ea091b603b5914ba4d6cef53017cac41eb0dad61
POST /s/gts1d4/6lA6Bxn_uRA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
IP 142.250.74.3:0
Hash 8bf20c50f49ab0085bf9b9a9dc701f3d
e346db1dbc83d6df1e2be46aa40d664e288b6aa7
6a43d02ff3f8569b7b10c200ea091b603b5914ba4d6cef53017cac41eb0dad61
POST /s/gts1d4/6lA6Bxn_uRA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2s.t13.io/openrtb2/auction
34.107.140.113200 OK 167 B URL HTTP/2 s2s.t13.io/openrtb2/auction
IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c4ded498190abddb58768faa7e7a2cc6
8b8303972ce18a10fc4c84f46ef004ca56008530
96b958daac13ed39492e61268c3b30db06cadfda30c217294d73c41396c228a8
POST /openrtb2/auction HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2037
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
x-prebid: pbs-java/1.94.0
content-type: application/json
content-encoding: gzip
content-length: 167
date: Tue, 04 Oct 2022 11:12:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2s.t13.io/cookie_sync
34.107.140.113200 OK 563 B IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with very long lines (2192), with no line terminators
Hash d184406a2f9b49a107b3a1bb1acdc14a
b6c936a0e443cbe26eb169efbd70da2975207b47
d1346707c0bdefe9e9eb894bf0822b8473f0244f2823c27b073a0aa97402517b
POST /cookie_sync HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 130
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-type: application/json
content-encoding: gzip
content-length: 563
date: Tue, 04 Oct 2022 11:12:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 11507c8f6ffeabcb72c229ba65c12e76
107a7a9b8597cae0887b2f84bfc7b71b5eb406a7
c626775bddfff1e9836c498199a2777b238c00b0596fc411cbf3be3fc8eb792d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 10:13:51 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 a156165ae278c5ddd408f18e7181dccc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: iTdOxavFmSMHDGK2GZD7CRUUpx4IgbgbVheM4YYsOunSG8_atloelA==
Age: 3520
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 123c2efbf06cb624b76690d8bb59f94d
76c1a7b36c78c6b8d53b54073111004da6891fe8
e69513023b03f7bc982ede0b8b4d255ea087bed95cb97d3a46aadef19f627897
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3745
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 10:10:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 0da3acf1a24a90a0f532c4368b71de21
2c5e6648bb2e02021bf1becb75b2f33c50986739
828f1a3d656b011423129708b81ba9ca7f347f353d221ca9c325f8b91ce406c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:34:08 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 74Jlx8iiqtvWto4XKJjCj2qGyJg7Edd3ZUfxo1WyNwCFNyqthza_iA==
Age: 5903
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 0da3acf1a24a90a0f532c4368b71de21
2c5e6648bb2e02021bf1becb75b2f33c50986739
828f1a3d656b011423129708b81ba9ca7f347f353d221ca9c325f8b91ce406c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:33:42 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 1zBWeNR8zYbpkiKZDsfRQXxTDdXrE6Z_3Jdq7DBYWLpJnc6LGMom5A==
Age: 5929
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fde55b4ba25a0ca5fbf39c50615b2e0
6210374d3f3c48ce99086cf1be4dc7f12d378959
de0b8be4552817341f225c840c3ae5788ce0a21fb09a14f6d0332965b3973cba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:37:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 32bb28ca31875a794be64a3fe0698ab7
d3e59c7371451a8836ea847e56dd70b0a5f97e4d
c67a2ff747735e636fea91ad110b53532a199be894b7d5d303f0931ef10a37a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 10:00:45 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: RPc1x0ifWLywUS0TKTsOOaGjaGFaGXrksyjZmKWJ6QmXdNYmoA5Pmg==
Age: 4306
secure.quantserve.com/quant.js
91.228.74.200200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.200:0
File type ASCII text, with very long lines (26706)
Hash 9b97e6ee88f2959afd24a5e5dd2dad0d
d28b62129967fe35b59d2033997c0d15cc88ee27
43abef0f3b3b81a0476bb65de802b644c6e704db545df71fd67110f2597cb726
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
expires: Tue, 11 Oct 2022 11:12:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3844
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 04 Oct 2022 11:12:30 GMT
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
35.157.252.127204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 35.157.252.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1103
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:31 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 0da3acf1a24a90a0f532c4368b71de21
2c5e6648bb2e02021bf1becb75b2f33c50986739
828f1a3d656b011423129708b81ba9ca7f347f353d221ca9c325f8b91ce406c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 09:55:05 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: xdLv9lxwaEA5tLN8TkVzDSaI8Mq_pJ7aEYZ1v6VbXB1lhr28hxPq6g==
Age: 4646
hb.emxdgt.com/?t=1200&ts=1664881950876&src=pbjs
3.68.42.108204 No Content 0 B URL HTTP/2 hb.emxdgt.com/?t=1200&ts=1664881950876&src=pbjs
IP 3.68.42.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?t=1200&ts=1664881950876&src=pbjs HTTP/1.1
Host: hb.emxdgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 962
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
access-control-allow-headers: security, Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6lA6Bxn_uRA
IP 142.250.74.3:0
Hash 8bf20c50f49ab0085bf9b9a9dc701f3d
e346db1dbc83d6df1e2be46aa40d664e288b6aa7
6a43d02ff3f8569b7b10c200ea091b603b5914ba4d6cef53017cac41eb0dad61
POST /s/gts1d4/6lA6Bxn_uRA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v1/hub
54.230.111.53200 OK 1.0 kB URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP 54.230.111.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2319), with no line terminators
Hash 295585224941790363d18840392853ff
8ac1f8a3072f4be4e89c7edd197fe4ec0c79e4c4
365e239cc282ced164d651fceb7ca2cfd03db79db27b78d081ef813f91e5ea0d
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 10:31:37 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W_q6JZ8Jkw1yS49_WrwvwjVllMBWxarVfru2Qxhivcz5QXZ03Bcfdg==
age: 2454
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
35.157.252.127204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 35.157.252.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1105
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:31 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=5539671570
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=5539671570
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.19.0&cb=5539671570 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3880
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.132200 OK 251 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 41d4e96b15aaedba51f42b0f38f246e8
142c7625b5920d5c2c08282aaf11addac4b6864d
dbebb96567873dd4caa752d4dcd19d45f6ad3750f5922a1f65ab08a5bdad2e54
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1246
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 11:12:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 251
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
AN-X-Request-Uuid: 7a1d09aa-da1b-4040-859d-9fceacb89ddb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.0.157200 OK 28 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e3107ad7c1c8677be363231a026b838
72b88992a3935d8ca792c186e439df39278bf9d0
a2e42848c46cd58157b4093c24db6b2dd9ec9f6df1a6235d99e1b06e9f3cf357
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 373688
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.84.225200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.225:0
Hash 59f0d6a5028b3971e56c08bd8290a7c5
cb29081612fb512b946ef8ae1f31460694e58ca6
98d4bfe322bad511ca29ebe1076c9f27bc292ad76e4c0905618728da2ea2f269
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:12:31 GMT
Last-Modified: Tue, 04 Oct 2022 10:04:25 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 a156165ae278c5ddd408f18e7181dccc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: AK_m0s6j7XTUrtUZM5DoNjcEgp7UdWCV0_2IlJXnD2jzZ4Hu_vlmvw==
Age: 4086
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
35.157.252.127204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 35.157.252.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1086
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:31 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tmax=1200
18.193.202.200200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tmax=1200
IP 18.193.202.200:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tmax=1200 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1368
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.0.157200 OK 397 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (481), with no line terminators
Hash 7747fb69b9a5d149974d978d94747df6
b4a2c2de04c4b2d3053163407f953a4e7095ac7b
139079decf4680d5dbdc8ed4da66dcf2bcb3bf3a5fe2c9fb1cf7948c486570b4
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 1133788
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
35.157.252.127204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 35.157.252.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1087
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 11:12:31 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=4d8c6701-c012-450d-853a-6fdf766c8fd5%5E1&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v6.19.0&x_source.tid=e604bc3f-2fb8-4c56-b7c7-cec9518ebd11%3B2b57bffc-b26d-40a0-b22f-844b70ad6fc9&l_pb_bid_id=56dc652d15e53718%3B5786a962f8e4477&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.07199191496271107
213.19.162.31200 OK 631 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=4d8c6701-c012-450d-853a-6fdf766c8fd5%5E1&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v6.19.0&x_source.tid=e604bc3f-2fb8-4c56-b7c7-cec9518ebd11%3B2b57bffc-b26d-40a0-b22f-844b70ad6fc9&l_pb_bid_id=56dc652d15e53718%3B5786a962f8e4477&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.07199191496271107
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (631), with no line terminators
Hash 45a3a5b1b34a16d98c5bf176cc19928d
fa1b308a65ef28b9854c0555e1673fbc43b765ed
de3df46a5a51251ac01ba437fa814acc0755813ef06672ce584893f029d52ffd
GET /a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_pubcid.org=4d8c6701-c012-450d-853a-6fdf766c8fd5%5E1&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftiny.one%2FING6588%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v6.19.0&x_source.tid=e604bc3f-2fb8-4c56-b7c7-cec9518ebd11%3B2b57bffc-b26d-40a0-b22f-844b70ad6fc9&l_pb_bid_id=56dc652d15e53718%3B5786a962f8e4477&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.07199191496271107 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 04 Oct 2022 11:12:31 GMT
Content-Type: application/json
Content-Length: 631
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8U3Q7IP-A-60SZ; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 11:12:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqOS+qmDWRthO9DtVM30fCg5AuOp81iN6KpAITMBd9lucoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 11:12:31 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=L8U3Q7IP-A-60SZ; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 11:12:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqOS+qmDWRthO9DtVM30fCg5AuOp81iN6KpAITMBd9lucoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 11:12:31 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d77454998f1a59366e13e2127b2afb4
defaa51ebb106b902c4079a77299dc1456660704
12b3ccff4732360554b5b10be583bfbba4d2dd7a8862250649da309820ef6197
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:12:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 13:57:50 GMT
Expires: Sat, 08 Oct 2022 13:57:49 GMT
Etag: "defaa51ebb106b902c4079a77299dc1456660704"
Cache-Control: max-age=354917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754d7ba69828b500-OSL
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.14.1.40200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.14.1.40:0
File type Unicode text, UTF-8 text, with very long lines (31039), with LF, NEL line terminators
Hash 08cf2d083056b37ed3d81450fcae9e10
b00cfd2cfd7ae7b4c417ebdcf8e1ea60f6bde206
1b3dbda1abbc3d8852d3b65ca80fe0646d32e7ca0df4f32dfa3cb630ca2fb18d
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 08 Sep 2022 20:10:31 GMT
etag: "d71e-5e830058020dd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17404
content-type: application/javascript
cache-control: max-age=900
expires: Tue, 04 Oct 2022 11:27:32 GMT
date: Tue, 04 Oct 2022 11:12:32 GMT
X-Firefox-Spdy: h2
ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X
67.202.105.22204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X
IP 67.202.105.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP002
date: Tue, 04 Oct 2022 11:12:31 GMT
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 3a2b83564b4857221657fd24c112347b
093ffdf366a21ae8aec55b74c30d675363e9652a
fda30a37de4a5ab8b0e9d8c94efc80a3c4df5dae0c0ab6c6e6ef3c8c55b2812d
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:32 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
x-amz-request-id: NB2A206MY26ZNA92
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2565
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 754d7ba84f250b61-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
grid.bidswitch.net/hbjson
3.73.254.34200 OK 50 B URL HTTP/1.1 grid.bidswitch.net/hbjson
IP 3.73.254.34:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ebcb0f7347664ae691611c3a5ce91dac
fc635fe713c34c1dd42267136f2b287bf205f9e8
00fe48bd86641a25e542b59e1528fc10cdc1e4b5d92f32ac53f99df3cbc6c4db
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3455
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 11:12:32 GMT
Content-Type: application/json
Content-Length: 50
Connection: keep-alive
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
access-control-allow-credentials: true
bcp.crwdcntrl.net/6/map
34.251.218.252200 OK 20 B IP 34.251.218.252:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f8089d3c3cfdce3daf1e6aca3ead0fca
4dd3088b06555895c671a8b1146152c4ec0dc275
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:32 GMT
content-type: application/json;charset=utf-8
content-length: 20
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.20.191
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
x-consent: absent
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Wed, 04 Oct 2023 11:12:32 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Tue, 04 Oct 2022 11:12:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 11:12:32 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash ef27eb94f2489d96839bfddd63d9ccff
e3e5a62cb080c2ad2302318a781836993f43f32b
58a4231e4ceb454db999f8b5a6be71a765c411e37188ad6ed51053efc4f13f05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2800
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:32 GMT
Last-Modified: Tue, 04 Oct 2022 10:25:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
a.pub.network/core/pubfig/pubfig.messaging.2.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js
172.67.68.60200 OK 70 kB URL HTTP/2 a.pub.network/core/pubfig/pubfig.messaging.2.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js
IP 172.67.68.60:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 05d50c0369bf65cff17301e2e20a0523
109a58dc0f05052a29af872b3607eed6f1836dc4
18087beb9cab4e3a24735c4e019e7be8f37dad332de444345b22af236ee56141
GET /core/pubfig/pubfig.messaging.2.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtfQgEG1r4SmL6tU_SiCjdCKg35x77-0QDieyQZEh2TV1OYUquKiIbXEqmDud0GiD-l0HgZPNpqdst0w_W2jDZ0zA
x-goog-generation: 1664375410793613
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 216515
content-language: en
x-goog-hash: crc32c=gMYrpA==, md5=VpdNQCjfkcS+BpcGuaNcmA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 03 Oct 2022 16:27:42 GMT
cache-control: public, max-age=3600
last-modified: Wed, 28 Sep 2022 14:30:10 GMT
etag: W/"56974d4028df91c4be069706b9a35c98"
age: 70059
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSatXdC7OWC5rCZ1uW%2B%2FXg1LICj9LOJGyyaUsnkXD%2FouerJZeaeUtHBxdEdsMjvx6OBDDLGIi6kB1x7DYkxArOuUOl14L%2FE9popPxUvv%2BWueUm%2BW1IksB9l%2BReSz27E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7ba57f64b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b3f654f613a7527142df288279ee54d
b516ce32ecf1b6f70abec826ecfd5e5caf1c37ff
ef15a65591db24ead5cb5b2cebc288bb812c792bc0109f8844f66ab756aea7a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF15A65591DB24EAD5CB5B2CEBC288BB812C792BC0109F8844F66AB756AEA7A7"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2275
Expires: Tue, 04 Oct 2022 11:50:28 GMT
Date: Tue, 04 Oct 2022 11:12:33 GMT
Connection: keep-alive
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash e9c5b0926ad00484cc239d7ceca4f85b
761340292d67326d70408e2437d8cbae2c34a615
fa4ee977cc1b7565dbf2f40c0b09c4a0e056eea978808fcebabe677aa2415477
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:12:32 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Wed, 05 Oct 2022 11:12:32 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac1663a4dd8e722bc37c2861b9658e34
62ec0c390704bf7fed9d460d78e091be8536b4e9
ffd36942aaf2c5589c71e8ca6402f48ced53c59b78235da60fa89d49ae6e480d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5631
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:12:33 GMT
Last-Modified: Tue, 04 Oct 2022 09:38:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
66.155.71.149302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
IP 66.155.71.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=e433c15f-eec6-458d-b982-53ab662ec5cd#1664881953995; Domain=.sitescout.com; Expires=Wed, 04-Oct-2023 11:12:33 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
content-length: 0
date: Tue, 04 Oct 2022 11:12:33 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
66.155.71.149204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
IP 66.155.71.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Tue, 04 Oct 2022 11:12:34 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c49a8c2c89b4d846035f32e0aa861ec5
7b8ac9f89f95a3ecf8bd6f6fa898109c82a9da50
c4094cb65a0a17209bbf54c0e5bb4c3a66548fc18d551810e843e7ac4d6a3ae9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:12:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 07:53:46 GMT
Expires: Tue, 11 Oct 2022 07:53:45 GMT
Etag: "7b8ac9f89f95a3ecf8bd6f6fa898109c82a9da50"
Cache-Control: max-age=592270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754d7bb63e17b500-OSL
bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidtellect%26uid%3D%7Bglobalid%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
192.132.33.46200 OK 35 B URL HTTP/2 bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidtellect%26uid%3D%7Bglobalid%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
IP 192.132.33.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /pixel/cookiesyncredir?rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidtellect%26uid%3D%7Bglobalid%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: image/gif
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track004-iad
date: Tue, 04 Oct 2022 11:11:54 GMT
content-length: 35
X-Firefox-Spdy: h2
ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
52.31.159.9302 Found 0 B URL HTTP/2 ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
IP 52.31.159.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 04 Oct 2022 11:12:34 GMT
content-type: application/json;charset=utf-8
content-length: 0
location: https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=ga2023fcfee6dfb25a79&gdpr=&gdpr_consent=&us_privacy=
set-cookie: yieldmo_id=ga2023fcfee6dfb25a79%7C1664881954502%7C0%7C; Domain=.yieldmo.com; Expires=Wed, 04-Oct-2023 11:12:34 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=156696 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=53650
expires: Wed, 05 Oct 2022 02:06:45 GMT
date: Tue, 04 Oct 2022 11:12:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash d6f33e6f034732c6552098d1388a4e08
196b46f2cf066072f398eef31f3dc0a0ea2716c8
03c55aa26c3806bf11ef06d3b60606db792bf714ad0303acd46e337172743d32
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 05 Oct 2022 11:12:37 GMT
Date: Tue, 04 Oct 2022 11:12:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.html
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 04 Oct 2022 11:12:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 9.4 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (17962)
Hash 2a312d66a9a931c16d5fcd4814ff8735
cd907367e52483996f8e21de2c7c6c93dca2a22e
367e4a2c9d6825dc173319212a33327d444f1e25ba2e40b3875753fd52f918dd
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Content-Encoding: gzip
Content-Length: 9423
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29076
Expires: Tue, 04 Oct 2022 19:17:11 GMT
Date: Tue, 04 Oct 2022 11:12:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 3e1ab0c123f0a8403254a8d599bec3f1
eb4c53c8e3525920b5c90710ceeedbeb552e09a6
793706bc81e0ff7d18ef0fb2df95798a1fe1bd778f5fee682f83b39c8e7a66df
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 11:12:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 20:42:54 GMT
Expires: Tue, 04 Oct 2022 20:42:54 GMT
ETag: "eb4c53c8e3525920b5c90710ceeedbeb552e09a6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
eb2.3lift.com/sync?
13.248.245.213200 OK 37 B IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:35 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
biddr.brealtime.com/check.html
104.17.119.107200 OK 536 B URL HTTP/1.1 biddr.brealtime.com/check.html
IP 104.17.119.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (926), with no line terminators
Hash 0033ea2ac7bf71369f3ca914869bd7f4
02cb500ceeafb2659c849f0233a01b1ad54849dc
e15c3b7839bfc0e44b766cc6e09520867e821936580e3cab19c0046a9815ac0e
GET /check.html HTTP/1.1
Host: biddr.brealtime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:12:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: WeqF89pYIGWpFNs426rAd5J4pPA0pX7StLc3dP4FJwbYenlb1hONdEOob5jWo4xU9l+FdgGxHIU=
x-amz-request-id: H6ZYF8B5P5AMX1X7
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 5205
Expires: Tue, 04 Oct 2022 12:12:35 GMT
Cache-Control: public, max-age=3600
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754d7bbccc580b3d-OSL
Content-Encoding: gzip
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash 621190ae3976c5b7cca43325495458e1
f7421cd5969ec355da5102795de200e8710d0d6b
f8bbd9fe28b60375450f192ff3c869b29ab4cfe54e54b33d18a701f0aeee8e6d
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Mon, 2 Jan 2023 03:02:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 04 Oct 2022 11:12:34 GMT
content-length: 60
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=themediagrid
3.67.157.21302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?ssp=themediagrid
IP 3.67.157.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 04 Oct 2022 11:12:35 GMT
Location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
Set-Cookie: tuuid=0c6d9722-4f8e-455a-8b6b-d27bf74fe9d0; path=/; expires=Wed, 04-Oct-2023 11:12:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664881955; path=/; expires=Wed, 04-Oct-2023 11:12:35 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664881955; path=/; expires=Wed, 04-Oct-2023 11:12:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664881955; path=/; expires=Wed, 04-Oct-2023 11:12:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?ssp=themediagrid
3.67.157.21200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?ssp=themediagrid
IP 3.67.157.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 04 Oct 2022 11:12:35 GMT
Content-Length: 43
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash b69df3541c98a18760000b68231705f9
b531a89e68ed0afecec4aedec09e308472e23b97
7d9176a7f6cc35444e7a80982d6a807234bee43f9d269670285ce16ec8d2922f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 11:12:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 22:03:21 GMT
Expires: Tue, 04 Oct 2022 22:03:21 GMT
ETag: "b531a89e68ed0afecec4aedec09e308472e23b97"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.emxdgt.com/hb_sync/
18.156.32.70204 No Content 0 B IP 18.156.32.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hb_sync/ HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biddr.brealtime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Tue, 04 Oct 2022 11:12:35 GMT
content-length: 0
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
35.170.12.248200 OK 0 B IP 35.170.12.248:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
143.204.55.84200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP 143.204.55.84:0
GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Tue, 04 Oct 2022 11:00:24 GMT
cache-control: max-age=3600
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AWGTVdq2XTQl_b68pCVzEnWS5SYvhNUNtwqdNcKEpU3KtoorPNMnZw==
age: 746
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.117.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.117.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:12:32 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Wed, 05 Oct 2022 11:12:32 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
tinyurl.com/app/nospam/tiny.one/ING6588/terminated
104.20.139.65200 OK 0 B URL HTTP/2 tinyurl.com/app/nospam/tiny.one/ING6588/terminated
IP 104.20.139.65:0
GET /app/nospam/tiny.one/ING6588/terminated HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.8
cache-control: public, max-age=14400
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 04 Oct 2022 11:12:29 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Inl4UndUMVV2Y0tHbUhGZHRXblRhWEE9PSIsInZhbHVlIjoickpSdkZGb1RFU0dHb3lscXZSRFdpajE1OWdCaUdqeE54VjAwS0FLd2xtNU9TUnJJQUU3WUFxVHZWSGVPRXU2aUNwdEtiN1ZaSU1ZYnZRZWtodTAxSy9BRG9ldDJ3bmVIMzlNT0FRc3ZyQzRUL0lreS9aZlBJV0dQTVp4UUZaengiLCJtYWMiOiI3ODVmMjI5OWY2NjYyYjk0ZjZjZThiNzQ4ZGU0YjYzYjlhNWQ3N2QxMjVkY2JiOWQ3YmRmYmFiNTljZTNkYjM5IiwidGFnIjoiIn0%3D; expires=Tue, 04 Oct 2022 13:12:29 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax
tinyurl_session=eyJpdiI6ImZiNE1HRjVvaXg5ZGs2aTVZZHUwaXc9PSIsInZhbHVlIjoiVWNHVzJpVUJBeEtIaDFwYUZNQllwQ0VmYmx6dzZTeDJwWEw2Rk82RzA0eXppbXhXQzBNb3FjdDliU1NJSUlnYUlrbXd5SkxVWE4vWmpvM1BQcHdjRUNoK0ZSQndLS20vN0JPY2wvZXdhTlBrMGhFL1ZJN1U4OFhDS04zSlNrOEQiLCJtYWMiOiJlZDAzOGM0MDhmY2UxOGE4NTc1YjM2Njk3YTZjMGI2OTQ2MjgwMWY3Njc5MTMwYzFiNDdkYWI5YjcyYTkyZjBlIiwidGFnIjoiIn0%3D; expires=Tue, 04 Oct 2022 13:12:29 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax
tinyUUID=eyJpdiI6IlhQY1laa1djNmdETVJuVjEyK0owbWc9PSIsInZhbHVlIjoiZExIaU5xc1hJRCtXWkdpOXh1UnBwU2VmRnE2WjlaU3FlNU1FV1EzaHFWbU1veHVURlczZDh5ZGVkT1NHRTdsMDZvYzJ2dUFUZy9JT1FJVFRaZ1dCQjk5elhUV3NVWUlpY040d0NqS3BWOTA9IiwibWFjIjoiYzMzY2I1MDdiOWU2MTlhNTRkODY0ZWMyZWJiMWY0OTMxYjdhNTM0MTMxZWE2OGUyN2M5MzA0NWM1MDQ5M2UxMSIsInRhZyI6IiJ9; expires=Sun, 03 Oct 2027 11:12:29 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; httponly; samesite=lax
cf-cache-status: MISS
expires: Tue, 04 Oct 2022 15:12:29 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b950ae31c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
IP 143.204.55.76:0
GET /tcfv2/cmp2.js?referer=tinyurl.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Wed, 14 Sep 2022 18:13:49 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=3600
date: Tue, 04 Oct 2022 11:12:05 GMT
etag: W/"6d50b90bdafc3d438c55bd915fd5301d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nYaU4KHJFX_MIY_ZJgS8ovp_8Ez8ZfwuvyE-mMCN_UPAsgN_p-qRKg==
age: 26
X-Firefox-Spdy: h2
a.pub.network/core/prebid-analytics-6.19.13.js
172.67.68.60200 OK 0 B URL HTTP/2 a.pub.network/core/prebid-analytics-6.19.13.js
IP 172.67.68.60:0
GET /core/prebid-analytics-6.19.13.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: text/html
x-guploader-uploadid: ADPycdt_5Gi2ew-0i7q8Hx97d4g6WYEAyGeNgIrrelkosZwx6BflWFWVmsa9ScEvealEj3sxKxpq6mjbpGfdG5hnyT0aQg
cache-control: private, max-age=86400
expires: Tue, 03 Oct 2023 15:44:51 GMT
last-modified: Tue, 28 Jun 2022 15:25:08 GMT
etag: W/"b8b371d9c59a412918c1649c4ab4fa8f"
x-goog-generation: 1656429908313193
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 545828
content-language: en
x-goog-hash: crc32c=xBWN/w==, md5=uLNx2cWaQSkYwWScSrT6jw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 70059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGcz%2BPHFbZkjz3rFPjqkw4j60PUynkSyVz5i%2Fo3bK2Cmayu%2B910d5bR%2Fe8AM%2B7O50E3QEn2niCeqAtSM2cfxHORM4MNxU5iCaJUJnX1clX0pY6RvbvuiHSb3P52Fu8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b9f2e5eb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
date: Tue, 04 Oct 2022 03:41:05 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hw6IINoGmGIeJPDgcb0m3r8Byl51XP2GRWk19u-K1lBjNi9Q5nQTsA==
age: 27422
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.4200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.4:0
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Tue, 04 Oct 2022 02:40:17 GMT
last-modified: Tue, 19 Jul 2022 18:12:22 GMT
etag: W/"979a52ecf913f8004d0123a9b7ba2a05"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _KpO2PTXKNkmqKr5-MCQWcF4Z58PY6fMjn2c8JFLrdU2nZ3DwRV97g==
age: 30736
X-Firefox-Spdy: h2
tiny.one/ING6588
104.19.136.56301 Moved Permanently 0 B IP 104.19.136.56:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ING6588 HTTP/1.1
Host: tiny.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 04 Oct 2022 11:12:28 GMT
content-type: text/html; charset=UTF-8
location: https://tinyurl.com/app/nospam/tiny.one/ING6588/terminated
x-powered-by: PHP/8.1.10
0: X-LIGHTTPD-LONGURL
1: https://mifdaturen.sch.id/ESP764783874/?pwd=ing
2: Cache-Control
3: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 754d7b9199ab1c12-OSL
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
172.67.68.60200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP 172.67.68.60:0
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: text/css
x-guploader-uploadid: ADPycdtobYLyn4E8U_JW9oAQmcYd62deohsGFyp9mnIgDUYyXzYlDMK4Ff2XsaWutxh_bZeONv_UeZA3dy7NVSDWHkt5Yg
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Tue, 04 Oct 2022 11:45:27 GMT
cache-control: public, max-age=3600
age: 1623
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyC4UpicE2hSzoVROjP6iuxbXhrU5KKb2LdeAJCBDWWZqXvRKx1KG%2F1F%2FuN2rmxuhuMzlh8MTVzefrczumLSa2qwyV6ptBYBaOAgX63tNK%2B63yyIn8%2FYL1JOHWS%2Ffb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b9ba92eb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.pub.network/tinyurl-com/pubfig.min.js
172.67.68.60200 OK 0 B URL HTTP/2 a.pub.network/tinyurl-com/pubfig.min.js
IP 172.67.68.60:0
GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdt_STcIDOIrh3mR_05hZqummOpj6InM5JctQLLptbn3ZRAK--Q_HwJ1QG0X7EZikX-GyD5RBmVo88gmDUXyFUGyUJ_G6p3w
x-goog-generation: 1664477235936105
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 149735
x-goog-hash: crc32c=xnZARQ==, md5=Hwfkndit07X9iF6hDbeDhQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 03 Oct 2022 15:46:30 GMT
cache-control: public, max-age=1800
last-modified: Thu, 29 Sep 2022 18:47:16 GMT
etag: W/"1f07e49dd8add3b5fd885ea10db78385"
age: 70020
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwslElZQGqXIQvwm7ITKufbaBypOzpYDEFpQdn3vlm5CkBpXL9SH0CjSpaPoyto5T3Hqqyn3wHmR73hxKli7thqvJYVTmk5UUgX%2FFNmYSG3XlRFe5Xzko24zywgHDug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b9ba933b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
35.170.12.248200 OK 0 B IP 35.170.12.248:0
OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP 143.204.55.76:0
GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: gzip
cache-control: max-age=900
date: Tue, 04 Oct 2022 11:12:24 GMT
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gPwFOQhij9Unb4_MUcxTPBNjb9OvX9hQm0o0ZKPGVb8rUEZT95pHrQ==
age: 7
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 04 Oct 2022 10:24:38 GMT
last-modified: Fri, 30 Sep 2022 18:36:21 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: CgczrPDLGNSns1bev1Zx19gIBzJs8F9HtbgJS17Y6bAO8Exd7Ijqww==
age: 2874
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.engine.4.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js
172.67.68.60200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.engine.4.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js
IP 172.67.68.60:0
GET /core/pubfig/pubfig.engine.4.33.1.b6e4891a3a6a1eb4226c0617d94c3e62e95735b2.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:12:30 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduE6zaISQQwO6RucYmFEh86DwBfL3uzNA4ITWgJznjkvOGBPc0ZtMTRX_aA9XvmV35L0SXV-xomfxbOFno9E5g0Rg
x-goog-generation: 1664375405274462
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 438029
content-language: en
x-goog-hash: crc32c=Y2UM/w==, md5=/0YNxPUp+tFqfupoTJ2N0A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Mon, 03 Oct 2022 16:27:40 GMT
cache-control: public, max-age=3600
age: 70059
last-modified: Wed, 28 Sep 2022 14:30:05 GMT
etag: W/"ff460dc4f529fad16a7eea684c9d8dd0"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgXXTPNy6H%2FrKIs5rhwJduJXN3niwa1VvAUZprb2E0IthLzl%2FWd%2FmwWxe4VPWExiNadGVZ6yVwktZgo3NQUcvG0vlSUUWwdVaDulTeksD65IkyDXTc6K4DZN63%2FLQLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d7b9e2cf5b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.94200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.94:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 04 Oct 2022 06:06:36 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g7rmYZslY0Xh_1OFlVDL_yZ0IkxHYmtIZYpiIYNnE1Qu7w6NRU9RPw==
age: 18354
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=A8807C19-C369-459E-A412-DD9E4851362B&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=A8807C19-C369-459E-A412-DD9E4851362B&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=156696&sc=1&u=A8807C19-C369-459E-A412-DD9E4851362B&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:12:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2