skype.2.vu/k
104.236.48.227301 Moved Permanently 185 B IP 104.236.48.227:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a107aba61c93cdf7882a9c6750a4b8fc
8b9bea8c8373e3f0386e14134443c1873e3cf219
69758c97903bb258a8ccdea130baf19bb258861c475667b5320454d143bcbd3a
Analyzer Verdict Alert fortinet Malware
GET /k HTTP/1.1
Host: skype.2.vu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.1
Date: Fri, 16 Sep 2022 05:47:51 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 05:10:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q5EzhEF2tdMd6Dnc6QoaaeJnsP-I6DDEtPgSukChf0rF05UUww1VEQ==
Age: 2225
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10123
Expires: Fri, 16 Sep 2022 08:36:34 GMT
Date: Fri, 16 Sep 2022 05:47:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cqVEXbOfCr0N2Fey1aISU3_7L3MnaUqvufuISIIlROgb40vxrEre6Q==
age: 4356
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 05:47:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be4c21cc9d97fdad81df524b055eb537
d0a635a66091955c83ddcb2039be777ad6d9ce9b
e56d22a298dfb12471b9ac524077669e8133810cfe6212dbf83772ca639d6b59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E56D22A298DFB12471B9AC524077669E8133810CFE6212DBF83772CA639D6B59"
Last-Modified: Thu, 15 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 16 Sep 2022 11:47:29 GMT
Date: Fri, 16 Sep 2022 05:47:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 05:03:22 GMT
Expires: Fri, 16 Sep 2022 05:09:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lu424PjAeGS-1Y0eWb_QxlkgobFpgReE7EHeyz4n-MTczNQbzBr8jA==
Age: 2669
tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
159.203.160.179404 Not Found 6.3 kB URL HTTP/1.1 tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1632)
Hash b88047c287cc10f281c18008c5444349
1f3768fd7ec9c40e119d4d02bd0cc5bdb881a14e
70b105028e8bb428ac9e0309cb8b868d64a644d105881d2de1c9bf597f4d0523
GET /tiny/custom_domain_redirect/skype.2.vu/k HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 16 Sep 2022 05:47:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6286
Connection: keep-alive
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
104.17.24.14200 OK 1.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
IP 104.17.24.14:0
File type HTML document, ASCII text, with very long lines (4568), with no line terminators
Hash 00dd42f35cd9c0d8303e641114d133be
3c8eb4e0dbdec9b3d5a441c7d169cc2ca8e4bb95
32ee19d8d026f21bc106c2d52c9a0d2df17797b80fa62355d0ab0455fab9ac33
GET /ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1618
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-11d8"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 652592
expires: Wed, 06 Sep 2023 05:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdRiCCHOly4uLJ0JEzwzvJkXatKdeGO%2BvRT7CATX%2FfGNbB1yujTkwWehtRMm3pBpu1jO%2FivGGnMxVae0mL38xHPuArhd1NGP4r%2Fstspmsei3zvI%2FART9FyoWsefDbiJd%2BdKnKFgr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b74f534ed31bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tinycc.com/tiny/css/style_desktop.css
159.203.160.179200 OK 8.4 kB URL HTTP/1.1 tinycc.com/tiny/css/style_desktop.css
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (16515)
Hash 760e1022e00a0590eca735a5b7247ad9
520d914c83b6bfa1a1ab1c20ef89f85f6c98fad8
ff9d30ddfd1552e7eef3fe2a4438c5dd7db590c8221f22914ee313cbdd5eafc6
GET /tiny/css/style_desktop.css HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Sep 2022 11:10:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6321b69c-7c41"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5108
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Last-Modified: Fri, 16 Sep 2022 04:22:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
216.58.207.202200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 09:42:03 GMT
expires: Tue, 12 Sep 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 331549
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tinycc.com/tiny/js/script.js
159.203.160.179200 OK 2.2 kB URL HTTP/1.1 tinycc.com/tiny/js/script.js
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (772)
Hash f9a7e162d78bb9179db133190f4eee07
43411bc4fcfa82c45e70b6707891e9b497310e3b
c30126e97395a387ee598207b628cab3748b72d0e6632c347041f4ce7742a6a7
GET /tiny/js/script.js HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Sep 2022 11:10:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6321b69d-1970"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 68 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (27303)
Hash 8a3e8438babf5cf134607b9f2b39f7b9
e4b8ec6092c2c3e823ab5f4a6db2435435b3424b
b72efb6e00e5260a83b14f7b8bd2cedea0da26f62b71d6df24758da20d97a943
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 8751520
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b74f5328b5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.11.207200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.0
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 2022-02-23 12:46:41
cdn-edgestorageid: 864, 617
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f87f1aa310196771479dc0856dc4cc19
cdn-cache: HIT
cf-cache-status: HIT
age: 111640
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b74f5468bfb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tinycc.com/tiny/img/facebook.gif
159.203.160.179200 OK 201 B URL HTTP/1.1 tinycc.com/tiny/img/facebook.gif
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 32 x 32\012- data
Hash 391231c2a52c7f9794f4f52996cd7e5f
0500bc4d5eef1da24892feed6abe5e26e715f6d3
3fcb3f4a87366e9b1fe0db4ebcdacf2a07af17bbcbfe78f2df27ddd99cfa68be
GET /tiny/img/facebook.gif HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/gif
Content-Length: 201
Last-Modified: Wed, 02 Aug 2017 08:37:57 GMT
Connection: keep-alive
ETag: "59818f65-c9"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/tinycc-logo.svg
159.203.160.179200 OK 4.8 kB URL HTTP/1.1 tinycc.com/tiny/img/tinycc-logo.svg
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (710)
Hash 5d915ebcb4d28c67115474d8e7928d82
94c0c9796e650183051c62025e762f5d6e929993
621c5bd34632f09c9938b8246a229111325e51dbe7930eb094e8cae3821886ca
GET /tiny/img/tinycc-logo.svg HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/svg+xml
Content-Length: 4769
Last-Modified: Tue, 15 Feb 2022 07:55:55 GMT
Connection: keep-alive
ETag: "620b5c8b-12a1"
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/Twitter.png
159.203.160.179200 OK 527 B URL HTTP/1.1 tinycc.com/tiny/img/Twitter.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash ab91503b25ba3bac5a6edb77ed972fab
ac41acae2e1f9b035f1e4dd31aa6f56c55e7b7c5
a706fb4830cdb16a9039afe5e0c0683ab1394dcbf0d94dbb626e1fa10dfa8ef6
GET /tiny/img/Twitter.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 527
Last-Modified: Thu, 26 Nov 2015 08:55:37 GMT
Connection: keep-alive
ETag: "5656c909-20f"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/coda/v21/SLXHc1jY5nQ8FUUGaw.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/coda/v21/SLXHc1jY5nQ8FUUGaw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20896, version 1.0\012- data
Hash 12d73db5dfb398dccb52b2035bb42a7f
2e00273693f6f1e2b73bf05893d32d2d76021f06
d5543b71f8de87f3284aaf0051aceacd5bf286018c0881e484afb4753849908c
GET /s/coda/v21/SLXHc1jY5nQ8FUUGaw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 00:55:19 GMT
expires: Sat, 16 Sep 2023 00:55:19 GMT
cache-control: public, max-age=31536000
age: 17553
last-modified: Thu, 21 Apr 2022 16:40:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 123224
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tinycc.com/tiny/img/tinycc-logo2.svg
159.203.160.179200 OK 4.7 kB URL HTTP/1.1 tinycc.com/tiny/img/tinycc-logo2.svg
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (710)
Hash 3dc3db1fb606150e0a948339f35b3445
07c4ac4cdc28c2c8e60f71027885db467e9bf85a
c2b77542d9c2e479974ece1d131a35d29b86f7dd73a1b81b06da1af2ef767077
GET /tiny/img/tinycc-logo2.svg HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/svg+xml
Content-Length: 4742
Last-Modified: Wed, 13 Oct 2021 08:02:04 GMT
Connection: keep-alive
ETag: "6166927c-1286"
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/loader.gif
159.203.160.179200 OK 6.8 kB URL HTTP/1.1 tinycc.com/tiny/img/loader.gif
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 66 x 66\012- data
Hash 69f58b3c2cff5df8df289e59362c610e
17be848c010681533d948ed1600cbc79f1f69ef3
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
GET /tiny/img/loader.gif HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/gif
Content-Length: 6820
Last-Modified: Wed, 07 May 2014 18:20:13 GMT
Connection: keep-alive
ETag: "536a795d-1aa4"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/smart_links.png
159.203.160.179200 OK 3.0 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/smart_links.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 62 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c7b4d28cc7a714c9b5478cf35609975
af2790bdf78965d8a6cdae44cccdc5b7e33a6801
338980c854854235e2b44538a7e40a5203b8e8778ddb337589ca9aeb1dc3740c
GET /tiny/img/front/features/smart_links.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 2976
Last-Modified: Fri, 16 Aug 2019 12:08:47 GMT
Connection: keep-alive
ETag: "5d569ccf-ba0"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tinycc.com/tiny/img/front/features/team.png
159.203.160.179200 OK 2.6 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/team.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 52 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 95605dae80fabe5828c7feaa3a2b9e1b
355bea3c292ac63586ab5514f08b7f1184f24011
14dfdcf001a06da5e7016d3013074f832460e380ec62f2cb3f9a83556d60254e
GET /tiny/img/front/features/team.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 2596
Last-Modified: Fri, 16 Aug 2019 12:08:47 GMT
Connection: keep-alive
ETag: "5d569ccf-a24"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/white_label.png
159.203.160.179200 OK 2.0 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/white_label.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 62 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bcadbb51cef38586c514d066a73e50a
10fd93accdcbbb078fec3ea235773afbbffa5a75
07889f64e7cd7edaea42ce899356ea08d5b7a525f80f3d526e18e0f098706204
GET /tiny/img/front/features/white_label.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 1964
Last-Modified: Fri, 16 Aug 2019 12:08:47 GMT
Connection: keep-alive
ETag: "5d569ccf-7ac"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/retargeting.png
159.203.160.179200 OK 2.7 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/retargeting.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a0d780d54af0f173a577a164066e586
cb406e223c0b05ffd19b6c1067e6476eba19bbc8
85c55bdb59b914be6ee91c4d9081bb7ee49c7b6a53165049a14135a8ce43bc25
GET /tiny/img/front/features/retargeting.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 2689
Last-Modified: Fri, 16 Aug 2019 12:08:47 GMT
Connection: keep-alive
ETag: "5d569ccf-a81"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: py39Gdx1xEaPrE1a1xb9hQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 668DemBHsgrk+crrzoEVcuR5wPo=
tinycc.com/tiny/img/front/features/tools.png
159.203.160.179200 OK 1.3 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/tools.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 30 x 30, 8-bit colormap, interlaced\012- data
Hash de9232ebc4386fa568e606a9870d2c54
317dea1b3177d50b76c0a28f676c52de6f349f6e
f174f16212c2aedd7e0365cf0b3a2642a35870ea20d03e0854ddfb5db7478378
GET /tiny/img/front/features/tools.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 1322
Last-Modified: Sat, 16 Nov 2019 09:48:51 GMT
Connection: keep-alive
ETag: "5dcfc603-52a"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/urls.png
159.203.160.179200 OK 1.3 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/urls.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 30 x 30, 8-bit colormap, interlaced\012- data
Hash 96658c90101840cde33e6bf9077e3427
7dd8ab7d059614fbb5eab2a8678e39bb604ef6ce
8bf52e2b383c96d47e0cb55938a0eb3d55b4af80e944a614e4246ee206427910
GET /tiny/img/front/features/urls.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 1277
Last-Modified: Sat, 16 Nov 2019 09:48:52 GMT
Connection: keep-alive
ETag: "5dcfc604-4fd"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/apis.png
159.203.160.179200 OK 1.1 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/apis.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 21 x 30, 8-bit colormap, interlaced\012- data
Hash 702ae6e2b3cc0ce2d49debb7f9f29a66
2cb985282b6b17aed8769221507a09e07bb60180
8f9f8f5b0925c0ee36d8331761242487d3409e8c85f676cb62c1ff9f43b0b543
GET /tiny/img/front/features/apis.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 1135
Last-Modified: Sat, 16 Nov 2019 09:48:49 GMT
Connection: keep-alive
ETag: "5dcfc601-46f"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
tinycc.com/tiny/img/front/features/affiliates.png
159.203.160.179200 OK 1.1 kB URL HTTP/1.1 tinycc.com/tiny/img/front/features/affiliates.png
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 30 x 30, 8-bit colormap, interlaced\012- data
Hash e8a46659e7061ce73e0d65557ca1f5a5
d61ed9fc340363600ec5d1c5be8402697bbbbc24
18e662d9cfb87afad50377c30f2e85242ae1df655eabecbed62e7556ad3e93c1
GET /tiny/img/front/features/affiliates.png HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/png
Content-Length: 1084
Last-Modified: Sat, 16 Nov 2019 09:48:47 GMT
Connection: keep-alive
ETag: "5dcfc5ff-43c"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55618314b5346f28acef72e499dc5de2
11ebb0929659f643ea7faf392880f3276b0931ca
1181d8d5f6a9b36f0df59e99600ca1048f7adec1528f195ad0c40e59b2585bcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 16 Sep 2022 04:41:12 GMT
expires: Fri, 16 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 4000
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Fri, 16 Sep 2022 05:47:52 GMT
expires: Fri, 16 Sep 2022 05:47:52 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f35d22782378ad2"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=2BD4F28D62A3674E189EE0AC63566691; domain=.bing.com; expires=Wed, 11-Oct-2023 05:47:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53C9FEDD58534E4686E32D065012422A Ref B: OSL30EDGE0520 Ref C: 2022-09-16T05:47:52Z
date: Fri, 16 Sep 2022 05:47:51 GMT
X-Firefox-Spdy: h2
tinycc.com/tiny/img/favicon.ico
159.203.160.179200 OK 1.2 kB URL HTTP/1.1 tinycc.com/tiny/img/favicon.ico
IP 159.203.160.179:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 6f9c2f9c23eaeb11bd194cd4ce2a2f7d
eaa97e6378e42ef6b5953849509d808153443809
5b52f9304336b8bafb10f6427e4ce2967e7a710d5cd604b46a0a9c91df1fcd82
GET /tiny/img/favicon.ico HTTP/1.1
Host: tinycc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/tiny/custom_domain_redirect/skype.2.vu/k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 16 Sep 2022 05:47:52 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 15 Mar 2017 04:03:19 GMT
Connection: keep-alive
ETag: "58c8bd07-47e"
Expires: Sat, 16 Sep 2023 05:47:52 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Accept-Ranges: bytes
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 082af8f6ad7e453a93dd3d1e0ed74005
a768614da451435f22b8f19a0cd4977c48a639ce
f53c36c80f6af2bb427ea6b9d34dd82f8dbcf05d23b92d78ce6372af3a46d57c
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 07:12:08 GMT
expires: Thu, 14 Sep 2023 07:12:08 GMT
cache-control: public, max-age=31536000
age: 167744
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
router.infolinks.com/usync/lcmanage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f566de8b50c-OSL
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=25094617&tm=gtm002&Ver=2&mid=7b17ea33-3d7d-4d86-9e02-d0dced634f6d&sid=1187bab0358311eda70603ee9ccd116f&vid=1187cbf0358311ed9d30ef967a9975d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tiny.cc&kw=Tiny,%20custom%20domain,%20branded,%20url%20shortener,%20edit%20URL%20redirect,%20tinylink&p=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&r=<=1129&evt=pageLoad&sv=1&rn=266250
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=25094617&tm=gtm002&Ver=2&mid=7b17ea33-3d7d-4d86-9e02-d0dced634f6d&sid=1187bab0358311eda70603ee9ccd116f&vid=1187cbf0358311ed9d30ef967a9975d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tiny.cc&kw=Tiny,%20custom%20domain,%20branded,%20url%20shortener,%20edit%20URL%20redirect,%20tinylink&p=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&r=<=1129&evt=pageLoad&sv=1&rn=266250
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=25094617&tm=gtm002&Ver=2&mid=7b17ea33-3d7d-4d86-9e02-d0dced634f6d&sid=1187bab0358311eda70603ee9ccd116f&vid=1187cbf0358311ed9d30ef967a9975d6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Tiny.cc&kw=Tiny,%20custom%20domain,%20branded,%20url%20shortener,%20edit%20URL%20redirect,%20tinylink&p=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&r=<=1129&evt=pageLoad&sv=1&rn=266250 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=054FE5FD6A546AF924F1F7DC6BA16B99; domain=.bing.com; expires=Wed, 11-Oct-2023 05:47:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61D5A5D893664364BDECDF0C5377D4A2 Ref B: OSL30EDGE0520 Ref C: 2022-09-16T05:47:52Z
date: Fri, 16 Sep 2022 05:47:52 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
23.38.200.22302 Moved Temporarily 154 B URL HTTP/1.1 cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Thu, 15 Dec 2022 05:47:52 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Fri, 16 Sep 2022 05:47:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 16 Sep 2022 05:47:52 GMT
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91610502-1&cid=1941962807.1663307257&jid=244508956&gjid=217105679&_gid=2034097316.1663307257&_u=IADAAEAAAAAAAC~&z=2039311988
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91610502-1&cid=1941962807.1663307257&jid=244508956&gjid=217105679&_gid=2034097316.1663307257&_u=IADAAEAAAAAAAC~&z=2039311988
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91610502-1&cid=1941962807.1663307257&jid=244508956&gjid=217105679&_gid=2034097316.1663307257&_u=IADAAEAAAAAAAC~&z=2039311988 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://tinycc.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Sep 2022 05:47:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:52 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 74b74f57b924b4eb-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyQOCOBkdwPDZPaFWjSr4AAA; Path=/; Domain=casalemedia.com; Expires=Sat, 16 Sep 2023 05:47:52 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4325; Path=/; Domain=casalemedia.com; Expires=Thu, 15 Dec 2022 05:47:52 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4325; Path=/; Domain=casalemedia.com; Expires=Thu, 15 Dec 2022 05:47:52 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNoNFg8ugNvkZUBcQHuawbM0DLUKdn7OnuPSrAuRxBhUj2tP4LHJhpA%2BDmFOgkVtc4KdQH%2BLiHDIj2Ans1%2BLI4tli0ucqQzWVOjjE4KTx988vvxqp%2B4jVt%2BPXnu6LnJK7N2aC7Cggs82CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f392891364085cfda5bf32943cb7ce6
b6a8daa68a5520f4fb5849afb60b53638751cca1
8d32c6e4a79694f967188f1e9e59502030464a5c30fd3a5fa6ee1bee34070fd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 950
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:52 GMT
Last-Modified: Fri, 16 Sep 2022 05:32:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/iq-usync
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/dyn/iq-usync
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f579f40b50c-OSL
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
X-Firefox-Spdy: h2
bat.bing.com/p/action/25094617.js
204.79.197.200200 OK 666 B URL HTTP/2 bat.bing.com/p/action/25094617.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 6201c1f1550198a55ae2e3b76eb7c6af
13dbe099b78097d554861de57cb7e4882acdd33a
c420003ad2cab9a760ab2bfe16a783257c8741671b2c97419f6da5b50a1f2a3e
GET /p/action/25094617.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 666
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2523AE2939EA6BF134B0BC08381F6A9D; domain=.bing.com; expires=Wed, 11-Oct-2023 05:47:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB85E15AC456454AA665195445A2F01E Ref B: OSL30EDGE0520 Ref C: 2022-09-16T05:47:52Z
date: Fri, 16 Sep 2022 05:47:52 GMT
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a708e8ad87852a3275397766b4f910a
10921226dd11703ba1d059163d3bf753012c4681
b3a8e126acdfb501f920f2ff52f2f81f5c630afc49fbc059df250b959fe92d10
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 05:42:58 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f392891364085cfda5bf32943cb7ce6
b6a8daa68a5520f4fb5849afb60b53638751cca1
8d32c6e4a79694f967188f1e9e59502030464a5c30fd3a5fa6ee1bee34070fd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 05:32:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2c8377c8fa7a0ea6cae1717bea39157
651663b16a956dff9eb39db58afbbb976cba027f
6683de9c805c3051f46612d5941419352d21df882661b15d7bf7303edea1887c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2410
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 05:07:43 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
X-Firefox-Spdy: h2
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
34.98.64.218200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Thu, 16 Sep 2021 05:47:53 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f57ff99b50c-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f8853f240b8ea14cc07b9a4bcd5652c4
d5119812e7ba4398ccb4b1ecc41e678db845aae8
bbe32fae427011bb0c926e6eb5a970e3552e302e4a9bce26c26211382fb1c250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 04:07:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
91.228.74.244302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP 91.228.74.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=dPB-23KmfNZv8nyKI_dhjCP3f9xvpXvbevUiYipN
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EFABDQGOJ82aswA; expires=Thu, 15-Dec-2022 05:47:53 GMT; path=/; domain=.quantserve.com
mc=63240e09-10ea4-ca433-f7486; expires=Tue, 17-Oct-2023 05:47:53 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
51.75.86.98204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP 51.75.86.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d883529bbcfa22eecc8ceb90814d4f8f
8efca9e943128c84096d0988c6de6e5455d09423
46f109a6cb518f3f542faa0a2ddae28a458b59096053b533c3d28f94aaac2fbc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 05:38:20 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PWhX8_e7mkymxU-1B5B4OX8QyWvtcr7dnKFP-G0-Lga9GXk6nqUlBw==
Age: 573
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash c66cb5b984a9bcd07a7921bb18e388a3
002fc5be7b8d9b8d9c56061287c96612c74a206f
6c5f55024e1a6aca3264c37bcdd5cdb701a8c151017191b82b448d9e1c9ae583
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 04:17:02 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pIfEb9qAJpceTe8n6IWizSf4N9YiejZZwOBrUYAEPHPnk7CgxKvitA==
Age: 5451
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 4ba0164e-2edf-4e88-b791-02b40dcf9dc0
Set-Cookie: uuid2=8161561945587759988; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 37811e9a96dfe3b29103af5ed614ec2e
53d9e242a420177bfc7cb202cf4e093121a2a5f1
2daac21bd9f882a8d6ab58d49ad1a5aa36cc7261931a8dd0ffbe43180155667a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 01:55:53 GMT
Expires: Wed, 21 Sep 2022 01:55:52 GMT
Etag: "53d9e242a420177bfc7cb202cf4e093121a2a5f1"
Cache-Control: max-age=417478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f58d954b503-OSL
router.infolinks.com/dyn/ix-usync?uid=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ix-usync?uid=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ix-usync?uid=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f586ff8b50c-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf650a7da677c881381c8902c747496f
066589fe6e0e3ff51945f028bfdce946ebea8aac
ac26d94ce990dfca5caebb3cb6c74bd2b6bdaa153f3e7e78cd558c6f0d595279
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 04:40:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.196.244.13302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.196.244.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=01e704b1-236a-4565-b543-2e27d6951c69; Expires=Thu, 15 Dec 2022 05:47:53 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1663307273; Expires=Thu, 15 Dec 2022 05:47:53 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Ftinycc.com%252Ftiny%252Fcustom_domain_redirect%252Fskype.2.vu%252Fk&pid=12306&adnxs_uid=$UID
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Ftinycc.com%252Ftiny%252Fcustom_domain_redirect%252Fskype.2.vu%252Fk&pid=12306&adnxs_uid=$UID
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Ftinycc.com%252Ftiny%252Fcustom_domain_redirect%252Fskype.2.vu%252Fk&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Ftinycc.com%25252Ftiny%25252Fcustom_domain_redirect%25252Fskype.2.vu%25252Fk%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 31af7d5e-663a-4bf9-aa1e-ba8584318130
Set-Cookie: uuid2=6574263731328899229; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be6d22676d9e62538873683de03f8d53
c9de44e51e8ac07e2fa096aab7fe057f871baa6c
f874f93f79cd317dd4cab27c6e9e72bac86c71b8ae64e50ff978f875d5c5222f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 04:49:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.184.125.137302 Found 0 B URL HTTP/2 pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.184.125.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
37.252.173.38302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: 18c67400-d898-46de-bfc2-abf78e2f325f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.196.244.13200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.196.244.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a708e8ad87852a3275397766b4f910a
10921226dd11703ba1d059163d3bf753012c4681
b3a8e126acdfb501f920f2ff52f2f81f5c630afc49fbc059df250b959fe92d10
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 05:42:58 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e3c83de875a9342e445b7953d827dc41
d5deaf955bdca84a2188c56a33a0c13a25dc128e
693fd5f7e9d01ac372764071ca4adab8d32092832206a081ecc0e7770f5cf240
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 02:15:45 GMT
Expires: Wed, 21 Sep 2022 02:15:44 GMT
Etag: "d5deaf955bdca84a2188c56a33a0c13a25dc128e"
Cache-Control: max-age=418670,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f5939d5b503-OSL
router.infolinks.com/dyn/qc-usync?&uid=dPB-23KmfNZv8nyKI_dhjCP3f9xvpXvbevUiYipN
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/qc-usync?&uid=dPB-23KmfNZv8nyKI_dhjCP3f9xvpXvbevUiYipN
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/qc-usync?&uid=dPB-23KmfNZv8nyKI_dhjCP3f9xvpXvbevUiYipN HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=dPB-23KmfNZv8nyKI_dhjCP3f9xvpXvbevUiYipN; Domain=infolinks.com; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Thu, 16 Sep 2021 05:47:53 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f58d866b50c-OSL
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAkOJGMCEFQNMqMhRqJn1bTHse24o2QFEgEBAQFfJWMtYwAAAAAA_eMAAA&S=AQAAAiSXgcrN8-K6lT_CCA4TiHk; Expires=Sat, 16 Sep 2023 11:47:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58422/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAkOJGMCEMikY1Qyg8PlppLJ4ipZWOsFEgEBAQFfJWMtYwAAAAAA_eMAAA&S=AQAAAoAECOeOV6C99ZFkgVIyRnQ; Expires=Sat, 16 Sep 2023 11:47:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Ftinycc.com%25252Ftiny%25252Fcustom_domain_redirect%25252Fskype.2.vu%25252Fk%26pid%3D12306%26adnxs_uid%3D%24UID
37.252.173.38302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Ftinycc.com%25252Ftiny%25252Fcustom_domain_redirect%25252Fskype.2.vu%25252Fk%26pid%3D12306%26adnxs_uid%3D%24UID
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Ftinycc.com%25252Ftiny%25252Fcustom_domain_redirect%25252Fskype.2.vu%25252Fk%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: 0e165404-809a-4a2d-97ec-aef5251582aa
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
p.rfihub.com/cm?pub=43153&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=43153&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 16 Sep 2022 05:47:53 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrQwsTAzMLcwNhbiM9R1qTJ1M8119kqriswDAP_5VaAlAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 Oct 2023 05:47:53 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrQwsTAzMLcwNhbiM9R1qTJ1M8119kqriswDAP_5VaAlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZmZsbGBuZG5sZGQKALGYB4IQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 Oct 2023 05:47:53 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5140084921848607833
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e8cf066ee197996a152d8eee679fced
9dbdcd2577e8875f8b155ffcc2adf43338a1162f
c3566049a9ac332fad36aee52daf84620049bf3d58e8954c98f101dda5b08fc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5578
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 05:47:53 GMT
Last-Modified: Fri, 16 Sep 2022 04:14:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 05:47:53 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAkOJGMCEKNb9VVc-8OdThVpxiG06DcFEgEBAQFfJWMtYwAAAAAA_eMAAA&S=AQAAAuZg2rl2aPnTYWBa0mp6xsY; Expires=Sat, 16 Sep 2023 11:47:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58422/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 16 Sep 2022 05:47:53 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAkOJGMCEKPEz3QfdcsWqPDslas79XsFEgEBAQFfJWMtYwAAAAAA_eMAAA&S=AQAAAi6g7v9VML__J0QWKdJ2Vrk; Expires=Sat, 16 Sep 2023 11:47:53 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 42f3801cdc82edf316b43dd9f98ac376
0b50040a1e6763560445f29991d194a621e46aef
717e9534d256fb81a083fcb0e8ec219de869848a23313144c4d489de97e8f6e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 01:57:48 GMT
Expires: Wed, 21 Sep 2022 01:57:47 GMT
Etag: "0b50040a1e6763560445f29991d194a621e46aef"
Cache-Control: max-age=417593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f598a2cb503-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 88585c9219a9ce565c70ecc0c28bd40a
cff3c785936486cc9800b38bf9b37e9d424c9a89
d3f4f585b326c19f0279b48de7dc23fe9d2ced370b7176b48f58b92a5337f223
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:33:41 GMT
Expires: Wed, 21 Sep 2022 23:33:40 GMT
Etag: "cff3c785936486cc9800b38bf9b37e9d424c9a89"
Cache-Control: max-age=495346,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f599f30b4e8-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 37811e9a96dfe3b29103af5ed614ec2e
53d9e242a420177bfc7cb202cf4e093121a2a5f1
2daac21bd9f882a8d6ab58d49ad1a5aa36cc7261931a8dd0ffbe43180155667a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 01:55:53 GMT
Expires: Wed, 21 Sep 2022 01:55:52 GMT
Etag: "53d9e242a420177bfc7cb202cf4e093121a2a5f1"
Cache-Control: max-age=417478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f58cebbb506-OSL
router.infolinks.com/dyn/apn-usync?user_id=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/apn-usync?user_id=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f597920b50c-OSL
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-YFH01MCCPD>m=2oe9e0&_p=1409208173&cid=1941962807.1663307257&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663307256&sct=1&seg=0&dl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&dt=Tiny.cc&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YFH01MCCPD>m=2oe9e0&_p=1409208173&cid=1941962807.1663307257&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663307256&sct=1&seg=0&dl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&dt=Tiny.cc&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YFH01MCCPD>m=2oe9e0&_p=1409208173&cid=1941962807.1663307257&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663307256&sct=1&seg=0&dl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&dt=Tiny.cc&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://tinycc.com
date: Fri, 16 Sep 2022 05:47:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
router.infolinks.com/dyn/r1-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/r1-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/r1-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: R1USERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Thu, 16 Sep 2021 05:47:53 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f598932b50c-OSL
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 7c6b701e8f0aaecd3bcafd501b96585e
3124005fb86a730548df21a19f498e250b1f1458
4a87c87dc1a171483d5e74de3451356da4ef64c1ac1d6d754e8aef98376e350a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 15 Sep 2022 21:56:20 GMT
Expires: Fri, 16 Sep 2022 21:56:20 GMT
ETag: "3124005fb86a730548df21a19f498e250b1f1458"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
64.202.112.223302 Found 70 B URL HTTP/1.1 b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP 64.202.112.223:0
File type HTML document, ASCII text
Hash 16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Fri, 16 Sep 2022 05:47:53 GMT
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
67.202.105.24204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP 67.202.105.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP004
date: Fri, 16 Sep 2022 05:47:52 GMT
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zeta-usync?uid=5140084921848607833
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zeta-usync?uid=5140084921848607833
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zeta-usync?uid=5140084921848607833 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5140084921848607833; Domain=infolinks.com; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Thu, 16 Sep 2021 05:47:53 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f59c969b50c-OSL
X-Firefox-Spdy: h2
router.infolinks.com/gsd?evt=afterGSD&pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&jsv=1819.019-3.025&_cb=16633072568640
172.66.42.247200 OK 343 B URL HTTP/2 router.infolinks.com/gsd?evt=afterGSD&pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&jsv=1819.019-3.025&_cb=16633072568640
IP 172.66.42.247:0
Hash ccd4babd63072ee7104c28680a892fa1
c4aace4e65663b366713e88245b85a7551ebd248
57fce66e7d84b1071a8430a421b951655012154ef0eed28c695b7f52d58f8e5e
GET /gsd?evt=afterGSD&pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&jsv=1819.019-3.025&_cb=16633072568640 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: text/javascript;charset=UTF-8
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: max-age=0
p3p: CP="NON DSP NID OUR COR"
set-cookie: cuid=c1a7483d-1e0f-4c3b-8ce5-c894b52baa8e; Domain=infolinks.com; Expires=Sun, 15-Sep-2024 05:47:52 GMT; Path=/; SameSite=None; Secure
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f566df0b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
69.166.1.10302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
IP 69.166.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-7-24
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=89424b9a-6d02-43a9-a7ea-d23c89fe8714
Server: sonobi-go
Set-Cookie: __uis=89424b9a-6d02-43a9-a7ea-d23c89fe8714; expires=Sun, 16 Oct 2022 05:47:52 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8724|YyQN+; path=/; domain=.go.sonobi.com; SameSite=None; secure
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1663307273296
213.19.147.45302 Found 35 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1663307273296
IP 213.19.147.45:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1663307273296 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zmn-usync?uid=
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zmn-usync?uid=
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f5a6a0ab50c-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 19e1f0e2bfcf4cbc3c8058137e14e25d
6c959f706c8ac88f00bc9a4dc9e1bfda95486c6e
cab9be7ae9f40a70d023a71b1acf91ed3aafdadb128c9ce99616ada5e65f2be3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 05:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 18:01:45 GMT
Expires: Wed, 21 Sep 2022 18:01:44 GMT
Etag: "6c959f706c8ac88f00bc9a4dc9e1bfda95486c6e"
Cache-Control: max-age=475430,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b74f5a1aaab503-OSL
s.cpx.to/ca.png?ref=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&pid=12306&adnxs_uid=0
34.249.238.57200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?ref=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&pid=12306&adnxs_uid=0
IP 34.249.238.57:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?ref=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Fri, 16 Sep 2022 05:47:53 GMT
Expires: Fri, 16 Sep 2022 05:47:53 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache, no-cache
Set-Cookie: cpSess=594cb1471b6c824e; Expires=Sat, 16 Sep 2023 05:47:53 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
router.infolinks.com/dyn/sonobi-usync?uid=89424b9a-6d02-43a9-a7ea-d23c89fe8714
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/sonobi-usync?uid=89424b9a-6d02-43a9-a7ea-d23c89fe8714
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/sonobi-usync?uid=89424b9a-6d02-43a9-a7ea-d23c89fe8714 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=89424b9a-6d02-43a9-a7ea-d23c89fe8714; Domain=infolinks.com; Expires=Thu, 15-Dec-2022 05:47:53 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Thu, 16 Sep 2021 05:47:53 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f5b0acfb50c-OSL
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 129 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2831)
Size 129 kB (128594 bytes)
Hash 50d626941b4ee04ffd8db40517d8efb0
b199efdcee797a379c48301caeeb8cd5754d1a90
602eefbadac2e37076b6daa8b56f24befe2b33d4b97c799695171aafd43fc57a
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128594
date: Fri, 16 Sep 2022 05:47:53 GMT
expires: Fri, 16 Sep 2022 05:47:53 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13453
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 05:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13453
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 05:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13453
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 05:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13453
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 05:47:53 GMT
Connection: keep-alive
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1663307273157
213.19.147.45302 Found 10 kB URL HTTP/2 sync.1rx.io/usersync2/infolinks?zcc=1&cb=1663307273157
IP 213.19.147.45:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /usersync2/infolinks?zcc=1&cb=1663307273157 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 29023
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3eb4aa92-edbe-4eb2-a1a4-0526bce5b13f.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3eb4aa92-edbe-4eb2-a1a4-0526bce5b13f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e990e4086570a10e2b3ec85aace1b82
742c33d879e3d0a21ff90b090960870a5cd0bb04
dd01ff5d019e5017ad49330f28dc0e09c768c8e66c2cc6b387d553642dc365fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3eb4aa92-edbe-4eb2-a1a4-0526bce5b13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6300
x-amzn-requestid: c7bbe10c-76da-4cb4-a34c-2a0319d3b7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkXGpPIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae8-51191d655852f60d5cf280fc;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8y9suBepMTTS0MOqnZd7zzSHFLdKVnjIjoeZ2xmkIuMMZ15m5tbwqw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "742c33d879e3d0a21ff90b090960870a5cd0bb04"
content-type: image/jpeg
age: 28638
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bedb04287b8f09d30fed0ae386b9bcc
2b8a6de0faac5c1a99b48c28da9c05f520ef6add
cec3955f3330184ace4388b7c00262b52c9ca43e9ece6fb8f2fdec2ee9e53a9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4955
x-amzn-requestid: e7c21397-14e0-42fd-86f3-3f1e6940da8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0zG1uIAMF_mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b51-386abef75b6435a0656e86cd;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w0izptVhe4GTDP0l4M18uTvK6vQeKiiaGSZ5UfZATWGIyjL5C8sURQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:55:30 GMT
etag: "2b8a6de0faac5c1a99b48c28da9c05f520ef6add"
content-type: image/jpeg
age: 28343
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ac817a0-279c-44ad-92b0-a799997b91ed.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ac817a0-279c-44ad-92b0-a799997b91ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 918f9961aa6acc47b01feb731750d208
2029669d941625cb78a23b52cd6511af111c8591
1f8cfc977ecea3b3dba2992fd4e310f8d426be1316c467f516e5ed2332ecaf96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ac817a0-279c-44ad-92b0-a799997b91ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8843
x-amzn-requestid: 055dc4af-96bb-48af-823a-56e606701c01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVAlFseoAMFurw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b9d-67ba7aaf2b588234573e1c9c;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WkdIyxNFlhmlhe5c3iNkCNWQmRrMrfKqD4pYMe5J7iYzUgo0XorwAg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:53:59 GMT
age: 28434
etag: "2029669d941625cb78a23b52cd6511af111c8591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbd68450-8c97-4e9a-a798-8484ec30f381.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbd68450-8c97-4e9a-a798-8484ec30f381.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4f3e6b013d785036c9b9c16aef3404f
28bf10400e47ad48eee5db04829b88340e021840
98596627e914528b177b8a3d2be8766bdf210c62415961ab99afefa465440819
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbd68450-8c97-4e9a-a798-8484ec30f381.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8854
x-amzn-requestid: ae78dca7-cd78-40ad-8ef3-5b287d99b0e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1suGFuoAMFptg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3651-12f3fedb07f856af06e8b1e5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:01:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1Q93ahPFyzjb40UxQcoDZPKkpLtrkcj1vE_mB4AW2Gn9CAibFnd6A==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:03:47 GMT
age: 27846
etag: "28bf10400e47ad48eee5db04829b88340e021840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
72.251.249.9204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP 72.251.249.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 16 Sep 2022 05:47:54 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap3ams1
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 17034
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://tinycc.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 05:47:53 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&RedC=c.clarity.ms&MXFR=2DC041B8C65B67D91D0C5399C25B6951
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2DC041B8C65B67D91D0C5399C25B6951; domain=.clarity.ms; expires=Wed, 11-Oct-2023 05:47:54 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 16 Sep 2022 05:47:54 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&RedC=c.clarity.ms&MXFR=2DC041B8C65B67D91D0C5399C25B6951
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&RedC=c.clarity.ms&MXFR=2DC041B8C65B67D91D0C5399C25B6951
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&RedC=c.clarity.ms&MXFR=2DC041B8C65B67D91D0C5399C25B6951 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinycc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&MUID=023A15F258E06D1D0F4107D359156CAA
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=023A15F258E06D1D0F4107D359156CAA; domain=c.bing.com; expires=Wed, 11-Oct-2023 05:47:54 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF84644BC1FD4DDEB9F1373B89A8D43D Ref B: OSL30EDGE0520 Ref C: 2022-09-16T05:47:54Z
date: Fri, 16 Sep 2022 05:47:53 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&MUID=023A15F258E06D1D0F4107D359156CAA
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&MUID=023A15F258E06D1D0F4107D359156CAA
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=5E79E345351F49E18ADDDBC0ED26CA4D&MUID=023A15F258E06D1D0F4107D359156CAA HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinycc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 16-Sep-2022 05:57:54 GMT; path=/; SameSite=None; Secure;
date: Fri, 16 Sep 2022 05:47:54 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 48407
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://tinycc.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 05:47:54 GMT
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 3208be643d8d954ea15dbe89590ba8dd
c7fca0ef81d82cf2e0d5a0f16869aa81b5cdde0a
301a26a5c8f9160a23b081ef5a42c8dbae185fd8a8f3f986ea43ad0273bcef9c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 16 Sep 2022 05:47:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 15 Sep 2022 22:20:06 GMT
Expires: Fri, 16 Sep 2022 22:20:06 GMT
ETag: "c7fca0ef81d82cf2e0d5a0f16869aa81b5cdde0a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.1rx.io/usersync2/rmpssp?sub=infolinks
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP 213.19.147.45:0
GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-06a26b75-2c1e-444c-a58a-2f40cec36a3b-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Sat, 16 Sep 2023 05:47:53 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1663307273296
etag: RX06a26b752c1e444ca58a2f40cec36a3b003
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Coda|Roboto
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Coda|Roboto
IP 142.250.74.10:0
GET /css?family=Coda|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 05:47:52 GMT
date: Fri, 16 Sep 2022 05:47:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/infolinks
213.19.147.45302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/infolinks
IP 213.19.147.45:0
GET /usersync2/infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-ca688ab2-702e-4870-a467-10030f253c50-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Sat, 16 Sep 2023 05:47:53 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1663307273157
etag: RXca688ab2702e4870a46710030f253c50003
X-Firefox-Spdy: h2
rt3013.infolinks.com/action/doq.htm?pcode=utf-8&r=16633072570171
172.66.42.247200 OK 0 B URL HTTP/2 rt3013.infolinks.com/action/doq.htm?pcode=utf-8&r=16633072570171
IP 172.66.42.247:0
POST /action/doq.htm?pcode=utf-8&r=16633072570171 HTTP/1.1
Host: rt3013.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1509
Origin: https://tinycc.com
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
access-control-allow-origin: https://tinycc.com
vary: Origin
access-control-allow-credentials: true
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cuid=c1a7483d-1e0f-4c3b-8ce5-c894b52baa8e; Domain=infolinks.com; Expires=Sun, 15-Sep-2024 05:47:53 GMT; Path=/; SameSite=None
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f578f850b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
104.18.19.126200 OK 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP 104.18.19.126:0
GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html
cf-ray: 74b74f58095eb4eb-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXpNXNU%2F1fbBV2d%2F0P3OSTZdtqLM0jpUT32Z0UU0pkTMhoJsoxVSjK63VRTpayqZYblirwT%2BVAxQEknBAzncPAAa67j2CrEu4FGC0CooHTbITq46DjOuMaFlmrQmhDKoBUqm1Y%2BqN4%2FYAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.infolinks.com/js/1819.019-3.025/in_search.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/1819.019-3.025/in_search.js
IP 172.66.42.247:0
GET /js/1819.019-3.025/in_search.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:47 GMT
etag: W/"3762b-5e825ac6d0b12"
cache-control: max-age=2592000
expires: Sun, 16 Oct 2022 05:32:08 GMT
via: 1.1 google
cf-cache-status: HIT
age: 945
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b74f5bab87b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/25094617
40.90.65.32200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/25094617
IP 40.90.65.32:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/25094617 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b7f7df4b5f3c4763919cc3002665393a.20220916.20230916; expires=Sat, 16 Sep 2023 05:47:53 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CQ4kYwAAAADAmv9dinn9Soe7lOyuM8U2TVVDMzBFREdFMDYxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 16 Sep 2022 05:47:52 GMT
X-Firefox-Spdy: h2
resources.infolinks.com/js/vidice/2.0/vidice.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/vidice/2.0/vidice.js
IP 172.66.42.247:0
GET /js/vidice/2.0/vidice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: application/javascript
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
etag: W/"5344d-5d6649709d511"
cache-control: max-age=2592000
expires: Sun, 16 Oct 2022 02:57:32 GMT
via: 1.1 google
cf-cache-status: HIT
age: 10221
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b74f5cec92b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/1819.019-3.025/ice.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/1819.019-3.025/ice.js
IP 172.66.42.247:0
GET /js/1819.019-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:47 GMT
etag: W/"2d0ea-5e825ac6d0efa"
cache-control: max-age=2592000
expires: Sun, 16 Oct 2022 05:13:36 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2056
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b74f55dd55b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
resources.infolinks.com/js/infolinks_main.js
172.66.42.247200 OK 0 B URL HTTP/2 resources.infolinks.com/js/infolinks_main.js
IP 172.66.42.247:0
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 08:22:44 GMT
etag: W/"de0-5e876999db5ed"
cache-control: max-age=3600
expires: Fri, 16 Sep 2022 05:23:55 GMT
via: 1.1 google
cf-cache-status: HIT
age: 5037
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b74f533a76b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
router.infolinks.com/usync/manage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/manage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk
IP 172.66.42.247:0
GET /usync/manage?pid=3234219&wsid=0&pdom=tinycc.com&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:52 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f566debb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rt3013.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22cache%22%2C%22scs%22%3A%22fiC4N0p01j%22%7D%5D&rid=f4fa8bb6-9eee-4c12-8329-efd0a246b38a&jsv=1819.019-3.025&sr=1280X1024&rts=1663307257759&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Firefox&bv=96.0&dv=p&ce=t&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&tzo=-0000&c=c&strg=true&rsd=Og3ogn9Q3iYEzxXctCD2LVf7WGD2UI9JA_Jtg3RjRPkj2OyXQLV4deoREn4CYiz44gnilBXhnbfKIEecGOgY89ElttKfhvbOTT_FeWzkRIJJRTjr432FXM4vfDte0ZdlZ_mC-aCfiwaCp45rP2s871jC7cRHGjcF&rsk=14&rcs=FmaRYweEuInVdX2r2ZLxGg&hbnr=false
172.66.42.247200 OK 0 B URL HTTP/2 rt3013.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22cache%22%2C%22scs%22%3A%22fiC4N0p01j%22%7D%5D&rid=f4fa8bb6-9eee-4c12-8329-efd0a246b38a&jsv=1819.019-3.025&sr=1280X1024&rts=1663307257759&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Firefox&bv=96.0&dv=p&ce=t&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&tzo=-0000&c=c&strg=true&rsd=Og3ogn9Q3iYEzxXctCD2LVf7WGD2UI9JA_Jtg3RjRPkj2OyXQLV4deoREn4CYiz44gnilBXhnbfKIEecGOgY89ElttKfhvbOTT_FeWzkRIJJRTjr432FXM4vfDte0ZdlZ_mC-aCfiwaCp45rP2s871jC7cRHGjcF&rsk=14&rcs=FmaRYweEuInVdX2r2ZLxGg&hbnr=false
IP 172.66.42.247:0
GET /action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22cache%22%2C%22scs%22%3A%22fiC4N0p01j%22%7D%5D&rid=f4fa8bb6-9eee-4c12-8329-efd0a246b38a&jsv=1819.019-3.025&sr=1280X1024&rts=1663307257759&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Firefox&bv=96.0&dv=p&ce=t&purl=https%3A%2F%2Ftinycc.com%2Ftiny%2Fcustom_domain_redirect%2Fskype.2.vu%2Fk&tzo=-0000&c=c&strg=true&rsd=Og3ogn9Q3iYEzxXctCD2LVf7WGD2UI9JA_Jtg3RjRPkj2OyXQLV4deoREn4CYiz44gnilBXhnbfKIEecGOgY89ElttKfhvbOTT_FeWzkRIJJRTjr432FXM4vfDte0ZdlZ_mC-aCfiwaCp45rP2s871jC7cRHGjcF&rsk=14&rcs=FmaRYweEuInVdX2r2ZLxGg&hbnr=false HTTP/1.1
Host: rt3013.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinycc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 05:47:53 GMT
content-type: text/html;charset=UTF-8
x-application-context: application:prod
cache-control: no-cache,no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
content-language: en-US
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b74f5c0bd6b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2