Report - tinyurl.com/4zkwjrpx

Report Overview

Submitted URL
tinyurl.com/4zkwjrpx
IP
104.20.139.65
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-20 07:57:16
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sync.smartadserver.com	2157	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	722 B	185.86.137.132
pixel-sync.sitescout.com	593	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	575 B	264 B	98.98.134.242
ads.pubmatic.com	469	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	7.7 kB	23.38.200.201
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	612 B	143.204.55.20
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	11 kB	192.124.249.23
d.pub.network	6618	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	211 kB	34.160.110.8
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	11 kB	143.204.42.88
colossusssp.com	2212	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	236 B	8.2.111.123
a.ad.gt	4743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	5.1 kB	104.22.4.69
pixel.tapad.com	400	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.2 kB	35.227.248.159
cdn.id5-sync.com	1748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	18 kB	104.22.53.86
eus.rubiconproject.com	556	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	10 kB	104.88.9.101
a.pub.network	6324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	245 kB	104.18.21.206
audit-tcfv2.cmp.quantcast.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	854 B	166 B	52.58.102.196
api.floors.dev	10098	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	982 B	16 kB	34.160.128.112
btlr.sharethrough.com	1262	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	1.5 kB	3.120.80.118
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	11 kB	142.250.74.131
c.amazon-adsystem.com	300	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	1.3 kB	143.204.46.73
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	14 kB	93.184.220.29
static.criteo.net	652	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	783 B	60 kB	178.250.2.130
c1.adform.net	588	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	580 B	37.157.5.141
fastlane.rubiconproject.com	459	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.2 kB	213.19.162.21
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	912 B	884 B	35.71.131.137
bidder.criteo.com	750	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	451 B	178.250.0.165
id.hadron.ad.gt	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	871 B	104.22.5.69
image2.pubmatic.com	873	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	889 B	185.64.190.80
image8.pubmatic.com	591	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	936 B	198.47.127.18
cdn.confiant-integrations.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	563 B	104.18.17.107
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
s2s.t13.io	26622	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	964 B	34.107.140.113
aax-dtb-cf.amazon-adsystem.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	627 B	54.230.241.131
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	95.101.11.115
freestar-io.videoplayerhub.com	7518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	991 B	104.26.8.50
sb.scorecardresearch.com	134	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	46 kB	143.204.55.94
ad.360yield.com	657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	922 B	18.158.165.92
psp.pushnami.com	16030	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	983 B	791 B	52.54.160.235
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
pixel-eu.rubiconproject.com	2265	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	237 B	69.173.144.138
image6.pubmatic.com	637	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	381 B	185.64.190.78
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	69 kB	34.120.237.76
hbopenbid.pubmatic.com	455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	222 B	185.64.189.112
grid.bidswitch.net	1211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	339 B	35.157.198.68
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	24 kB	142.250.74.110
ad.doubleclick.net	186	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	986 B	142.250.74.166
dnacdn.net	3760	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	629 B	178.250.0.157
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	178.250.0.157
ids.ad.gt	4355	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	2.7 kB	44.241.175.242
acdn.adnxs.com	573	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	18 kB	151.101.129.108
simage4.pubmatic.com	1129	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	581 B	320 B	185.64.190.81
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	18 kB	108.177.14.157
tlx.3lift.com	598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	567 B	720 B	3.67.212.83
hbx.media.net	1422	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	548 B	838 B	23.38.200.22
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	570 B	605 B	54.171.68.161
secure.cdn.fastclick.net	1815	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	18 kB	23.61.233.63
tinyurl.com	10084	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	946 B	2.6 kB	104.20.139.65
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.52.254
api.pushnami.com	3782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	15 kB	54.230.111.75
api.btloader.com	1320	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	345 B	130.211.23.194
cs.emxdgt.com	858	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	641 B	124 B	3.75.3.113
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	142.250.74.34
pixel.rubiconproject.com	314	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	237 B	69.173.144.138
sync.srv.stackadapt.com	855	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	687 B	44.195.94.142
btloader.com	169057	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	751 B	104.26.6.139
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	95.101.11.115
trc.pushnami.com	3888	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	997 B	617 B	34.200.96.220
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	1.9 kB	104.18.20.226
p.ad.gt	5338	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	13 kB	104.22.4.69
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	29 kB	31.13.72.12
ad-delivery.net	1341	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	1.3 kB	104.26.2.70
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	875 B	185.89.210.101
ads.yieldmo.com	676	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	546 B	580 B	52.30.8.210
www.googletagservices.com	169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	29 kB	216.58.211.2
ib.adnxs.com	241	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	1.1 kB	185.89.210.153
eb2.3lift.com	402	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	479 B	206 B	76.223.111.18
cmp.quantcast.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.0 kB	143.204.55.76
x.bidswitch.net	286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	2.9 kB	18.159.74.210

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-19	medium	tinyurl.com/4zkwjrpx	Orange

PhishTank

Scan Date	Severity	Indicator	Alert
2023-01-19	medium	tinyurl.com/4zkwjrpx	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-20	medium	tinyurl.com/4zkwjrpx	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (50)

	URL	Size	First Seen	Last Seen
	acdn.adnxs.com/dmp/async_usersync.html	53 kB	2023-03-07	2023-12-07
Pretty URL acdn.adnxs.com/dmp/async_usersync.html IP 151.101.129.108 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:46 Last Seen2023-12-07 18:10:42 Times Seen719 Hash b9209c89b2e3e289b9354d90fe0a28e4 e335cad88fe42d0803d89b9deacee8925cc1d75c eb465362ecc5bb3962677fd3fe5b096d57864d446f4d2cdee069b8b6556a586d Loading...

	cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&ref=&_it=freestar&partner_id=474	56 kB	2023-03-08	2023-05-22
Pretty URL cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&ref=&_it=freestar&partner_id=474 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:44:31 Last Seen2023-05-22 18:26:08 Times Seen1152 Hash 2280e2148e4ee3c06f679f8fac039778 7dd8da8cd8f1e39adbd3bf5435f97e14d5d1fcd5 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825 Loading...

	cmp.quantcast.com/tcfv2/45/cmp2ui-en.js	254 kB	2023-03-08	2023-04-07
Pretty URL cmp.quantcast.com/tcfv2/45/cmp2ui-en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:59 Last Seen2023-04-07 13:34:26 Times Seen6 Hash 39d0cac7e548f81f1e1e1c36db3c775e dcb7054ba89e3df9d4066a1443c8dde7217b925e 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628 Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071727	394 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071727 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:51:15 Last Seen2023-03-13 05:59:23 Times Seen1 Hash 505a3733a74d3f685f0ca6601d68bc3c 294f3da1769dd66fe1eb306c6558ba25c129fa5a f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c Loading...

	c.amazon-adsystem.com/aax2/apstag.js	183 kB	2023-03-13	2023-03-13
Pretty URL c.amazon-adsystem.com/aax2/apstag.js IP 143.204.46.73 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:45:22 Last Seen2023-03-13 07:05:31 Times Seen1 Hash 82ba66ad1a339d2375e1fbac8da251b3 4f2b5864e80b7cee7c67df3234099459fb5c1559 c15904403ee1666afdcb0f4df49e8b219fb1e149dc05abcd415a37832551de54 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.google-analytics.com/plugins/ua/ecommerce.js	1.4 kB	2023-03-07	2024-03-29
Pretty URL www.google-analytics.com/plugins/ua/ecommerce.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:11 Last Seen2024-03-29 17:20:31 Times Seen107 Hash fd02edf106d5501f7e87d17452887750 500f64b65cf47e7a10b720648054c208f61f4719 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Loading...

	ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID	1.7 kB	2023-03-08	2023-03-17
Pretty URL ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID IP 23.38.200.201 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:01 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 33c1736dc4614876d1536e2dad54357c 06a0ba6c3be9e07eb4ed999771cfe68b5208a381 fd937b2d24f04ee2d97046130c2b0dc120fbb0c715f1101e7ddbcf6ac68ae174 Loading...

	api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87	254 kB	2023-03-09	2023-03-13
Pretty URL api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:43:07 Last Seen2023-03-13 08:16:38 Times Seen1 Hash 44c9a890d136dc0f3e6f9efd6c1e73cd 5c8df14ad432235dc880086d7f9d0fa92eaf9a3c 27ce8f106b2830d4d531c33bd02468a13c44fb56dcd8183ca454eee458fa9368 Loading...

	a.pub.network/tinyurl-com/pubfig.min.js	171 kB	2023-03-12	2023-03-13
Pretty URL a.pub.network/tinyurl-com/pubfig.min.js IP 104.18.21.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:29:31 Last Seen2023-03-13 06:39:22 Times Seen1 Hash f40ec14bc52dad3554c26afa9435a641 c0adbda3a12046edfdcc3aa6ab55a060cd7ec3df 432d6ddf3dd486ee8e29f8e538360b04ce7d8fa39b60af7e59e1ea213f576c5c Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:49 Last Seen2023-03-13 08:53:57 Times Seen1 Hash ab83678e33d91a4c05df6e3d3f200bce 499efc34dc56dbc5e8a6fdb3a7dc4cfda2a3848d ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	547 B	2023-03-08	2023-05-15
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:48:14 Last Seen2023-05-15 04:35:02 Times Seen356 Hash 15bba06b30a1db93502962f5c5551921 ee4faf6d6f2e398c479cea4b080ff032d89604db 29fa693ec2fe71abdce68e96dfec90e9b94f9526546e91c4a64a638a1ee46724 Loading...

	static.criteo.net/js/ld/publishertag.prebid.130.js	90 kB	2023-03-07	2023-04-05
Pretty URL static.criteo.net/js/ld/publishertag.prebid.130.js IP 178.250.2.130 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:43:09 Last Seen2023-04-05 02:01:15 Times Seen28 Hash 3c26caaf9394ff0a83109d1d5d0dd349 b72aa136b5e63cbca7cf5dc79c2f91679bdf88a8 a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628 Loading...

	stats.g.doubleclick.net/dc.js	46 kB	2023-03-07	2023-11-30
Pretty URL stats.g.doubleclick.net/dc.js IP 108.177.14.157 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:40 Last Seen2023-11-30 13:06:41 Times Seen245 Hash de8ca47c1eda5087d5d609cb5cef2301 e2dce4950f10e4a1757a1163575086a620857e17 6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8 Loading...

	freestar-io.videoplayerhub.com/gallery.js	952 kB	2023-03-13	2023-03-13
Pretty URL freestar-io.videoplayerhub.com/gallery.js IP 104.26.8.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:51:27 Times Seen1 Hash b47605a2e8a22cc4f7bf297e382d434e bac188002645114eb9087d7cd29f3c571fcbcab9 59f5cc0cda8b681dd5785173a4f087bc2378bb5833e4fd885890b6cc0d3038c4 Loading...

	secure.quantserve.com/quant.js	26 kB	2023-03-13	2023-03-13
Pretty URL secure.quantserve.com/quant.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:02:32 Last Seen2023-03-13 12:35:24 Times Seen1 Hash 3958b8cfa5b8a8cf8aa10119951821e7 09ac8452c9000a2959af2a6c7c00a6affc7e3bee f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9 Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-24
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 19:10:50 Times Seen1644 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

	ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---	16 kB	2023-03-09	2023-07-05
Pretty URL ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- IP 23.38.200.201 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:00:59 Last Seen2023-07-05 20:40:24 Times Seen661 Hash 5cdd86112f9012cc5bf30638358c2cd6 1606237627472651a62088a0b668c9df589abb90 b0e303d3a406110aae76a4c7f052d15c49ebf703db0f0185875a3532cb3b3f44 Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	191 B	2023-03-08	2023-04-02
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:57 Last Seen2023-04-02 21:21:23 Times Seen18 Hash 2ec3842e0697fa973e4f2f94dfab5168 ac6bdb910f80638dd4789612a6398c4764531e77 91545ea8723cd53d5858bd26d0ab7ab814c8850fc08f98fd7113a8fce3b56e32 Loading...

	www.googletagservices.com/tag/js/gpt.js	83 kB	2023-03-13	2023-03-13
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:45:20 Last Seen2023-03-13 04:03:02 Times Seen1 Hash 7a319f2ba904a37a806816a309fb6af4 34b2bcce57c0f1c5eae616f07a7a1bfd7a749606 8b5ba83b4791a53cde478cb183daef6bb8ede5d621a4d63da412cf628f965edd Loading...

	image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB	60 B	2023-03-13	2023-03-13
Pretty URL image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB IP 185.64.190.78 ASN #62713 AS-PUBMATIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:50:32 Times Seen1 Hash 6e35e70bdb5ce5b916b42f4116a71abb ec97d7c867098a2495d38337f30d8e00f8f0b1e7 a7e9d8f57a41ff943f014ec6f587f251f7052b372eff4cf64089507a31b8ddd6 Loading...

	id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid	56 kB	2023-03-09	2023-03-26
Pretty URL id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:43:07 Last Seen2023-03-26 11:19:49 Times Seen17 Hash 5ebd5b309321691a058c08fd4df36c23 2b5c97b9cadfad4360e468f705a37314f73438d3 d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2 Loading...

	a.ad.gt/api/v1/u/matches/474?_it=prebid	11 kB	2023-03-13	2023-03-13
Pretty URL a.ad.gt/api/v1/u/matches/474?_it=prebid IP 104.22.4.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:50:32 Times Seen1 Hash 5da2e8f897712e14088bd344d3027ae3 b00f9d96a0ff1cd1dc44b93d6e71fa9df1ae84d7 512e110d0d2d78d58ef7eb7715d503b4bb7b2f9d9302eb388f342e5d969088f8 Loading...

	pixels.ad.gt/api/v1/getpixels?tagger_id=84ff5a7409c275fc9f77509de6ad4e0f&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&code=%27none%27	0 B	2023-03-07	2024-04-25
Pretty URL pixels.ad.gt/api/v1/getpixels?tagger_id=84ff5a7409c275fc9f77509de6ad4e0f&url=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&code=%27none%27 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:40:52 Times Seen37069872 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	484 B	2023-03-07	2023-04-02
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:23 Last Seen2023-04-02 21:21:23 Times Seen22 Hash 70aca332893fe2c83c37db76f4877386 bec1008e73c586134a663b943667509426f781c2 151b0c3dc6a221943b3aa19c65b5eec00ca39a33cdaafcbb7533deaff9816852 Loading...

	sb.scorecardresearch.com/beacon.js	3.9 kB	2023-03-07	2024-01-14
Pretty URL sb.scorecardresearch.com/beacon.js IP 143.204.55.94 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-01-14 12:48:16 Times Seen58 Hash eaf85c1c6758e84acfe134efd70e9373 5caec39b3ce7c2ec9912aff8ae6fa05aa9fb757e ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Loading...

	cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com	181 kB	2023-03-08	2023-07-05
Pretty URL cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com IP 143.204.55.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-07-05 16:30:54 Times Seen12 Hash 37fdfbac0c6ef64496f7d86258c934a8 7dd69c15982b8d76d6fb41b4a23d04a6974acc24 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01 Loading...

	cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js	221 kB	2023-03-10	2023-03-26
Pretty URL cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:44:36 Last Seen2023-03-26 07:10:00 Times Seen31 Hash 740fe69d2089bf50803f1c3286275de6 60fc9a9860a8e9f8101212e265a9461436532867 b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2 Loading...

	a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js	236 kB	2023-03-10	2023-03-13
Pretty URL a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js IP 104.18.21.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:37:57 Last Seen2023-03-13 06:39:21 Times Seen1 Hash 4fa0fe97247218d3c79d543fa663d902 b976079f440802e40c43242fa15e14f45ab3e185 28683ef17a7d259c922f686a6dfab97c2776f52ce42e56539198f060e526df48 Loading...

	connect.facebook.net/signals/config/1853083501571805?v=2.9.94&r=stable	389 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/1853083501571805?v=2.9.94&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:50:32 Times Seen1 Hash 1549bbb74beb2215a38ad3aa7a198da7 cbbcb5b8c5443f1b23dc25acf09294e058274cc4 7cb731d42813e7ea6eb070c82ad746c5d5984afe63e3b3c5cf2507bb2841c327 Loading...

	p.ad.gt/api/v1/p/474	41 kB	2023-03-12	2023-03-13
Pretty URL p.ad.gt/api/v1/p/474 IP 104.22.4.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:56:21 Last Seen2023-03-13 06:39:21 Times Seen1 Hash 97613d436ad662a15a59b9403b38ba87 c547c73279a6259881411a0816169b764ba1292f 50ab623580aa45059dd03390645159034ac38e58dd63d5e1e579d4103db77d68 Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	445 B	2023-03-07	2023-04-01
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:23 Last Seen2023-04-01 10:29:03 Times Seen21 Hash c7c11ee9fe83492fea064f0fd85cdd96 0009cc891741d0c228adffa0103f40e6e745fa13 e1b0401d67ff94b8e501f55b2c6e0743366578f2d8075b102ee076a4e2429898 Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	390 B	2023-03-08	2023-07-24
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:57 Last Seen2023-07-24 14:07:25 Times Seen23 Hash 755cc24953ccbefe1a7acd6b0f921c13 cc5089a3d0f05f53a7dba067dd6833f033e2900f f3e41f6cd2bc9a2ea8cda87221f1049eac69400b00c811b8f70c353b00fbf948 Loading...

	a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js	459 kB	2023-03-10	2023-03-13
Pretty URL a.pub.network/core/pubfig/pubfig.engine.4.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:37:57 Last Seen2023-03-13 06:39:21 Times Seen1 Hash d859b6277b86646acab1ee658cbc4fa8 b62b94b5d2bcd045b8ae1694eb4f312b34f865df f2e4499174bb439ac16aeabf51a3843e5312e7a035fd859bc179ab34b08d9cdd Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	363 B	2023-03-07	2023-12-27
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:45 Last Seen2023-12-27 05:36:02 Times Seen636 Hash a6d0e6b626e6efdee1437d275325df2c e951fbfe3bbe031ebcc8b2ba09c439a74532ca1b f4fdb9c59dfce995221ef7bad8180912d11300448b93972526586bf4b581a625 Loading...

	a.pub.network/core/prebid-analytics-7.19.8.js	560 kB	2023-03-09	2023-05-09
Pretty URL a.pub.network/core/prebid-analytics-7.19.8.js IP 104.18.21.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:28:15 Last Seen2023-05-09 10:07:12 Times Seen6 Hash 51ace935aa2aa7ac94ab810fd2e22d1d c540de4b927763fedd9eccf753b3ca534edba0f8 94659d833506ce389c63600cfca80aa079eb4fca4c67736dfbeec87dfe6885fa Loading...

	eus.rubiconproject.com/usync.js	34 kB	2023-03-13	2023-03-13
Pretty URL eus.rubiconproject.com/usync.js IP 104.88.9.101 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 04:09:48 Times Seen1 Hash 692d0efe04d026bca6492dc74a4bc036 abdbb807fd18c0568d4d93de6573cc5f85d1aa11 6815696a0bf728565704455eb101c5d3be081b1ce04abac6c711e082fbb6f933 Loading...

	connect.facebook.net/signals/config/196261077476671?v=2.9.94&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/196261077476671?v=2.9.94&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:50:32 Times Seen1 Hash 24cf1f2ac50aa64203c854680d98d8d8 34df98a26e732d68097b792f0383143f5e6e0042 20ec9521352835a590a68034544da76556620f368781ea01a2abc475dae532d6 Loading...

	cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2	4.9 kB	2023-03-07	2023-03-13
Pretty URL cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 IP 143.204.55.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:23:42 Last Seen2023-03-13 08:16:38 Times Seen1 Hash 9b1bcf279ce40fabb7d1a9fa392e9538 02c4f7fdabb5b10b5a15ade111eeee65cc4a8687 3dc2024d040e9fd2c86538442752902779b5db67377a394482fa58766abf8ee5 Loading...

	api.pushnami.com/scripts/v1/hub	2.2 kB	2023-03-07	2023-04-05
Pretty URL api.pushnami.com/scripts/v1/hub IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:18 Last Seen2023-04-05 02:09:14 Times Seen248 Hash 4f3d09e06f20622c845f37aa0ef256d1 49fe8f902accecd54149545b5ccfe345d58d4ad9 36b8028fa60ceb91035f7663de0d56ba8ff9b8d6f3c1e0b7ade9d3c13ec74807 Loading...

	rules.quantcount.com/rules-p-UeXruRVtZz7w6.js	1.7 kB	2023-03-07	2023-05-04
Pretty URL rules.quantcount.com/rules-p-UeXruRVtZz7w6.js IP 143.204.55.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2023-05-04 12:47:24 Times Seen40 Hash cbc97d16c77ea1fcbbf42d246001e982 3420adbed7ed8a390fc771728429b4b1719e1dfe a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec Loading...

	cdn.id5-sync.com/api/1.0/id5-api.js	59 kB	2023-03-13	2023-03-13
Pretty URL cdn.id5-sync.com/api/1.0/id5-api.js IP 104.22.53.86 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:15:52 Last Seen2023-03-13 19:38:07 Times Seen1 Hash 4d61440f9cbdbb9b0b5a43273c7c3caf c8fee4ffcf1d2f6d6bf06286dc003b7eb92f7529 746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0 Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	451 B	2023-03-07	2023-04-02
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:23 Last Seen2023-04-02 21:21:23 Times Seen22 Hash 6f68341838056f8a6b598fed52aa2667 c7af8308e8743153dd215a72834bab94e3cc2628 d4cd2a64223fea5028f0cb8912aa65bc4d509e367ff0624806c0a331edecbe6d Loading...

	tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated	193 B	2023-03-08	2023-04-01
Pretty URL tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated IP 104.20.139.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:57 Last Seen2023-04-01 10:29:03 Times Seen17 Hash 779bda84f229daaa2f139ba684da44ed b6de9666776af292596dae93a04cbd2bfb118846 10483f56b805cda07127faf8c850d846147ca273080a466c34290111af93681b Loading...

	cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js	152 kB	2023-03-13	2023-03-13
Pretty URL cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js IP 104.18.17.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:32 Last Seen2023-03-13 03:51:27 Times Seen1 Hash 033fddc111c5ba1fb15a3923b7bdc61b 90c4f1d9cdd33ee50492047b177b654ac86cb4dc 891cbf8d76d8a961376162816ff82c791cf2ffca683e671e1ccc4d03ce8a6cb3 Loading...

	secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js	54 kB	2023-03-08	2023-03-13
Pretty URL secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js IP 23.61.233.63 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:21 Last Seen2023-03-13 17:15:45 Times Seen1 Hash 2c690191f90292d59005abca64b4e2af 6b4f1a8ab4badc814c05dac708bf016b258503ac 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f Loading...

		Size	First Seen	Last Seen
	#1 Eval - caffb8172376201b94cb8f33ddc441a7	688 B	2023-03-12	2023-05-04
Pretty Observations First Seen2023-03-12 19:40:31 Last Seen2023-05-04 12:47:26 Times Seen44 Hash caffb8172376201b94cb8f33ddc441a7 fed9d50cb0c6c13f80ce167d7432621cdb573f91 2d230ee32880db6809b671633d8c6dc2398b07ff1e3be4e6d0080d9fef8de425 Loading...

	#2 Eval - f0ffd3b7c2574ac324603ed00488c850	7 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-25 18:22:45 Times Seen20315 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

	#3 Eval - a4d296427fc806b21335359e398c025c	6.5 kB	2023-03-07	2024-02-06
Pretty Observations First Seen2023-03-07 01:02:52 Last Seen2024-02-06 00:26:54 Times Seen1334 Hash a4d296427fc806b21335359e398c025c 46928ccd1407b4e55192bb9d0a07dcfebd9687b7 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Loading...

	#4 Eval - eae5ee6c7e3134a287aa23fcd63d64f0	23 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:34:37 Last Seen2023-05-06 00:24:56 Times Seen756 Hash eae5ee6c7e3134a287aa23fcd63d64f0 3b17dc8eb29b01bd80c12c7d64159d0434edfdac 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Loading...

HTTP Transactions (186)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Fri, 20 Jan 2023 08:38:41 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4774
Expires: Fri, 20 Jan 2023 09:16:38 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 20 Jan 2023 07:34:36 GMT
content-type: application/json
age: 1348
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7994
Expires: Fri, 20 Jan 2023 10:10:18 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e/Apus6AOLKPtYZj68w5jOoG029lLaOWlErw2VShDgbbNn7N8JtocyoSCOdb6PMq40oIQkFOP/o=
x-amz-request-id: C3EKK3GTKA53TK29
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 20 Jan 2023 07:17:31 GMT
age: 2373
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 20 Jan 2023 07:48:58 GMT
age: 487
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3745
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Last-Modified: Fri, 20 Jan 2023 06:54:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8cb66b77156729c90a3a8e5644f79e3f
2f7c2b3cb8be7466fff4c4e3e5d0885b41c13326
46627be7044024ab541702a11cb987eca0cb3a3f2b82051acd86685ee0713b9e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46627BE7044024AB541702A11CB987ECA0CB3A3F2B82051ACD86685EE0713B9E"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7150
Expires: Fri, 20 Jan 2023 09:56:15 GMT
Date: Fri, 20 Jan 2023 07:57:05 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
8cb66b77156729c90a3a8e5644f79e3f
2f7c2b3cb8be7466fff4c4e3e5d0885b41c13326
46627be7044024ab541702a11cb987eca0cb3a3f2b82051acd86685ee0713b9e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46627BE7044024AB541702A11CB987ECA0CB3A3F2B82051ACD86685EE0713B9E"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7150
Expires: Fri, 20 Jan 2023 09:56:15 GMT
Date: Fri, 20 Jan 2023 07:57:05 GMT
Connection: keep-alive

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZBmuincW4k9OoOr2pINIfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dfDXDVxAQGLUBUNiFoxYPQ5NcrY=

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

trc.pushnami.com/api/push/track

34.200.96.220

204 No Content

0 B

URL HTTP/2
trc.pushnami.com/api/push/track
IP
34.200.96.220:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:05 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a22296f049415ddfc0ac1abe166eac7c
d002605555892857fcaaa7cb874f8ea6c13c251b
d1980082d3cfcc0cf186f7a197a895e6f57ad0def1b2a560402efdcb7c141921

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3851
Cache-Control: max-age=163533
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Etag: "63ca1613-1d7"
Expires: Sun, 22 Jan 2023 05:22:38 GMT
Last-Modified: Fri, 20 Jan 2023 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27859 bytes)
Hash
9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: VJFQzoFmi4j6WHq+ZSt0fYicFDimU6SCNqQAJZcdhJLCTj2VMpXifP8AGgN6tKnSvXD+nCQuFYkHJT1TthbJnQ==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Fri, 20 Jan 2023 07:57:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d.pub.network/v2/init?siteId=3163&env=PROD

34.160.110.8

200 OK

0 B

URL HTTP/2
d.pub.network/v2/init?siteId=3163&env=PROD
IP
34.160.110.8:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-xsrf-token
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
set-cookie: _fsuid=2713dd4f-7b9b-4a62-a6b9-8ba9a042f618; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-headers: x-xsrf-token
access-control-allow-credentials: true
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a22296f049415ddfc0ac1abe166eac7c
d002605555892857fcaaa7cb874f8ea6c13c251b
d1980082d3cfcc0cf186f7a197a895e6f57ad0def1b2a560402efdcb7c141921

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3851
Cache-Control: max-age=163533
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Etag: "63ca1613-1d7"
Expires: Sun, 22 Jan 2023 05:22:38 GMT
Last-Modified: Fri, 20 Jan 2023 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

stats.g.doubleclick.net/dc.js

108.177.14.157

200 OK

17 kB

URL HTTP/2
stats.g.doubleclick.net/dc.js
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17093 bytes)
Hash
5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9

HTTP Headers

GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Fri, 20 Jan 2023 06:39:36 GMT
expires: Fri, 20 Jan 2023 08:39:36 GMT
cache-control: public, max-age=7200
age: 4649
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

trc.pushnami.com/api/push/track

34.200.96.220

200 OK

2 B

URL HTTP/2
trc.pushnami.com/api/push/track
IP
34.200.96.220:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
2968a84dba73c496144a31fcc82747da
b0b31ebe164675bbdfe394c3a23126ac381aa186
81e0e6206c5f9e4d2fdf7f6c8a265430b389d980ec62d511cab5aa62385d8f96

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "81E0E6206C5F9E4D2FDF7F6C8A265430B389D980EC62D511CAB5AA62385D8F96"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6616
Expires: Fri, 20 Jan 2023 09:47:22 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c0aa702ef4358554a57afc5746ad0f3e
fe0b04ea2a718b73e49f368c092a448602592823
4ac68790ba2b03cc809534fb05a61b5ede042711844e64937e066c323d75fac8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=138006
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Etag: "63c9b0ea-117"
Expires: Sat, 21 Jan 2023 22:17:12 GMT
Last-Modified: Thu, 19 Jan 2023 21:06:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

freestar-io.videoplayerhub.com/gallery.js

104.26.8.50

301 Moved Permanently

344 B

URL HTTP/2
freestar-io.videoplayerhub.com/gallery.js
IP
104.26.8.50:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
344 B (344 bytes)
Hash
2968a84dba73c496144a31fcc82747da
b0b31ebe164675bbdfe394c3a23126ac381aa186
81e0e6206c5f9e4d2fdf7f6c8a265430b389d980ec62d511cab5aa62385d8f96

HTTP Headers

GET /gallery.js HTTP/1.1
Host: freestar-io.videoplayerhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Fri, 20 Jan 2023 07:57:06 GMT
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
expires: Fri, 20 Jan 2023 08:57:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC0ycnZGo3Fremq0%2B7vHJiUchzauLakHsU5Hyf%2BqR%2Fu4PtNKizpnz8V2UDFH9mViq%2FL8BXGwDTU8dNIA6cZ5WM97Gw66ROr%2BIaPgFs3CfGCAtodtOzLCKra85H%2B%2FIb7SJ8RtkDoMSnSrZP%2FBp0Y3yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e2ef171c0e-OSL
X-Firefox-Spdy: h2

a.pub.network/core/prebid-analytics-7.19.8.js

104.18.21.206

200 OK

242 kB

URL HTTP/2
a.pub.network/core/prebid-analytics-7.19.8.js
IP
104.18.21.206:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
242 kB (241937 bytes)
Hash
61cfa791e25e7dac82369579c8b01474
881e2b0cf4667b5f98ae391f62037097f098c767
71cf7ab66415fac84d048783e7312cd87ad74aecea3883f013d2fcc20830f679

HTTP Headers

GET /core/prebid-analytics-7.19.8.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/html
x-guploader-uploadid: ADPycduM5B7Rv88acoevehRrh6kj2qxtGmNLsNIKDKEiCYCph9prUKgHAFRvAlhrmZClW0Qq9bFsF8mJxfHFan4rH7uzDw
cache-control: public, max-age=31496096
expires: Fri, 19 Jan 2024 20:52:02 GMT
last-modified: Fri, 02 Dec 2022 16:03:29 GMT
etag: W/"51ace935aa2aa7ac94ab810fd2e22d1d"
x-goog-generation: 1669997008969213
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 560022
content-language: en
x-goog-hash: crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39904
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e25fd2b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
24d3800c92aba293179c4c8a70110155
66fb2c382fa559f3b546932fa1be0b122321977e
eaa3317a574493890a5ff66f4aeb8f38e29d03572ea3d3c74c88b565d3fa8490

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagservices.com/tag/js/gpt.js

216.58.211.2

200 OK

28 kB

URL HTTP/2
www.googletagservices.com/tag/js/gpt.js
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39368)
Size
28 kB (27733 bytes)
Hash
2b7b9e06c58698099df6e854c6545d92
0fc3ee0fc59d3f5d54ffcf2b56bfa776c9b23636
5e9e3af00ca44b07b74b42580d3fff3df1e8d9f3b3866a49348e5768d438ebf0

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27733
date: Fri, 20 Jan 2023 07:57:06 GMT
expires: Fri, 20 Jan 2023 07:57:06 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1457 / 238 of 1000 / last-modified: 1674187653"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=

143.204.55.94

204 No Content

0 B

URL HTTP/2
sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
IP
143.204.55.94:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:06 GMT
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CQ3swfa4pL_SVcrRpCVONgIPze1mnJBOxGIGWqXkzZyglKn8Q2yq7g==
X-Firefox-Spdy: h2

sb.scorecardresearch.com/beacon.js

143.204.55.94

200 OK

46 kB

URL HTTP/2
sb.scorecardresearch.com/beacon.js
IP
143.204.55.94:0
ASN
#16509 AMAZON-02

File type
data
Size
46 kB (45621 bytes)
Hash
9e8ddbfaf41340586a4235277205e196
c5095cc0fe5aefb036dacc50c7d2c33cb3fa8554
d4a8e18db7697da5fdba59a448a4166b8bc752718e607e6a5b5f59180ef998df

HTTP Headers

GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 19 Jan 2023 12:11:41 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1frfaUi4C4KXt5FwEkwah2doHZwRrLa1XZrYfHqilfWCJvfz5qKzqw==
age: 71125
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
78a243189b128bd670a20cb74aa52e62
1fd86fbc0fedf732963160a8cbd970540656a9ab
6dca8d730ab44e5984c0048132a04f76f29894f51896e5d1a278cb27753e172b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Last-Modified: Fri, 20 Jan 2023 06:34:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
78a243189b128bd670a20cb74aa52e62
1fd86fbc0fedf732963160a8cbd970540656a9ab
6dca8d730ab44e5984c0048132a04f76f29894f51896e5d1a278cb27753e172b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Last-Modified: Fri, 20 Jan 2023 06:34:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

ad-delivery.net/px.gif?ch=2

104.26.2.70

200 OK

43 B

URL HTTP/2
ad-delivery.net/px.gif?ch=2
IP
104.26.2.70:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvtze2dOwrnZSaaMICrsImC00yHS96buu-2dq8YSa7nMzei-lKFnWMf1wmZgpJcLzTSMOC0BmCgVaU_XtcRhv-7IIHGxDVR
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 19 Jan 2023 19:06:58 GMT
cache-control: public, max-age=86400
age: 47930
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E9IE1CHz41S2ZmoRmWW4dv59d8AndmpbaeS2PB46ip%2BEa8vEPr1NGB%2BR6Gh%2F%2F8UcYmtmG5z0D%2FEn3XFYgjphyPEIhHMaAiGvzLVjc1aPNZ%2Fwz0DfnsNPRsXtBm6BE%2F4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e479150afa-OSL
X-Firefox-Spdy: h2

d.pub.network/v2/init?siteId=3163&env=PROD

34.160.110.8

200 OK

210 kB

URL HTTP/2
d.pub.network/v2/init?siteId=3163&env=PROD
IP
34.160.110.8:0
ASN
#15169 GOOGLE

File type
data
Size
210 kB (209824 bytes)
Hash
7e3623a4745f6dafb28177ea078c0618
1d5c9235986730239541ee074b9d3f0122f9e67c
79d849c1ac7725a20e1d1d9605e9860f71e16f965ca1ef05489bc572db0accf0

HTTP Headers

GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6InJYY1NhRGcyVk9mNXZ2L0RmeWtOa3c9PSIsInZhbHVlIjoiSWx5NlBIZ2tKaUgxTjc1VmZUNEMvQ3kzZHgwSkxTcjQ0ays4ZFNFQi8zRW5XYkt4dzFxWW9RKzFBdGovV2ZIaHFGVE5jUjZueUhYam92SGJDRHFVMkJXTlZENmlJSlBJdDluMVZpeHBEYTlRekxSM0wvZDl1K2I4Mk5KbjErVTUiLCJtYWMiOiJiYmQ0Mjg3YzQ2ZGExOTMwYzY0MWE0MzRmNmVjNjI5YmZkMzMzN2JjNzVmYWVhZmVmNzc1MzM2YzQ4MzA5Mzk5IiwidGFnIjoiIn0=
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
set-cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: application/json
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
64e08e64a8cb8b76fe31cc4cef32c3c9
c1c317ff2b8b3865effbdacd0463e6732f366d73
7fc7314d082ad5a7b5eae2369557dadd1a623ebab2e3958f908949cf5e96be74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

142.250.74.166

200 OK

104 B

URL HTTP/2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size
104 B (104 bytes)
Hash
32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2

HTTP Headers

GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:51:23 GMT
expires: Fri, 20 Jan 2023 21:51:23 GMT
cache-control: public, max-age=86400
age: 36343
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
64e08e64a8cb8b76fe31cc4cef32c3c9
c1c317ff2b8b3865effbdacd0463e6732f366d73
7fc7314d082ad5a7b5eae2369557dadd1a623ebab2e3958f908949cf5e96be74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
5553b06c7dde4dc377f9f4e65bc8ace7
9dca5486485416d1aef199be08a50abd717addc7
33a5d1a21738218e0a6fe16d79045bd390af2e84073330a0a94c03812e1ba3ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 70710215-b8fd-44eb-8b50-f0948f98366c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQWFNvoAMF3ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b735-19e7e3865ce991cb5447f0f2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fc9dIiT5QQaTowAA6lp8ffJl4Niq3i_iVe54lYhAV52kJ8Q98EMJqQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:58:19 GMT
age: 35927
etag: "9dca5486485416d1aef199be08a50abd717addc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccd80a00-28b1-4908-8a08-93d9379c2c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8968 bytes)
Hash
7fe166bba32d744d841252f3e0e3957e
0f43812cddf63c4b33dbe922c27ca32ce9e6406f
db17ff864c0a82bee284dbcaaabfb5bb8afc7b764e3882b9b9408594d6000c54

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccd80a00-28b1-4908-8a08-93d9379c2c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8968
x-amzn-requestid: ec02528a-588b-46fe-8a37-eae74c3231fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ2EWqoAMF8Cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-3bc049985202e47479d910ac;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jf6Ad0o0J4U_QLrvkWF4plIdm3zITZkmQoZ-Zw0eYihzCL6RPrV_ig==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 07:25:47 GMT
age: 1879
etag: "0f43812cddf63c4b33dbe922c27ca32ce9e6406f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12174 bytes)
Hash
eeb5713ea23c36906255e88dc10eadbf
896d92a22f676b5946004feb723b094a8a36e09c
eb75a6fcc83d5134137caa6aa110e284a93149faab9557aea8853f9d63f82bc8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12174
x-amzn-requestid: 79fee0c7-be5a-4467-b351-aeb8a7e7d19f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULMH_noAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-7d7d140511fbcb6063868fd3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fenvyWs_eMj4KsJoKfVuu6tB3GIRW-Ar3tx0IYhl1LC667Jv7OjXRA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 07:26:41 GMT
age: 1825
etag: "896d92a22f676b5946004feb723b094a8a36e09c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10867 bytes)
Hash
3638dc76d0638625ac9a31c038df3a44
deff1903d591273a96d538ae77988d8a080e228c
8382af3843ebeca8e5c13fdd60f7fb92b479915416f36686fce40566fd87ce68

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10867
x-amzn-requestid: 8d882e21-d4c5-49ac-b76a-198cec065377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAnVTEfpoAMFgJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b8ee-6579537e6a82269f4bc99395;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9KuaPBC5u3bWYidHridxyj8GEYB79yig6zD9FxGCGwXh6zvs7QokA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:55 GMT
age: 35711
etag: "deff1903d591273a96d538ae77988d8a080e228c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13383 bytes)
Hash
10654c1f4148826354dc8ccd8a3ed20b
6a53a07e284a316073fb2d40c2515978b662c947
d7d46a3c5470f1ead1b3a992782d4f07f913187f47155c62e13acf511930d569

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13383
x-amzn-requestid: c9bade48-e562-4b6c-bd14-c9641643ae09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRaEodIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73c-3e5ddece6ab24f464b4a6cab;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQ07DcLbqmJwRgjf7ta57zlC-uh619FaC0v8xJAyNMzuc7YUoNrURw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:13:54 GMT
age: 34992
etag: "6a53a07e284a316073fb2d40c2515978b662c947"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10359 bytes)
Hash
86ca07c03adbaa31374225110924b188
b1bd67630aea727a624f00b8cfd660d3b0848de1
471e3db64c9a6ec7ae4a76ea1a0835bd90dc55b389e3fe2f90c18c4dd2dbec27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10359
x-amzn-requestid: 4d5dedb2-c1a3-4433-a754-28e16385d9fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmw1EbzoAMFqww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b805-1520bf0a4fa4717e786a666f;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3h-LbrkCb1JFLLy-KKOJCf3MqVFXjgJDOf_EqMwxEsb6_a5O7j9vrw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:54 GMT
etag: "b1bd67630aea727a624f00b8cfd660d3b0848de1"
content-type: image/jpeg
age: 35712
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D

52.58.102.196

200 OK

2 B

URL HTTP/2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D
IP
52.58.102.196:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

GET /?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.pushnami.com/scripts/v1/hub

54.230.111.75

200 OK

1.5 kB

URL HTTP/2
api.pushnami.com/scripts/v1/hub
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
data
Size
1.5 kB (1483 bytes)
Hash
8e952eee3f53753755da5d3f5917480e
629ba35c7bc5d04baceea138355430ca00c7da02
4b0330444939dd7ef8af86e752d33643db9df20485a7230cbc70a4567e0c1057

HTTP Headers

GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 07:01:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pzNPI4RYI6m_IxYgQBdc9x8m9S_LydLa9LqCBmbBHf8-vt1vhGIblw==
age: 3339
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/WwslUDK6lkg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9337369a970ba18d1e0fc3cd94f9bfe5
a3a7e5367b22fcb407742ad841a7b017dff2ac16
19f6a42fb617ecadf9bfe35c1a34a4bbb750ceff594cc2ccd4d1d900ba3f378d

HTTP Headers

POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.floors.dev/sgw/v1/floors

34.160.128.112

200 OK

0 B

URL HTTP/2
api.floors.dev/sgw/v1/floors
IP
34.160.128.112:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/WwslUDK6lkg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9337369a970ba18d1e0fc3cd94f9bfe5
a3a7e5367b22fcb407742ad841a7b017dff2ac16
19f6a42fb617ecadf9bfe35c1a34a4bbb750ceff594cc2ccd4d1d900ba3f378d

HTTP Headers

POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87

54.230.111.75

200 OK

12 kB

URL HTTP/2
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (31936)
Size
12 kB (12157 bytes)
Hash
2267d560e7fa68c6a557e0898e50c1d1
c3ad49d0d76c84434ab8df69be721c443b1cb12f
274fe4a3329698f7f1c85f8f73244b0f84f2a498ff8da0d1b9b36af4f1ad594e

HTTP Headers

GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 20 Jan 2023 07:55:38 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LOUpSOLR_7xiZJRzHoMVSNNn5bOxrFk4ZuY6nmXz-nYtqIcpELe2tA==
age: 87
X-Firefox-Spdy: h2

api.btloader.com/country

130.211.23.194

200 OK

16 B

URL HTTP/2
api.btloader.com/country
IP
130.211.23.194:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d

HTTP Headers

GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Fri, 20 Jan 2023 07:57:06 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
0296e11e022b392bf9b6f91f00a100d6
72567f213af0a5a3b99dc6293a6905f29b20de07
073be8bc226f884166ec3bd8569c5097c44e42a645a9ca92406cd46bc92da81f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:19:34 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
b5ea3804ffa2721a50a22148bad0db66
5ffc08d2636f49fd0f0d26d8f132c60390a1b4c4
b079a57aaeac5f2bb5459ed63b33ae8087840c00fdbaca09c84a4a62d1a23a53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2664
Cache-Control: max-age=103348
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63c92f9f-13a"
Expires: Sat, 21 Jan 2023 12:39:35 GMT
Last-Modified: Thu, 19 Jan 2023 11:55:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
b5ea3804ffa2721a50a22148bad0db66
5ffc08d2636f49fd0f0d26d8f132c60390a1b4c4
b079a57aaeac5f2bb5459ed63b33ae8087840c00fdbaca09c84a4a62d1a23a53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:13:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
f7e1c3d953f4a232b01da2a356663cf4
fa6f48e7069cc58378ccd3a16883b9ad30e42d98
9993bdaf23a0fee242785851dd22727997f3597b7da22e88dc1ba9444de14b00

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 24 Jan 2023 06:31:59 GMT
ETag: "fa6f48e7069cc58378ccd3a16883b9ad30e42d98"
Last-Modified: Fri, 20 Jan 2023 06:32:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 856
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78c641e77a3bb4f9-OSL

match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json

35.71.131.137

200 OK

63 B

URL HTTP/2
match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
8f2edd23dc4adc3f780fe4f3eff33aed
9915963e4061d6cd67f7c97b1632103f5519e6db
b067a8b501a32df9bf4dcfec6f4b8889feceb54c7bf071b5480617894b34f20d

HTTP Headers

GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sun, 19 Feb 2023 07:57:07 GMT
vary: Origin
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2

api.floors.dev/sgw/v1/floors

34.160.128.112

200 OK

14 kB

URL HTTP/2
api.floors.dev/sgw/v1/floors
IP
34.160.128.112:0
ASN
#15169 GOOGLE

File type
JSON data\012- data
Size
14 kB (14187 bytes)
Hash
460931795e2cc9af5696e93d9b79b93f
a8357405983e15ca831c827e987110bbd03b8d9f
0c973311f8862dff8bcaef0f11d48dcef4cb0cd57dbb43f09ab5c551246bf14b

HTTP Headers

POST /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Content-Type: application/json
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Origin: https://tinyurl.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=SSQtXl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dNeU5sSll2N2wzQVkzazhGSHlOUjRHNnVWWnlMWUl0UTVhNW9HJTJCcVl6bA; expires=Wed, 14 Feb 2024 07:57:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 134122
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
43c6a621f7697048bf930ef8142f0916
ee8295a881944a118dcc46ea11f2852cdcdddd83
4c8970a0ded968cdc494312f14ad8d1e0b9fc9a0cfd237807f8e5085514f6c03

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1427
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63c9e932-1d7"
Last-Modified: Fri, 20 Jan 2023 07:33:20 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1d4/jFzla0hlOqE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c

HTTP Headers

POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ib.adnxs.com/ut/v3/prebid

185.89.210.153

200 OK

251 B

URL HTTP/1.1
ib.adnxs.com/ut/v3/prebid
IP
185.89.210.153:0
ASN
#29990 ASN-APPNEX

File type
JSON data\012- , ASCII text, with no line terminators
Size
251 B (251 bytes)
Hash
c53c2b1d7bbcd75f7dc98d51afd5ce5d
486f59572d837f836e7641ec2e3e55ba80c7ee6e
72901a71187834ebaa1e58dd48cedaef57855e9ac37e5b0ec157a19d7d1cb0c0

HTTP Headers

POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1447
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 251
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e1b5492c-8920-4c7b-bebb-df353bd390db
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.pki.goog/s/gts1d4/jFzla0hlOqE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c

HTTP Headers

POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0

178.250.0.165

200 OK

44 B

URL HTTP/2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0
IP
178.250.0.165:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74

HTTP Headers

POST /cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3928
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1

178.250.0.157

200 OK

190 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with no line terminators
Size
190 B (190 bytes)
Hash
bf7a11fa34ef1b7e0a4f83b741456386
0dd1043ee0ddde8209c7128260ca3eaff33f2baf
a37576ac952fd8a3a6c697de9701675c7a8a66e1683c8e8ec432bc237d863108

HTTP Headers

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 485329
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

s2s.t13.io/cookie_sync

34.107.140.113

200 OK

569 B

URL HTTP/2
s2s.t13.io/cookie_sync
IP
34.107.140.113:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2087), with no line terminators
Size
569 B (569 bytes)
Hash
814721068bf26fa054de8ac1af926abc
091054aa5aa4bedfdf241257192d01a13141b62b
47be3468fa6fbe15350f244789d98c6fca6b4f564dca45ae59fc6a29ee3425fe

HTTP Headers

POST /cookie_sync HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-type: application/json
content-encoding: gzip
content-length: 569
date: Fri, 20 Jan 2023 07:57:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:14 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Wezo4NWhZDSaqS-_tRayVyzhi3E066DpzPJtW3pdxCt913Bwr693g==
Age: 3413

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1cf53161b12e01f9b9f61b9c6b705843
7db0322d6e51b7c418b2143c3deddc48711ab279
27fe4da333019d06f16481a7d5b41120be4da0e8cfd532b26067ccea3101655a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:59:54 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SNzkjiNxRMTedrHR8dqSySlC4Ipcjy-h0AUd9Xdv3ueytp_47hmPeg==
Age: 3433

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:00 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qmNS5Jucw2rSoyA6uxbcOcV59YKEtLjV2Oq81PVl-9F9VefwsGT1PA==
Age: 3427

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:57:04 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L8I4GqVtRENmo8e_-84M6bkhygTWp1y9l9THZfQDnIaP37cGMbKUYg==
Age: 3603

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165539
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63ca1ffc-1d7"
Expires: Sun, 22 Jan 2023 05:56:06 GMT
Last-Modified: Fri, 20 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5CrOo7rIhte2F9snH5L16PqOeR_JUOt7k492wTNEOEOEbfD9R-BzhA==
Age: 3322

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ecc2beda2b87a20067502a0e5fb798d
7136f551e329e63cb90ba8100e3fa6f0967b6b01
f245823cf9ae62f3fe6ebda5caf084b8fa13d0bf185b23fca558416a3d2cc3a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:42:14 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1d4/jFzla0hlOqE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c

HTTP Headers

POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

psp.pushnami.com/api/psp

52.54.160.235

200 OK

69 B

URL HTTP/2
psp.pushnami.com/api/psp
IP
52.54.160.235:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
69 B (69 bytes)
Hash
cef934af42a2b3c3a2ef347da15d70ee
f83f1f069fcc230e3c9397653eef8ddd4d66c9a9
47e250e449472cb557a99ef04f6b6b5a407034f197d911e6301193c20c2f1cee

HTTP Headers

OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

hbopenbid.pubmatic.com/translator?source=prebid-client

185.64.189.112

204 No Content

0 B

URL HTTP/2
hbopenbid.pubmatic.com/translator?source=prebid-client
IP
185.64.189.112:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4564
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
date: Fri, 20 Jan 2023 07:57:07 GMT
X-Firefox-Spdy: h2

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1396
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
532f8604514987798c7b4b3e6c78dce6
958bb95081d9af3082035f7074511b315dcd710e
1cdf499dd1eadb09d3688a7a3a9cb530e8c7b76d5f96ca1863d99592e2610b98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:29:55 GMT
Expires: Fri, 20 Jan 2023 20:29:55 GMT
ETag: "958bb95081d9af3082035f7074511b315dcd710e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8796e6a2b9ae3b266a776ede62580e69
c5740324bb0c3faee35f93e1a81bcf7dd4271a89
1dfee7ac16c08adcd6320bd503d9031d6b85b74d73cd81c19b299dfbba82037b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 13:56:51 GMT
Expires: Tue, 24 Jan 2023 13:56:50 GMT
Etag: "c5740324bb0c3faee35f93e1a81bcf7dd4271a89"
Cache-Control: max-age=366582,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78c641ea688db506-OSL

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
98dbb37600f9be1c483ed1ecec88bfed
99cd45670742efaa38df2650af3f11e2da254948
78db54e3b70e65da7b59135c15523030f090968d40bbd0c7e861b5d8d294f31f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 21:03:37 GMT
Expires: Fri, 20 Jan 2023 21:03:37 GMT
ETag: "99cd45670742efaa38df2650af3f11e2da254948"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

3.120.80.118

204 No Content

0 B

URL HTTP/2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP
3.120.80.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1396
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID

3.75.3.113

204 No Content

0 B

URL HTTP/2
cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP
3.75.3.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
content-type: text/html
date: Fri, 20 Jan 2023 07:57:07 GMT
content-length: 0
X-Firefox-Spdy: h2

colossusssp.com/?c=o&m=multi

8.2.111.123

200 OK

2 B

URL HTTP/1.1
colossusssp.com/?c=o&m=multi
IP
8.2.111.123:0
ASN
#46636 NATCOWEB

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /?c=o&m=multi HTTP/1.1
Host: colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2666
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tinyurl.com
Access-Control-Allow-Credentials: true

grid.bidswitch.net/hbjson

35.157.198.68

200 OK

49 B

URL HTTP/2
grid.bidswitch.net/hbjson
IP
35.157.198.68:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
8fd5137806a5767bd0ce3cfecc888fbc
47120b295b9165bc5dcbbda3ad00fdaced1e7cc0
66cfafca8de6f89c1ff729c7e4afe7f45177041e21fdc177ecb3522fe7a38d98

HTTP Headers

POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3791
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
content-length: 49
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2

tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1---

3.67.212.83

200 OK

19 B

URL HTTP/2
tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1---
IP
3.67.212.83:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

HTTP Headers

POST /header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1--- HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1669
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2bed64336981e4796f9667ca27f4b447
b6c6efe6dd51c532d9cee7d356d48ee108327c08
f69f050cde3b8db38da488084bb222f1012ca41449a0899b8de91aa14f23a01e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3695
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:55:33 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
419acce31015b0af3eafe3502428c328
b1cf4f5e784f228bb048c53dbda4e7baf439887a
626bd6928283147a9bb88e12e379434a26c942ca15747fe235d0fe8768b3338d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:38:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

a.ad.gt/api/v1/u/matches/474?_it=prebid

104.22.4.69

200 OK

4.4 kB

URL HTTP/2
a.ad.gt/api/v1/u/matches/474?_it=prebid
IP
104.22.4.69:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.4 kB (4432 bytes)
Hash
410e076872cc844ae7971a40dd72446d
62a917446d9c976909654a1de92462b51d7a5b56
9149bbb484897761db77824256b44fa965f5a033ae0a1e995f2bb7a809cfe99b

HTTP Headers

GET /api/v1/u/matches/474?_it=prebid HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 73
last-modified: Fri, 20 Jan 2023 07:55:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641ed2f68b4ff-OSL
X-Firefox-Spdy: h2

aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

54.230.241.131

200 OK

23 B

URL HTTP/2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP
54.230.241.131:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
23 B (23 bytes)
Hash
eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

HTTP Headers

GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Fri, 20 Jan 2023 07:57:08 GMT
x-amz-rid: J2T0YXZNDFC3W5REC5HF
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wI1DtvIz1QFLSDArCMYCq-e66wHtwR_rX0xJlSPStTUG8BZAFMSAgQ==
X-Firefox-Spdy: h2

a.ad.gt/api/v1/collect

104.22.4.69

204 No Content

0 B

URL HTTP/2
a.ad.gt/api/v1/collect
IP
104.22.4.69:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v1/collect HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 900
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641ee592d1c0e-OSL
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129335
Date: Fri, 20 Jan 2023 07:57:08 GMT
Etag: "63c986be-1d7"
Expires: Sat, 21 Jan 2023 19:52:43 GMT
Last-Modified: Thu, 19 Jan 2023 18:06:54 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9qOLMFt120V8xAzTe6C4xzYsFtvzdmwzTsgy5VP8jJuwxLljCTME2Q==
Age: 6349

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126527
Date: Fri, 20 Jan 2023 07:57:08 GMT
Etag: "63c986be-1d7"
Expires: Sat, 21 Jan 2023 19:05:55 GMT
Last-Modified: Thu, 19 Jan 2023 18:06:54 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rZghQqEmGCV9gILdkP4gI9mKxrhrKRhlq3dc3Ki8lkTF6v7gTLSAXA==
Age: 3541

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:19:57 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SlKGr_88EkjfmnGSMHKGABHzfpooVcLs78IQgw__4CdYymXRm6iegQ==
Age: 5831

ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29

44.241.175.242

302 Found

473 B

URL HTTP/2
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Size
473 B (473 bytes)
Hash
1f262cc65e435af21a7a9782851764ed
e8f5f0114b1ff69dc6d4c02252dc655da95aa09e
bddada9ea1b54b0a0a65540a676000aebe4fa955979f85e5cc44acd50a868034

HTTP Headers

GET /api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29

44.241.175.242

200 OK

0 B

URL HTTP/2
ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.0
X-Firefox-Spdy: h2

p.ad.gt/api/v1/p/474

104.22.4.69

200 OK

12 kB

URL HTTP/2
p.ad.gt/api/v1/p/474
IP
104.22.4.69:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (40929), with no line terminators
Size
12 kB (12345 bytes)
Hash
4d6b87efa4f58049778c241d7c850dfe
67318418fb5b8f4910ffd19e2353da17488bbdb6
34dfa9be370415af01870ff15f3ca0ef891850e3235a4be4bcc7bc788ad7d132

HTTP Headers

GET /api/v1/p/474 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: application/javascript
last-modified: Sat, 14 Jan 2023 20:20:52 GMT
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:55:24 GMT
etag: W/"1673727652.0-40929-2713193071"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 104
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641ee0f42b50f-OSL
X-Firefox-Spdy: h2

match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0

35.71.131.137

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c879678554111268bb03205043d38eeb
4539feac988bdef389c9109c06091d248404aa94
b08c400df9a05b23a553909d74c38c4c4e83a7d92fa0a8c1a8e4412dbf4326e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5417
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:26:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js

23.61.233.63

200 OK

17 kB

URL HTTP/2
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP
23.61.233.63:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Size
17 kB (17131 bytes)
Hash
65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf

HTTP Headers

GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Fri, 20 Jan 2023 08:12:08 GMT
date: Fri, 20 Jan 2023 07:57:08 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29

142.250.74.34

302 Found

381 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
381 B (381 bytes)
Hash
96e00bab33e8310ff81b6ec834fdd5d7
b66655da117e6ad40a50f9d2b8234bd158611ca1
a42fc173a29b16754e25ea3262edec3ff2930d3c0cdc4d672d489b8ab79ed7d3

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Jan-2023 08:12:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5

142.250.74.34

302 Found

345 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
345 B (345 bytes)
Hash
267c96b141010f72f84f00b4e4eb5d16
4b7e1bad94ff0a9edd710345397bc482f4520c0e
598448a4bb0cae2f4d91335581c46dba7386373cd4a8ea326640b7129a223e6a

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 345
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Jan-2023 08:12:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
b4f2f6618b18535bcb49dab1e266df4c
bd312038adaf9ea5904655ff95bdf54c72114f45
f4945d5fcca93ea7e3348857e9123e146cf8d5755bb8bb10f910adae69b9baa0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=127956
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63c98b0e-139"
Expires: Sat, 21 Jan 2023 19:29:45 GMT
Last-Modified: Thu, 19 Jan 2023 18:25:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
1a9146a68f7fa75d289f2c14e4403539
b7920fb5a2ccf284f6846c06676d266f11075a40
d3bda6fee11136cef190d14ff2f7712591c41360943d3d739d724c726c37146b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 480
Cache-Control: max-age=115531
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63c967c0-139"
Expires: Sat, 21 Jan 2023 16:02:40 GMT
Last-Modified: Thu, 19 Jan 2023 15:54:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D

35.227.248.159

302 Found

0 B

URL HTTP/2
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP
35.227.248.159:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1674201429034;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=e1fc84e0-a877-4b1d-b636-836604be6e16;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 20 Jan 2023 06:41:07 GMT
expires: Fri, 20 Jan 2023 08:41:07 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 4562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c97e1bd01d20629851b1393a019b667a
2971fef471c737756d1944d4a3e08bcea03f7f45
0e2a26afd66f587a4ce3202a865aa7b40e67bdee3b7892773822c8a80acf81ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5624
Cache-Control: max-age=171810
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63ca2f7f-1d7"
Expires: Sun, 22 Jan 2023 07:40:39 GMT
Last-Modified: Fri, 20 Jan 2023 06:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0

44.241.175.242

200 OK

43 B

URL HTTP/2
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:08 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=

142.250.74.34

302 Found

288 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
288 B (288 bytes)
Hash
6632913b3cf727a5a334b9b298c8054a
20b600c1df76522b72f7bb31ce46b55f319af403
6f8e8e126a9777c41d8d797127ed6e18abeec2795acccd2b3de9bcaf1367e6de

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=

142.250.74.34

302 Found

244 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
244 B (244 bytes)
Hash
ccbcdd8d64ba1a4d10da9daaf6f8fc75
18fd42f770aa7ea076daefa4dd82a8c7a140871e
fe509e58c2e5c819086e008e07d10749f28dc9a9859fca7373fbd3bf8a372110

HTTP Headers

GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?google_error=3
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c879678554111268bb03205043d38eeb
4539feac988bdef389c9109c06091d248404aa94
b08c400df9a05b23a553909d74c38c4c4e83a7d92fa0a8c1a8e4412dbf4326e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5418
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Last-Modified: Fri, 20 Jan 2023 06:26:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0

185.86.137.132

302 Found

0 B

URL HTTP/1.1
sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0
IP
185.86.137.132:0
ASN
#201081 SmartAdServer SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
content-length: 0
date: Fri, 20 Jan 2023 07:57:08 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 20 Jan 2024 07:57:09 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12999%3b%24o%3d11100; expires=Sat, 20 Jan 2024 07:57:09 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E

23.38.200.22

302 Found

154 B

URL HTTP/2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060

HTTP Headers

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Sat, 20 Jan 2024 07:57:09 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Fri, 20 Jan 2023 07:57:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 07:57:09 GMT
X-Firefox-Spdy: h2

pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D

35.227.248.159

302 Found

0 B

URL HTTP/2
pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP
35.227.248.159:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1674201429092;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=56caa836-c6f7-481c-9b1d-302a47135551;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=

104.22.5.69

200 OK

67 B

URL HTTP/2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP
104.22.5.69:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
67 B (67 bytes)
Hash
2612c2514bbb4dd51b9164dba3569234
839dad2fb2d7b257a045d1df253e4469e1ef200c
a634d86ccbb74f568a47529c6d9c6c354bd20100370e29f87593c6fa02a4af44

HTTP Headers

OPTIONS /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641ea2d64b51d-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/plugins/ua/ec.js

142.250.74.110

200 OK

1.1 kB

URL HTTP/2
www.google-analytics.com/plugins/ua/ec.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (523)
Size
1.1 kB (1129 bytes)
Hash
17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7

HTTP Headers

GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:47:48 GMT
expires: Fri, 20 Jan 2023 08:47:48 GMT
cache-control: public, max-age=3600
age: 561
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/ecommerce.js

142.250.74.110

200 OK

738 B

URL HTTP/2
www.google-analytics.com/plugins/ua/ecommerce.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (745)
Size
738 B (738 bytes)
Hash
f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d

HTTP Headers

GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:50:50 GMT
expires: Fri, 20 Jan 2023 08:50:50 GMT
cache-control: public, max-age=3600
age: 379
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0

185.89.210.101

302 Found

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0
IP
185.89.210.101:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 07:57:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: bc785c6c-c7c6-428a-bd0a-85dc723b9188
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

cdn.id5-sync.com/api/1.0/id5-api.js

104.22.53.86

200 OK

17 kB

URL HTTP/2
cdn.id5-sync.com/api/1.0/id5-api.js
IP
104.22.53.86:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
17 kB (17274 bytes)
Hash
458b1bdf4b34fd717855194ec3ed3d78
5605c303da3a961db51cf72968c5fba9ee39a15e
8c428a59a7670d2573091e68fccc7a2eab835bd9ec10ba44ccefe945754becf6

HTTP Headers

GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: RV0nTQsJhYnsnzGMmXomASqBafdMPckxq2HJPzkN1jMBtDHtZR1GxlgNwK2MqUFTeAg7nSjNKRg=
x-amz-request-id: 1V0PFMYQQPT5G2T0
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3072
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 78c641f32a83fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1

185.86.137.132

200 OK

0 B

URL HTTP/1.1
sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1
IP
185.86.137.132:0
ASN
#201081 SmartAdServer SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
content-length: 0
date: Fri, 20 Jan 2023 07:57:08 GMT

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29

54.171.68.161

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP
54.171.68.161:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: NdcfG+EKT4w=
Content-Length: 59
Connection: keep-alive

ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D

18.158.165.92

302 Found

0 B

URL HTTP/2
ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
IP
18.158.165.92:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=a1894a8c-498d-4f64-97ab-d101b91b6a33; Expires=Thu, 20 Apr 2023 07:57:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674201429; Expires=Thu, 20 Apr 2023 07:57:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
206b8c98d6d310d983a591385c97fa72
390a8ef09756d5a7a9e3966bfaa44d01869fe6ba
241245058a38107d3f999c4fa2dc709240427b60b6556c561d963d503d5f5c61

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5117
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Last-Modified: Fri, 20 Jan 2023 06:31:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727

image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29

185.64.190.80

200 OK

20 B

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP
185.64.190.80:0
ASN
#62713 AS-PUBMATIC

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2

ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D

18.158.165.92

200 OK

43 B

URL HTTP/2
ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
IP
18.158.165.92:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---

98.98.134.242

204 No Content

0 B

URL HTTP/2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---
IP
98.98.134.242:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1--- HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 20 Jan 2023 07:57:09 GMT
server: AC1.1
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
959d5e087bedee14440ccfa469e3b6bc
d89c35cd7dd31b0e8d1aa8c09ff0dc9d1d9276a3
2b3495a6603e779cdf2c9d354fb05db2fcc9a61b007409cea55c574056acce2f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 01:57:49 GMT
Expires: Wed, 25 Jan 2023 01:57:48 GMT
Etag: "d89c35cd7dd31b0e8d1aa8c09ff0dc9d1d9276a3"
Cache-Control: max-age=409838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78c641f6d9afb506-OSL

ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551

44.241.175.242

200 OK

43 B

URL HTTP/2
ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:09 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D

18.159.74.210

302 Found

0 B

URL HTTP/2
x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d15d96bc-ae0c-49c8-a68e-ee9c157c3760; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/g_match?google_error=3

44.241.175.242

200 OK

43 B

URL HTTP/2
ids.ad.gt/api/v1/g_match?google_error=3
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
X-Firefox-Spdy: h2

x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D

18.159.74.210

200 OK

43 B

URL HTTP/2
x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---

69.173.144.138

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
IP
69.173.144.138:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---

18.159.74.210

302 Found

0 B

URL HTTP/2
x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=8555d3c5-9c91-4274-942d-5d67aa350505; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

acdn.adnxs.com/dmp/async_usersync.html

151.101.129.108

200 OK

17 kB

URL HTTP/1.1
acdn.adnxs.com/dmp/async_usersync.html
IP
151.101.129.108:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Size
17 kB (17053 bytes)
Hash
9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

HTTP Headers

GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 08 Jan 2023 06:27:18 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 20 Jan 2023 07:57:10 GMT
Age: 4346
X-Served-By: cache-lga13626-LGA, cache-bma1636-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 18270
X-Timer: S1674201431.999693,VS0,VE0
Vary: Accept-Encoding

x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---

18.159.74.210

200 OK

43 B

URL HTTP/2
x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---

23.38.200.201

200 OK

5.6 kB

URL HTTP/2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
IP
23.38.200.201:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Size
5.6 kB (5554 bytes)
Hash
18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b

HTTP Headers

GET /AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=99746
expires: Sat, 21 Jan 2023 11:39:37 GMT
date: Fri, 20 Jan 2023 07:57:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

static.criteo.net/js/ld/publishertag.prebid.js

178.250.2.130

200 OK

30 kB

URL HTTP/2
static.criteo.net/js/ld/publishertag.prebid.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type
ASCII text, with very long lines (65354)
Size
30 kB (29768 bytes)
Hash
322c1a7cb677b5d6f49d0cc942affb24
b530124392d53bda696d084928796bac9936596c
23602c2499583bb28b01e8df28b62e8338d85fa6b25c8efa68d369b2ee708521

HTTP Headers

GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/javascript
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
etag: W/"63bde5c2-162a9"
expires: Sat, 21 Jan 2023 07:57:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

eb2.3lift.com/sync?us_privacy=1---&

76.223.111.18

200 OK

37 B

URL HTTP/2
eb2.3lift.com/sync?us_privacy=1---&
IP
76.223.111.18:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /sync?us_privacy=1---& HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

eus.rubiconproject.com/usync.js

104.88.9.101

200 OK

10 kB

URL HTTP/1.1
eus.rubiconproject.com/usync.js
IP
104.88.9.101:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (18573)
Size
10 kB (10036 bytes)
Hash
ef087afc103a168499c95403200b08e8
7fbaeac4c185f6cd1a2583da67a8ee3720ba9ad0
99780a3fe5656a280a6a27e1671babe151e5cae0394b55e595ce45072e681183

HTTP Headers

GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 19 Jan 2023 23:20:15 GMT
Content-Encoding: gzip
Content-Length: 10036
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=55385
Expires: Fri, 20 Jan 2023 23:20:16 GMT
Date: Fri, 20 Jan 2023 07:57:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2f91b30d389c92921b897354eba392fb
8c36e8f936b342fa222e11f22e90dd6702dbf336
671bb64818ec08b063ffdf87d20bd281e9c6591397f98325bb0952b312024c93

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:35 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wxdIg6Kcgx1qynOO5MTwuEd7qIjpPohoXtFWyiP2Oc2fT5_Swg74wQ==
Age: 3396

ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID

52.30.8.210

302 Found

0 B

URL HTTP/2
ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
IP
52.30.8.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: application/json;charset=utf-8
content-length: 0
location: https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=ge96f9ff0d86f298b974&gdpr=&gdpr_consent=&us_privacy=1---
set-cookie: yieldmo_id=ge96f9ff0d86f298b974%7C1674201431121%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 20-Jan-2024 07:57:11 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2f91b30d389c92921b897354eba392fb
8c36e8f936b342fa222e11f22e90dd6702dbf336
671bb64818ec08b063ffdf87d20bd281e9c6591397f98325bb0952b312024c93

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 06:53:02 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PQjBv6x4jyTwf9KzFuX55KL9rZzElGJBBhZDda2BvtSdkPALpvLl-A==
Age: 3849

x.bidswitch.net/sync?ssp=yieldmo

18.159.74.210

302 Found

0 B

URL HTTP/2
x.bidswitch.net/sync?ssp=yieldmo
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:11 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c4f8cd6e-e753-4ebb-ae0f-320c5594badd; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

x.bidswitch.net/ul_cb/sync?ssp=yieldmo

18.159.74.210

200 OK

43 B

URL HTTP/2
x.bidswitch.net/ul_cb/sync?ssp=yieldmo
IP
18.159.74.210:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB

185.64.190.78

200 OK

60 B

URL HTTP/2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
185.64.190.78:0
ASN
#62713 AS-PUBMATIC

File type
ASCII text, with no line terminators
Size
60 B (60 bytes)
Hash
6e35e70bdb5ce5b916b42f4116a71abb
ec97d7c867098a2495d38337f30d8e00f8f0b1e7
a7e9d8f57a41ff943f014ec6f587f251f7052b372eff4cf64089507a31b8ddd6

HTTP Headers

GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Thu, 20 Apr 2023 00:18:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 60
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6fdee3eb413854cade636a92a2e1939
df4fe2911a0be37b0b02067e2b744a9fc3c805c7
1ecdfe4869234770084ae8c361897255839edb87f51ed428bab997cc75d6df41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5112
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 06:31:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

static.criteo.net/js/ld/publishertag.prebid.130.js

178.250.2.130

200 OK

30 kB

URL HTTP/2
static.criteo.net/js/ld/publishertag.prebid.130.js
IP
178.250.2.130:0
ASN
#44788 Criteo SA

File type
ASCII text, with very long lines (65354)
Size
30 kB (29856 bytes)
Hash
e60f9b1c70383f18d1071a26033c8d7a
45b9e278e76367e007043168c8e67d4b6dfa7a62
25b2316b021a68a1874c988f9ca764f963cf8f54387ccc39e5aee89a6c4bc20c

HTTP Headers

GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Sat, 21 Jan 2023 07:57:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT

198.47.127.18

302 Found

327 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
IP
198.47.127.18:0
ASN
#62713 AS-PUBMATIC

File type
HTML document, ASCII text, with very long lines (325)
Size
327 B (327 bytes)
Hash
bae2da9862e215880f8d59faf28b2b06
029fe2c23b7d368af9adb8f71950c779a08d160f
a61bf30b2c69f4c3cda8bfe7dfc157949d96bd843712f9b01756a373eb3b162f

HTTP Headers

GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 327
X-Firefox-Spdy: h2

pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo

69.173.144.138

204 No Content

0 B

URL HTTP/1.1
pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
IP
69.173.144.138:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /exchange/sync.php?p=yieldmo HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

198.47.127.18

200 OK

0 B

URL HTTP/2
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
IP
198.47.127.18:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9c726728c3662b9c7cc7edfedb715275
96d4566563e9ae08330ab0d258001b669d04d7d9
216ea6b03b761020bbc7ccb51ea0c63e9de31ab73dae8c0af0dc7fa33ee07739

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162644
Date: Fri, 20 Jan 2023 07:57:11 GMT
Etag: "63ca14af-1d7"
Expires: Sun, 22 Jan 2023 05:07:55 GMT
Last-Modified: Fri, 20 Jan 2023 04:12:31 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: InxzUckInCEUpwbpCMX9bJkwwuj59nXxQzdDWaBik7OBuPdLJ3GAfw==
Age: 3324

ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID

23.38.200.201

200 OK

953 B

URL HTTP/2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP
23.38.200.201:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Size
953 B (953 bytes)
Hash
499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4

HTTP Headers

GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=64944
expires: Sat, 21 Jan 2023 01:59:35 GMT
date: Fri, 20 Jan 2023 07:57:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

sync.srv.stackadapt.com/sync?nid=21

44.195.94.142

302 Found

128 B

URL HTTP/1.1
sync.srv.stackadapt.com/sync?nid=21
IP
44.195.94.142:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
128 B (128 bytes)
Hash
3ad5f66cf9cf19ee50f4b6237c040178
a87796d1b22cb7118da17834f5cc199b672ea082
58d40dd43681343dd62cf7d48f1259ac146b92b3cbbffdd99529264bdc12feae

HTTP Headers

GET /sync?nid=21 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 07:57:11 GMT
Location: https://ads.yieldmo.com/sync?pn_id=stk&userid=CU43EkzsSnJ_Vq_ZEHnhiltaKpo&gdpr=&gdpr_consent=
Set-Cookie: sa-user-id=s%3A0-094e3712-4cec-4a72-7f56-afd91079e18a.jmU2kzMM2COxHOQF2%2Bn8cMWhaX0efPnaD8wtVKvpqIY; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3ACU43EkzsSnJ_Vq_ZEHnhiltaKpo.Qqu6dAjCEyrkBiZxKWZm6Z7XyOp98HOy0nWzAlZjkkY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 128
Connection: keep-alive

c1.adform.net/serving/cookie/match?CC=1&party=1283

37.157.5.141

200 OK

78 B

URL HTTP/2
c1.adform.net/serving/cookie/match?CC=1&party=1283
IP
37.157.5.141:0
ASN
#198622 Adform A/S

File type
GIF image data, version 89a, 1 x 1\012- data
Size
78 B (78 bytes)
Hash
919c6416f57907f73d0af504149b2ee1
4857e9b4e2620d0da8715d9350b0d484288d9cf0
5cd7a4c27e20c5106a59ca58794604295fd6678a7855d483c072e320f13d46a7

HTTP Headers

GET /serving/cookie/match?CC=1&party=1283 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

a.pub.network/tinyurl-com/pubfig.min.js

104.18.21.206

200 OK

0 B

URL HTTP/2
a.pub.network/tinyurl-com/pubfig.min.js
IP
104.18.21.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsMcxGgq7AB5bbjPaHWYtRe2wKx9pxZxRGSNN9hqHjmx64YuQaNsfV8WK9jERg2LXxN8KZy76sIG2vdjs9a9m_qGQ
cache-control: public, max-age=1800
expires: Fri, 20 Jan 2023 08:27:05 GMT
last-modified: Tue, 10 Jan 2023 21:11:04 GMT
etag: W/"f40ec14bc52dad3554c26afa9435a641"
x-goog-generation: 1673385064585346
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170997
x-goog-hash: crc32c=qE3GUg==, md5=9A7BS8UtrTVUwmr6lDWmQQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39604
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641dcd87eb50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

a.pub.network/core/pubfig/cls.css

104.18.21.206

200 OK

0 B

URL HTTP/2
a.pub.network/core/pubfig/cls.css
IP
104.18.21.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: text/css
x-guploader-uploadid: ADPycdv0N-z42vzsy5FgNcRSzYjx2i-tIAWXpN8LPiXJ_5LzV_7V5ZZDnzEutaw7A6Lwvy5B03heMB8Q01nZiSG0B2emWA
x-goog-generation: 1666967770269941
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2096
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 20 Jan 2023 08:57:05 GMT
cache-control: public, max-age=3600
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
etag: W/"816783146b3907e634d0e822ca759864"
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641dcd86db50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

c.amazon-adsystem.com/aax2/apstag.js

143.204.46.73

200 OK

0 B

URL HTTP/2
c.amazon-adsystem.com/aax2/apstag.js
IP
143.204.46.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 20 Jan 2023 07:34:28 GMT
last-modified: Thu, 19 Jan 2023 20:39:28 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
etag: W/"82ba66ad1a339d2375e1fbac8da251b3"
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: lfWCHQDltUsqSy8FIOiBJDQldQPrMaSBmu1zBYJvnL7C1uh2XlnjoQ==
age: 1359
X-Firefox-Spdy: h2

psp.pushnami.com/api/psp

52.54.160.235

200 OK

0 B

URL HTTP/2
psp.pushnami.com/api/psp
IP
52.54.160.235:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

143.204.46.73

200 OK

0 B

URL HTTP/2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
143.204.46.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Fri, 20 Jan 2023 04:53:42 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OaSf0In2_xPNTCN7vRcuyrsIyNp95Cg1Ys4EHHf9PqLeeZ9cogjSaw==
age: 25268
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p-UeXruRVtZz7w6.js

143.204.55.20

200 OK

0 B

URL HTTP/2
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP
143.204.55.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 20 Jan 2023 07:30:42 GMT
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
cache-control: max-age=3600
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kw5pXGlI17NfH785MhtEISr-7Ch5Qw2CGLXP2FJD9teJ79w1JpG6Xg==
age: 1587
X-Firefox-Spdy: h2

simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---

185.64.190.81

200 OK

0 B

URL HTTP/2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
IP
185.64.190.81:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js

104.18.17.107

200 OK

0 B

URL HTTP/2
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
IP
104.18.17.107:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/javascript
x-amz-id-2: HVbkRM5qGzxI0EyKHKnO+r1lcYa/AAVnEyPjC23n7NyZCyRP6w4ZqH5MzQy2DgoGKGL4cjEcrhY=
x-amz-request-id: HRD3YN0KK66AJ6AP
last-modified: Fri, 20 Jan 2023 06:53:54 GMT
etag: W/"ea1feaf276a1febfc0265b94c3caa4fa"
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-cache-status: HIT
age: 6
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e2cf890b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cmp.quantcast.com/tcfv2/google-atp-list.json

143.204.55.76

200 OK

0 B

URL HTTP/2
cmp.quantcast.com/tcfv2/google-atp-list.json
IP
143.204.55.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Fri, 20 Jan 2023 03:00:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 03:00:26 GMT
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b-YZW6zK5hadwRwDmmd9S6DQzk8ZIvNuvoW7b9nJeOSAHfhN94lh4g==
age: 17797
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 1242735
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js

104.18.21.206

200 OK

0 B

URL HTTP/2
a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP
104.18.21.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtHciSBX0L7FoKfE0nRC1jzgwovS6dnKkO3p4hJ1JXeXaI1i5NeMcPJr8vQCeKKlCyDaYE1LigkIqxW-vNQJH-W
expires: Fri, 20 Jan 2023 08:57:07 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:34 GMT
etag: W/"4fa0fe97247218d3c79d543fa663d902"
x-goog-generation: 1671132214233304
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 236006
content-language: en
x-goog-hash: crc32c=K2FWmw==, md5=T6D+lyRyGNPHnVQ/pmPZAg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39905
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e8b899b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29

185.64.190.80

302 Found

0 B

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP
185.64.190.80:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 07:57:09 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0

44.241.175.242

202 Accepted

0 B

URL HTTP/2
ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:09 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated

104.20.139.65

200 OK

0 B

URL HTTP/2
tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated
IP
104.20.139.65:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /app/nospam/tinyurl.com/4zkwjrpx/terminated HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: XSRF-TOKEN=eyJpdiI6InJYY1NhRGcyVk9mNXZ2L0RmeWtOa3c9PSIsInZhbHVlIjoiSWx5NlBIZ2tKaUgxTjc1VmZUNEMvQ3kzZHgwSkxTcjQ0ays4ZFNFQi8zRW5XYkt4dzFxWW9RKzFBdGovV2ZIaHFGVE5jUjZueUhYam92SGJDRHFVMkJXTlZENmlJSlBJdDluMVZpeHBEYTlRekxSM0wvZDl1K2I4Mk5KbjErVTUiLCJtYWMiOiJiYmQ0Mjg3YzQ2ZGExOTMwYzY0MWE0MzRmNmVjNjI5YmZkMzMzN2JjNzVmYWVhZmVmNzc1MzM2YzQ4MzA5Mzk5IiwidGFnIjoiIn0%3D; expires=Fri, 20 Jan 2023 09:57:05 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax
tinyurl_session=eyJpdiI6IjR2eCtkbjFuSFZ0R0o3VHY2MkVMUXc9PSIsInZhbHVlIjoiOCtVdTk0djlGbzZsWnFrOG1UNVBwUm5Ib0wwQnhLbTNiUTVtWWl3ZG04R3lodG9ScWtHRzZRdkRZdit6Z2toelJTTlVtV2NDa2ZTNEc1UlhKQzZaVCszVmVUMTllRHp2YVphcitKcGlqdTVZRVFvbThEd1dKT1ZhdSs0aXQrSDEiLCJtYWMiOiJmM2I0NDQ4MmU2YTdhYjE4ZmJjZTFjMzY5YTBkY2ZmOTA4ODNlMmJlMWMyZTg1MzE0ZGRkMDY1YTE1ZDBlNDQzIiwidGFnIjoiIn0%3D; expires=Fri, 20 Jan 2023 09:57:05 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax
tinyUUID=eyJpdiI6Ikp6bmg4ZXh2Q0ZwRkx3S2owZFJDS3c9PSIsInZhbHVlIjoiSTMwc2NpUEFvNnVUR0FFQjE3MThUZ2pFUGNDc3RvNUtNQml0b09QNU9NN05zSVhmbU5KWWFSYlpmQlgweVJ0SXhLUGxDbkMrN2V3Q2g3WmtsMzR4SE52RDhPVUE0RUV6OVBmYjlEdWx0c0k9IiwibWFjIjoiMTM3Zjk3N2M1M2YyNTExMTQ2ZjU3YzQ5YTRhMTBjNTkxZjJhZmJjOGI0OWYzNGVlZmFjNTYzOWQ0MWE5Njg2MyIsInRhZyI6IiJ9; expires=Wed, 19 Jan 2028 07:57:05 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 07:57:05 GMT
expires: Fri, 20 Jan 2023 11:57:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641d8be571bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87

54.230.111.75

200 OK

0 B

URL HTTP/2
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 20 Jan 2023 07:49:27 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qPr3O0px2vFqeqvJDmT7lmgF1s9altxeGvkOKj5T25jie-kaza53wQ==
age: 458
X-Firefox-Spdy: h2

cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com

143.204.55.76

200 OK

0 B

URL HTTP/2
cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
IP
143.204.55.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tcfv2/cmp2.js?referer=tinyurl.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=3600
date: Fri, 20 Jan 2023 07:52:34 GMT
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rlJruC25OcsZW-dVci_-Kag6QlDWzFFFpnwewcI0ADZ1vrQdf8Sdqg==
age: 273
X-Firefox-Spdy: h2

tinyurl.com/4zkwjrpx

104.20.139.65

301 Moved Permanently

0 B

URL HTTP/2
tinyurl.com/4zkwjrpx
IP
104.20.139.65:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Orange
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /4zkwjrpx HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Fri, 20 Jan 2023 07:57:04 GMT
content-type: text/html; charset=UTF-8
location: https://tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated
0: X-LIGHTTPD-LONGURL
1: http://co63024.tw1.ru/sdfgh/drtyu/Or22/Orange22/
2: Cache-Control
3: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641d57bb71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782

213.19.162.21

200 OK

0 B

URL HTTP/2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782
IP
213.19.162.21:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.4
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LD48AX0T-1N-GAO7; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqLy5QUu7v+ve9DtVM30fCgOapXdOfj/TwAwS88S+y6EcoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LD48AX0T-1N-GAO7; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqLy5QUu7v+ve9DtVM30fCgOapXdOfj/TwAwS88S+y6EcoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-Firefox-Spdy: h2

cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2

143.204.55.76

200 OK

0 B

URL HTTP/2
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP
143.204.55.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Fri, 20 Jan 2023 07:57:06 GMT
cache-control: max-age=3600
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HbljVW_iFn-GOSypEJSHLEru3jP61yQ64f45SZIt14ShxkkIMDb2sg==
age: 18
X-Firefox-Spdy: h2

btloader.com/tag?h=freestar-io&upapi=true

104.26.6.139

200 OK

0 B

URL HTTP/2
btloader.com/tag?h=freestar-io&upapi=true
IP
104.26.6.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag?h=freestar-io&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"ee4a0482a74e4e53afc8475fef23457f"
last-modified: Fri, 20 Jan 2023 07:16:19 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKCwrGMLIyOHm7Z2bWjqNeS12AB9frN0rw%2FDbvpQW%2B5pd3kJSU5HmRk6gOC4URZJwY%2BYiIHsF9UO1rwythzMwkYYwnTyy0BUmciUaSa4vXRhPRZjmOxYAA5jAjZ78A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c641e37bd40b69-OSL
content-encoding: br
X-Firefox-Spdy: h2

id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=

104.22.5.69

200 OK

0 B

URL HTTP/2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP
104.22.5.69:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641eb7f02b51d-OSL
X-Firefox-Spdy: h2

ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3

44.241.175.242

200 OK

0 B

URL HTTP/2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3
IP
44.241.175.242:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML