r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Fri, 20 Jan 2023 08:38:41 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4774
Expires: Fri, 20 Jan 2023 09:16:38 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 20 Jan 2023 07:34:36 GMT
content-type: application/json
age: 1348
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7994
Expires: Fri, 20 Jan 2023 10:10:18 GMT
Date: Fri, 20 Jan 2023 07:57:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e/Apus6AOLKPtYZj68w5jOoG029lLaOWlErw2VShDgbbNn7N8JtocyoSCOdb6PMq40oIQkFOP/o=
x-amz-request-id: C3EKK3GTKA53TK29
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 20 Jan 2023 07:17:31 GMT
age: 2373
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 20 Jan 2023 07:48:58 GMT
age: 487
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3745
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Last-Modified: Fri, 20 Jan 2023 06:54:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8cb66b77156729c90a3a8e5644f79e3f
2f7c2b3cb8be7466fff4c4e3e5d0885b41c13326
46627be7044024ab541702a11cb987eca0cb3a3f2b82051acd86685ee0713b9e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46627BE7044024AB541702A11CB987ECA0CB3A3F2B82051ACD86685EE0713B9E"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7150
Expires: Fri, 20 Jan 2023 09:56:15 GMT
Date: Fri, 20 Jan 2023 07:57:05 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8cb66b77156729c90a3a8e5644f79e3f
2f7c2b3cb8be7466fff4c4e3e5d0885b41c13326
46627be7044024ab541702a11cb987eca0cb3a3f2b82051acd86685ee0713b9e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "46627BE7044024AB541702A11CB987ECA0CB3A3F2B82051ACD86685EE0713B9E"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7150
Expires: Fri, 20 Jan 2023 09:56:15 GMT
Date: Fri, 20 Jan 2023 07:57:05 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZBmuincW4k9OoOr2pINIfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dfDXDVxAQGLUBUNiFoxYPQ5NcrY=
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trc.pushnami.com/api/push/track
34.200.96.220204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 34.200.96.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:05 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a22296f049415ddfc0ac1abe166eac7c
d002605555892857fcaaa7cb874f8ea6c13c251b
d1980082d3cfcc0cf186f7a197a895e6f57ad0def1b2a560402efdcb7c141921
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3851
Cache-Control: max-age=163533
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Etag: "63ca1613-1d7"
Expires: Sun, 22 Jan 2023 05:22:38 GMT
Last-Modified: Fri, 20 Jan 2023 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: VJFQzoFmi4j6WHq+ZSt0fYicFDimU6SCNqQAJZcdhJLCTj2VMpXifP8AGgN6tKnSvXD+nCQuFYkHJT1TthbJnQ==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Fri, 20 Jan 2023 07:57:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 0 B URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-xsrf-token
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
set-cookie: _fsuid=2713dd4f-7b9b-4a62-a6b9-8ba9a042f618; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-headers: x-xsrf-token
access-control-allow-credentials: true
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a22296f049415ddfc0ac1abe166eac7c
d002605555892857fcaaa7cb874f8ea6c13c251b
d1980082d3cfcc0cf186f7a197a895e6f57ad0def1b2a560402efdcb7c141921
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3851
Cache-Control: max-age=163533
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:05 GMT
Etag: "63ca1613-1d7"
Expires: Sun, 22 Jan 2023 05:22:38 GMT
Last-Modified: Fri, 20 Jan 2023 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/dc.js
108.177.14.157200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 108.177.14.157:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Fri, 20 Jan 2023 06:39:36 GMT
expires: Fri, 20 Jan 2023 08:39:36 GMT
cache-control: public, max-age=7200
age: 4649
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 049d1dc6d9bcc418e6cdf2034d3e4089
52d36df068b23d26fcd2971bdc53aaf18a2fa3d9
2ae5d05c519b1f625c74cb03651674078e6a1b1d04bc7b294e75abca7be40356
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:32:35 GMT
Expires: Fri, 20 Jan 2023 20:32:35 GMT
ETag: "52d36df068b23d26fcd2971bdc53aaf18a2fa3d9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trc.pushnami.com/api/push/track
34.200.96.220200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 34.200.96.220:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 76
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2968a84dba73c496144a31fcc82747da
b0b31ebe164675bbdfe394c3a23126ac381aa186
81e0e6206c5f9e4d2fdf7f6c8a265430b389d980ec62d511cab5aa62385d8f96
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "81E0E6206C5F9E4D2FDF7F6C8A265430B389D980EC62D511CAB5AA62385D8F96"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6616
Expires: Fri, 20 Jan 2023 09:47:22 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0aa702ef4358554a57afc5746ad0f3e
fe0b04ea2a718b73e49f368c092a448602592823
4ac68790ba2b03cc809534fb05a61b5ede042711844e64937e066c323d75fac8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=138006
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Etag: "63c9b0ea-117"
Expires: Sat, 21 Jan 2023 22:17:12 GMT
Last-Modified: Thu, 19 Jan 2023 21:06:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
freestar-io.videoplayerhub.com/gallery.js
104.26.8.50301 Moved Permanently 344 B URL HTTP/2 freestar-io.videoplayerhub.com/gallery.js
IP 104.26.8.50:0
Hash 2968a84dba73c496144a31fcc82747da
b0b31ebe164675bbdfe394c3a23126ac381aa186
81e0e6206c5f9e4d2fdf7f6c8a265430b389d980ec62d511cab5aa62385d8f96
GET /gallery.js HTTP/1.1
Host: freestar-io.videoplayerhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 20 Jan 2023 07:57:06 GMT
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
expires: Fri, 20 Jan 2023 08:57:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC0ycnZGo3Fremq0%2B7vHJiUchzauLakHsU5Hyf%2BqR%2Fu4PtNKizpnz8V2UDFH9mViq%2FL8BXGwDTU8dNIA6cZ5WM97Gw66ROr%2BIaPgFs3CfGCAtodtOzLCKra85H%2B%2FIb7SJ8RtkDoMSnSrZP%2FBp0Y3yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e2ef171c0e-OSL
X-Firefox-Spdy: h2
a.pub.network/core/prebid-analytics-7.19.8.js
104.18.21.206200 OK 242 kB URL HTTP/2 a.pub.network/core/prebid-analytics-7.19.8.js
IP 104.18.21.206:0
Size 242 kB (241937 bytes)
Hash 61cfa791e25e7dac82369579c8b01474
881e2b0cf4667b5f98ae391f62037097f098c767
71cf7ab66415fac84d048783e7312cd87ad74aecea3883f013d2fcc20830f679
GET /core/prebid-analytics-7.19.8.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/html
x-guploader-uploadid: ADPycduM5B7Rv88acoevehRrh6kj2qxtGmNLsNIKDKEiCYCph9prUKgHAFRvAlhrmZClW0Qq9bFsF8mJxfHFan4rH7uzDw
cache-control: public, max-age=31496096
expires: Fri, 19 Jan 2024 20:52:02 GMT
last-modified: Fri, 02 Dec 2022 16:03:29 GMT
etag: W/"51ace935aa2aa7ac94ab810fd2e22d1d"
x-goog-generation: 1669997008969213
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 560022
content-language: en
x-goog-hash: crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39904
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e25fd2b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 24d3800c92aba293179c4c8a70110155
66fb2c382fa559f3b546932fa1be0b122321977e
eaa3317a574493890a5ff66f4aeb8f38e29d03572ea3d3c74c88b565d3fa8490
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
216.58.211.2200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (39368)
Hash 2b7b9e06c58698099df6e854c6545d92
0fc3ee0fc59d3f5d54ffcf2b56bfa776c9b23636
5e9e3af00ca44b07b74b42580d3fff3df1e8d9f3b3866a49348e5768d438ebf0
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27733
date: Fri, 20 Jan 2023 07:57:06 GMT
expires: Fri, 20 Jan 2023 07:57:06 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1457 / 238 of 1000 / last-modified: 1674187653"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
143.204.55.94204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
IP 143.204.55.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1674201425641&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=351&c7=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:06 GMT
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CQ3swfa4pL_SVcrRpCVONgIPze1mnJBOxGIGWqXkzZyglKn8Q2yq7g==
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.94200 OK 46 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.94:0
Hash 9e8ddbfaf41340586a4235277205e196
c5095cc0fe5aefb036dacc50c7d2c33cb3fa8554
d4a8e18db7697da5fdba59a448a4166b8bc752718e607e6a5b5f59180ef998df
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 19 Jan 2023 12:11:41 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1frfaUi4C4KXt5FwEkwah2doHZwRrLa1XZrYfHqilfWCJvfz5qKzqw==
age: 71125
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 78a243189b128bd670a20cb74aa52e62
1fd86fbc0fedf732963160a8cbd970540656a9ab
6dca8d730ab44e5984c0048132a04f76f29894f51896e5d1a278cb27753e172b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Last-Modified: Fri, 20 Jan 2023 06:34:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 78a243189b128bd670a20cb74aa52e62
1fd86fbc0fedf732963160a8cbd970540656a9ab
6dca8d730ab44e5984c0048132a04f76f29894f51896e5d1a278cb27753e172b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Last-Modified: Fri, 20 Jan 2023 06:34:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvtze2dOwrnZSaaMICrsImC00yHS96buu-2dq8YSa7nMzei-lKFnWMf1wmZgpJcLzTSMOC0BmCgVaU_XtcRhv-7IIHGxDVR
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 19 Jan 2023 19:06:58 GMT
cache-control: public, max-age=86400
age: 47930
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E9IE1CHz41S2ZmoRmWW4dv59d8AndmpbaeS2PB46ip%2BEa8vEPr1NGB%2BR6Gh%2F%2F8UcYmtmG5z0D%2FEn3XFYgjphyPEIhHMaAiGvzLVjc1aPNZ%2Fwz0DfnsNPRsXtBm6BE%2F4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e479150afa-OSL
X-Firefox-Spdy: h2
d.pub.network/v2/init?siteId=3163&env=PROD
34.160.110.8200 OK 210 kB URL HTTP/2 d.pub.network/v2/init?siteId=3163&env=PROD
IP 34.160.110.8:0
Size 210 kB (209824 bytes)
Hash 7e3623a4745f6dafb28177ea078c0618
1d5c9235986730239541ee074b9d3f0122f9e67c
79d849c1ac7725a20e1d1d9605e9860f71e16f965ca1ef05489bc572db0accf0
GET /v2/init?siteId=3163&env=PROD HTTP/1.1
Host: d.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6InJYY1NhRGcyVk9mNXZ2L0RmeWtOa3c9PSIsInZhbHVlIjoiSWx5NlBIZ2tKaUgxTjc1VmZUNEMvQ3kzZHgwSkxTcjQ0ays4ZFNFQi8zRW5XYkt4dzFxWW9RKzFBdGovV2ZIaHFGVE5jUjZueUhYam92SGJDRHFVMkJXTlZENmlJSlBJdDluMVZpeHBEYTlRekxSM0wvZDl1K2I4Mk5KbjErVTUiLCJtYWMiOiJiYmQ0Mjg3YzQ2ZGExOTMwYzY0MWE0MzRmNmVjNjI5YmZkMzMzN2JjNzVmYWVhZmVmNzc1MzM2YzQ4MzA5Mzk5IiwidGFnIjoiIn0=
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
set-cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6; path=/; Domain=.pub.network; Max-Age=63113904; SameSite=None; Secure; HttpOnly=true;
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
content-type: application/json
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 64e08e64a8cb8b76fe31cc4cef32c3c9
c1c317ff2b8b3865effbdacd0463e6732f366d73
7fc7314d082ad5a7b5eae2369557dadd1a623ebab2e3958f908949cf5e96be74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.166200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.166:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:51:23 GMT
expires: Fri, 20 Jan 2023 21:51:23 GMT
cache-control: public, max-age=86400
age: 36343
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 64e08e64a8cb8b76fe31cc4cef32c3c9
c1c317ff2b8b3865effbdacd0463e6732f366d73
7fc7314d082ad5a7b5eae2369557dadd1a623ebab2e3958f908949cf5e96be74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10075
Expires: Fri, 20 Jan 2023 10:45:01 GMT
Date: Fri, 20 Jan 2023 07:57:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5553b06c7dde4dc377f9f4e65bc8ace7
9dca5486485416d1aef199be08a50abd717addc7
33a5d1a21738218e0a6fe16d79045bd390af2e84073330a0a94c03812e1ba3ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 70710215-b8fd-44eb-8b50-f0948f98366c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQWFNvoAMF3ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b735-19e7e3865ce991cb5447f0f2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fc9dIiT5QQaTowAA6lp8ffJl4Niq3i_iVe54lYhAV52kJ8Q98EMJqQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:58:19 GMT
age: 35927
etag: "9dca5486485416d1aef199be08a50abd717addc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccd80a00-28b1-4908-8a08-93d9379c2c2e.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccd80a00-28b1-4908-8a08-93d9379c2c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe166bba32d744d841252f3e0e3957e
0f43812cddf63c4b33dbe922c27ca32ce9e6406f
db17ff864c0a82bee284dbcaaabfb5bb8afc7b764e3882b9b9408594d6000c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccd80a00-28b1-4908-8a08-93d9379c2c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8968
x-amzn-requestid: ec02528a-588b-46fe-8a37-eae74c3231fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ2EWqoAMF8Cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-3bc049985202e47479d910ac;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jf6Ad0o0J4U_QLrvkWF4plIdm3zITZkmQoZ-Zw0eYihzCL6RPrV_ig==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 07:25:47 GMT
age: 1879
etag: "0f43812cddf63c4b33dbe922c27ca32ce9e6406f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeb5713ea23c36906255e88dc10eadbf
896d92a22f676b5946004feb723b094a8a36e09c
eb75a6fcc83d5134137caa6aa110e284a93149faab9557aea8853f9d63f82bc8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03bd9522-eeb8-49fc-b9be-5881b7bc5ce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12174
x-amzn-requestid: 79fee0c7-be5a-4467-b351-aeb8a7e7d19f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULMH_noAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-7d7d140511fbcb6063868fd3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fenvyWs_eMj4KsJoKfVuu6tB3GIRW-Ar3tx0IYhl1LC667Jv7OjXRA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 07:26:41 GMT
age: 1825
etag: "896d92a22f676b5946004feb723b094a8a36e09c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3638dc76d0638625ac9a31c038df3a44
deff1903d591273a96d538ae77988d8a080e228c
8382af3843ebeca8e5c13fdd60f7fb92b479915416f36686fce40566fd87ce68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10867
x-amzn-requestid: 8d882e21-d4c5-49ac-b76a-198cec065377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAnVTEfpoAMFgJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b8ee-6579537e6a82269f4bc99395;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9KuaPBC5u3bWYidHridxyj8GEYB79yig6zD9FxGCGwXh6zvs7QokA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:55 GMT
age: 35711
etag: "deff1903d591273a96d538ae77988d8a080e228c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10654c1f4148826354dc8ccd8a3ed20b
6a53a07e284a316073fb2d40c2515978b662c947
d7d46a3c5470f1ead1b3a992782d4f07f913187f47155c62e13acf511930d569
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13383
x-amzn-requestid: c9bade48-e562-4b6c-bd14-c9641643ae09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRaEodIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73c-3e5ddece6ab24f464b4a6cab;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQ07DcLbqmJwRgjf7ta57zlC-uh619FaC0v8xJAyNMzuc7YUoNrURw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:13:54 GMT
age: 34992
etag: "6a53a07e284a316073fb2d40c2515978b662c947"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ca07c03adbaa31374225110924b188
b1bd67630aea727a624f00b8cfd660d3b0848de1
471e3db64c9a6ec7ae4a76ea1a0835bd90dc55b389e3fe2f90c18c4dd2dbec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10359
x-amzn-requestid: 4d5dedb2-c1a3-4433-a754-28e16385d9fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmw1EbzoAMFqww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b805-1520bf0a4fa4717e786a666f;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3h-LbrkCb1JFLLy-KKOJCf3MqVFXjgJDOf_EqMwxEsb6_a5O7j9vrw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:54 GMT
etag: "b1bd67630aea727a624f00b8cfd660d3b0848de1"
content-type: image/jpeg
age: 35712
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D
52.58.102.196200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D
IP 52.58.102.196:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22tinyurl.com%22%2C%22publisher%22%3A%22Tinyurl.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222rXDIkjHn7mjZ18%2BGoqeow%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674201426102%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kdz8qvsemnbilerwm3te%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v1/hub
54.230.111.75200 OK 1.5 kB URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP 54.230.111.75:0
Hash 8e952eee3f53753755da5d3f5917480e
629ba35c7bc5d04baceea138355430ca00c7da02
4b0330444939dd7ef8af86e752d33643db9df20485a7230cbc70a4567e0c1057
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 07:01:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pzNPI4RYI6m_IxYgQBdc9x8m9S_LydLa9LqCBmbBHf8-vt1vhGIblw==
age: 3339
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash 9337369a970ba18d1e0fc3cd94f9bfe5
a3a7e5367b22fcb407742ad841a7b017dff2ac16
19f6a42fb617ecadf9bfe35c1a34a4bbb750ceff594cc2ccd4d1d900ba3f378d
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 0 B URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WwslUDK6lkg
IP 142.250.74.131:0
Hash 9337369a970ba18d1e0fc3cd94f9bfe5
a3a7e5367b22fcb407742ad841a7b017dff2ac16
19f6a42fb617ecadf9bfe35c1a34a4bbb750ceff594cc2ccd4d1d900ba3f378d
POST /s/gts1d4/WwslUDK6lkg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
54.230.111.75200 OK 12 kB URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87
IP 54.230.111.75:0
File type Unicode text, UTF-8 text, with very long lines (31936)
Hash 2267d560e7fa68c6a557e0898e50c1d1
c3ad49d0d76c84434ab8df69be721c443b1cb12f
274fe4a3329698f7f1c85f8f73244b0f84f2a498ff8da0d1b9b36af4f1ad594e
GET /scripts/v2/pushnami-sw/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 20 Jan 2023 07:55:38 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LOUpSOLR_7xiZJRzHoMVSNNn5bOxrFk4ZuY6nmXz-nYtqIcpELe2tA==
age: 87
X-Firefox-Spdy: h2
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Fri, 20 Jan 2023 07:57:06 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0296e11e022b392bf9b6f91f00a100d6
72567f213af0a5a3b99dc6293a6905f29b20de07
073be8bc226f884166ec3bd8569c5097c44e42a645a9ca92406cd46bc92da81f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:19:34 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 08bd4cf331676c11ab3c3bfca4a2566a
9dd4695e3b163ab33cd27a06e3ddc935aabec872
deb2a67645fc79fe43c5c9a064c8a4f22ffb184045057c2e6d80f0e3d34379b0
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b5ea3804ffa2721a50a22148bad0db66
5ffc08d2636f49fd0f0d26d8f132c60390a1b4c4
b079a57aaeac5f2bb5459ed63b33ae8087840c00fdbaca09c84a4a62d1a23a53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2664
Cache-Control: max-age=103348
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63c92f9f-13a"
Expires: Sat, 21 Jan 2023 12:39:35 GMT
Last-Modified: Thu, 19 Jan 2023 11:55:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b5ea3804ffa2721a50a22148bad0db66
5ffc08d2636f49fd0f0d26d8f132c60390a1b4c4
b079a57aaeac5f2bb5459ed63b33ae8087840c00fdbaca09c84a4a62d1a23a53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:13:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash f7e1c3d953f4a232b01da2a356663cf4
fa6f48e7069cc58378ccd3a16883b9ad30e42d98
9993bdaf23a0fee242785851dd22727997f3597b7da22e88dc1ba9444de14b00
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 24 Jan 2023 06:31:59 GMT
ETag: "fa6f48e7069cc58378ccd3a16883b9ad30e42d98"
Last-Modified: Fri, 20 Jan 2023 06:32:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 856
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78c641e77a3bb4f9-OSL
match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
35.71.131.137200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
IP 35.71.131.137:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8f2edd23dc4adc3f780fe4f3eff33aed
9915963e4061d6cd67f7c97b1632103f5519e6db
b067a8b501a32df9bf4dcfec6f4b8889feceb54c7bf071b5480617894b34f20d
GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sun, 19 Feb 2023 07:57:07 GMT
vary: Origin
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
api.floors.dev/sgw/v1/floors
34.160.128.112200 OK 14 kB URL HTTP/2 api.floors.dev/sgw/v1/floors
IP 34.160.128.112:0
Hash 460931795e2cc9af5696e93d9b79b93f
a8357405983e15ca831c827e987110bbd03b8d9f
0c973311f8862dff8bcaef0f11d48dcef4cb0cd57dbb43f09ab5c551246bf14b
POST /sgw/v1/floors HTTP/1.1
Host: api.floors.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Content-Type: application/json
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Origin: https://tinyurl.com
Content-Length: 423
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age: 3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000;includeSubDomains;preload;
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=SSQtXl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dNeU5sSll2N2wzQVkzazhGSHlOUjRHNnVWWnlMWUl0UTVhNW9HJTJCcVl6bA; expires=Wed, 14 Feb 2024 07:57:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 134122
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c6a621f7697048bf930ef8142f0916
ee8295a881944a118dcc46ea11f2852cdcdddd83
4c8970a0ded968cdc494312f14ad8d1e0b9fc9a0cfd237807f8e5085514f6c03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1427
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63c9e932-1d7"
Last-Modified: Fri, 20 Jan 2023 07:33:20 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP 142.250.74.131:0
Hash d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c
POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
185.89.210.153200 OK 251 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.153:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c53c2b1d7bbcd75f7dc98d51afd5ce5d
486f59572d837f836e7641ec2e3e55ba80c7ee6e
72901a71187834ebaa1e58dd48cedaef57855e9ac37e5b0ec157a19d7d1cb0c0
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1447
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 251
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tinyurl.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e1b5492c-8920-4c7b-bebb-df353bd390db
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP 142.250.74.131:0
Hash d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c
POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.7&cb=17595623843&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3928
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://tinyurl.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.0.157200 OK 190 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bf7a11fa34ef1b7e0a4f83b741456386
0dd1043ee0ddde8209c7128260ca3eaff33f2baf
a37576ac952fd8a3a6c697de9701675c7a8a66e1683c8e8ec432bc237d863108
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 485329
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
s2s.t13.io/cookie_sync
34.107.140.113200 OK 569 B IP 34.107.140.113:0
File type JSON data\012- , ASCII text, with very long lines (2087), with no line terminators
Hash 814721068bf26fa054de8ac1af926abc
091054aa5aa4bedfdf241257192d01a13141b62b
47be3468fa6fbe15350f244789d98c6fca6b4f564dca45ae59fc6a29ee3425fe
POST /cookie_sync HTTP/1.1
Host: s2s.t13.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
content-type: application/json
content-encoding: gzip
content-length: 569
date: Fri, 20 Jan 2023 07:57:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:14 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Wezo4NWhZDSaqS-_tRayVyzhi3E066DpzPJtW3pdxCt913Bwr693g==
Age: 3413
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 1cf53161b12e01f9b9f61b9c6b705843
7db0322d6e51b7c418b2143c3deddc48711ab279
27fe4da333019d06f16481a7d5b41120be4da0e8cfd532b26067ccea3101655a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:59:54 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SNzkjiNxRMTedrHR8dqSySlC4Ipcjy-h0AUd9Xdv3ueytp_47hmPeg==
Age: 3433
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:00 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qmNS5Jucw2rSoyA6uxbcOcV59YKEtLjV2Oq81PVl-9F9VefwsGT1PA==
Age: 3427
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 06:57:04 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L8I4GqVtRENmo8e_-84M6bkhygTWp1y9l9THZfQDnIaP37cGMbKUYg==
Age: 3603
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3a5453ebe8c8f011ac7beed4d1cbb1b8
59e043d245966e47441bf9c478a1d23816f0f903
2cdf2fc0926324e10bea195ad0c05926ebc8cbc9f4de13a629b4c6e35a5dd3f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165539
Date: Fri, 20 Jan 2023 07:57:07 GMT
Etag: "63ca1ffc-1d7"
Expires: Sun, 22 Jan 2023 05:56:06 GMT
Last-Modified: Fri, 20 Jan 2023 05:00:44 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5CrOo7rIhte2F9snH5L16PqOeR_JUOt7k492wTNEOEOEbfD9R-BzhA==
Age: 3322
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ecc2beda2b87a20067502a0e5fb798d
7136f551e329e63cb90ba8100e3fa6f0967b6b01
f245823cf9ae62f3fe6ebda5caf084b8fa13d0bf185b23fca558416a3d2cc3a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 894
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Last-Modified: Fri, 20 Jan 2023 07:42:14 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jFzla0hlOqE
IP 142.250.74.131:0
Hash d3c8076c9d89b6c9ceb239cffef61e3b
109f46606dfde7beb43cdab68e9833ba681995ae
7f1bc5fd25b7fb4e31864099340aa6efe2a8f37027ba48dc14d671cba80c3b4c
POST /s/gts1d4/jFzla0hlOqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
psp.pushnami.com/api/psp
52.54.160.235200 OK 69 B IP 52.54.160.235:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cef934af42a2b3c3a2ef347da15d70ee
f83f1f069fcc230e3c9397653eef8ddd4d66c9a9
47e250e449472cb557a99ef04f6b6b5a407034f197d911e6301193c20c2f1cee
OPTIONS /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4564
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
date: Fri, 20 Jan 2023 07:57:07 GMT
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1396
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 532f8604514987798c7b4b3e6c78dce6
958bb95081d9af3082035f7074511b315dcd710e
1cdf499dd1eadb09d3688a7a3a9cb530e8c7b76d5f96ca1863d99592e2610b98
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 20:29:55 GMT
Expires: Fri, 20 Jan 2023 20:29:55 GMT
ETag: "958bb95081d9af3082035f7074511b315dcd710e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8796e6a2b9ae3b266a776ede62580e69
c5740324bb0c3faee35f93e1a81bcf7dd4271a89
1dfee7ac16c08adcd6320bd503d9031d6b85b74d73cd81c19b299dfbba82037b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 13:56:51 GMT
Expires: Tue, 24 Jan 2023 13:56:50 GMT
Etag: "c5740324bb0c3faee35f93e1a81bcf7dd4271a89"
Cache-Control: max-age=366582,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78c641ea688db506-OSL
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1415
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 98dbb37600f9be1c483ed1ecec88bfed
99cd45670742efaa38df2650af3f11e2da254948
78db54e3b70e65da7b59135c15523030f090968d40bbd0c7e861b5d8d294f31f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 19 Jan 2023 21:03:37 GMT
Expires: Fri, 20 Jan 2023 21:03:37 GMT
ETag: "99cd45670742efaa38df2650af3f11e2da254948"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
3.120.80.118204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 3.120.80.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1396
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:07 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
3.75.3.113204 No Content 0 B URL HTTP/2 cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
IP 3.75.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Fri, 20 Jan 2023 07:57:07 GMT
content-length: 0
X-Firefox-Spdy: h2
colossusssp.com/?c=o&m=multi
8.2.111.123200 OK 2 B URL HTTP/1.1 colossusssp.com/?c=o&m=multi
IP 8.2.111.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /?c=o&m=multi HTTP/1.1
Host: colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2666
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 20 Jan 2023 07:57:07 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://tinyurl.com
Access-Control-Allow-Credentials: true
grid.bidswitch.net/hbjson
35.157.198.68200 OK 49 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 35.157.198.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8fd5137806a5767bd0ce3cfecc888fbc
47120b295b9165bc5dcbbda3ad00fdaced1e7cc0
66cfafca8de6f89c1ff729c7e4afe7f45177041e21fdc177ecb3522fe7a38d98
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3791
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
content-length: 49
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1---
3.67.212.83200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1---
IP 3.67.212.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.19.7&referrer=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tmax=1200&us_privacy=1--- HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1669
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2bed64336981e4796f9667ca27f4b447
b6c6efe6dd51c532d9cee7d356d48ee108327c08
f69f050cde3b8db38da488084bb222f1012ca41449a0899b8de91aa14f23a01e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3695
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:55:33 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 419acce31015b0af3eafe3502428c328
b1cf4f5e784f228bb048c53dbda4e7baf439887a
626bd6928283147a9bb88e12e379434a26c942ca15747fe235d0fe8768b3338d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:38:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
a.ad.gt/api/v1/u/matches/474?_it=prebid
104.22.4.69200 OK 4.4 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/474?_it=prebid
IP 104.22.4.69:0
Hash 410e076872cc844ae7971a40dd72446d
62a917446d9c976909654a1de92462b51d7a5b56
9149bbb484897761db77824256b44fa965f5a033ae0a1e995f2bb7a809cfe99b
GET /api/v1/u/matches/474?_it=prebid HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 73
last-modified: Fri, 20 Jan 2023 07:55:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641ed2f68b4ff-OSL
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
54.230.241.131200 OK 23 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash eae5ee6c7e3134a287aa23fcd63d64f0
3b17dc8eb29b01bd80c12c7d64159d0434edfdac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
GET /e/dtb/bid?src=600&u=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&pid=VBsdbBnPIMTc2&cb=0&ws=1280x939&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22tinyurl_right-multisize-2.0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_right-multisize-2.0%22%7D%2C%7B%22sd%22%3A%22tinyurl_footer-multisize-2.0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C34718310%2Ftinyurl_footer-multisize-2.0%22%7D%5D&schain=1.0%2C1!freestar.com%2C1214%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 23
server: Server
date: Fri, 20 Jan 2023 07:57:08 GMT
x-amz-rid: J2T0YXZNDFC3W5REC5HF
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wI1DtvIz1QFLSDArCMYCq-e66wHtwR_rX0xJlSPStTUG8BZAFMSAgQ==
X-Firefox-Spdy: h2
a.ad.gt/api/v1/collect
104.22.4.69204 No Content 0 B IP 104.22.4.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/collect HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 900
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641ee592d1c0e-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129335
Date: Fri, 20 Jan 2023 07:57:08 GMT
Etag: "63c986be-1d7"
Expires: Sat, 21 Jan 2023 19:52:43 GMT
Last-Modified: Thu, 19 Jan 2023 18:06:54 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9qOLMFt120V8xAzTe6C4xzYsFtvzdmwzTsgy5VP8jJuwxLljCTME2Q==
Age: 6349
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126527
Date: Fri, 20 Jan 2023 07:57:08 GMT
Etag: "63c986be-1d7"
Expires: Sat, 21 Jan 2023 19:05:55 GMT
Last-Modified: Thu, 19 Jan 2023 18:06:54 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rZghQqEmGCV9gILdkP4gI9mKxrhrKRhlq3dc3Ki8lkTF6v7gTLSAXA==
Age: 3541
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 45a84f29a8b95c36d608cb872f2c3774
bcb9309f7b5ef33cba1721302565778169cf8f75
2a2989b2a179ed4201ca8b026f9550ea7a0c1a7d945096acd6d83eeceb8dd7bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:19:57 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SlKGr_88EkjfmnGSMHKGABHzfpooVcLs78IQgw__4CdYymXRm6iegQ==
Age: 5831
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29
44.241.175.242302 Found 473 B URL HTTP/2 ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP 44.241.175.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 1f262cc65e435af21a7a9782851764ed
e8f5f0114b1ff69dc6d4c02252dc655da95aa09e
bddada9ea1b54b0a0a65540a676000aebe4fa955979f85e5cc44acd50a868034
GET /api/v1/g_hosted?id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29
44.241.175.242200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP 44.241.175.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/ip_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.0
X-Firefox-Spdy: h2
p.ad.gt/api/v1/p/474
104.22.4.69200 OK 12 kB IP 104.22.4.69:0
File type ASCII text, with very long lines (40929), with no line terminators
Hash 4d6b87efa4f58049778c241d7c850dfe
67318418fb5b8f4910ffd19e2353da17488bbdb6
34dfa9be370415af01870ff15f3ca0ef891850e3235a4be4bcc7bc788ad7d132
GET /api/v1/p/474 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: application/javascript
last-modified: Sat, 14 Jan 2023 20:20:52 GMT
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:55:24 GMT
etag: W/"1673727652.0-40929-2713193071"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 104
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641ee0f42b50f-OSL
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001674201427-W1VK3DL6-2C29&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c879678554111268bb03205043d38eeb
4539feac988bdef389c9109c06091d248404aa94
b08c400df9a05b23a553909d74c38c4c4e83a7d92fa0a8c1a8e4412dbf4326e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5417
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:08 GMT
Last-Modified: Fri, 20 Jan 2023 06:26:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.61.233.63200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.61.233.63:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Fri, 20 Jan 2023 08:12:08 GMT
date: Fri, 20 Jan 2023 07:57:08 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29
142.250.74.34302 Found 381 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 96e00bab33e8310ff81b6ec834fdd5d7
b66655da117e6ad40a50f9d2b8234bd158611ca1
a42fc173a29b16754e25ea3262edec3ff2930d3c0cdc4d672d489b8ab79ed7d3
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Jan-2023 08:12:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5
142.250.74.34302 Found 345 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 267c96b141010f72f84f00b4e4eb5d16
4b7e1bad94ff0a9edd710345397bc482f4520c0e
598448a4bb0cae2f4d91335581c46dba7386373cd4a8ea326640b7129a223e6a
GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 345
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Jan-2023 08:12:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b4f2f6618b18535bcb49dab1e266df4c
bd312038adaf9ea5904655ff95bdf54c72114f45
f4945d5fcca93ea7e3348857e9123e146cf8d5755bb8bb10f910adae69b9baa0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=127956
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63c98b0e-139"
Expires: Sat, 21 Jan 2023 19:29:45 GMT
Last-Modified: Thu, 19 Jan 2023 18:25:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1a9146a68f7fa75d289f2c14e4403539
b7920fb5a2ccf284f6846c06676d266f11075a40
d3bda6fee11136cef190d14ff2f7712591c41360943d3d739d724c726c37146b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 480
Cache-Control: max-age=115531
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63c967c0-139"
Expires: Sat, 21 Jan 2023 16:02:40 GMT
Last-Modified: Thu, 19 Jan 2023 15:54:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1674201429034;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=e1fc84e0-a877-4b1d-b636-836604be6e16;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 20 Jan 2023 06:41:07 GMT
expires: Fri, 20 Jan 2023 08:41:07 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 4562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c97e1bd01d20629851b1393a019b667a
2971fef471c737756d1944d4a3e08bcea03f7f45
0e2a26afd66f587a4ce3202a865aa7b40e67bdee3b7892773822c8a80acf81ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5624
Cache-Control: max-age=171810
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Etag: "63ca2f7f-1d7"
Expires: Sun, 22 Jan 2023 07:40:39 GMT
Last-Modified: Fri, 20 Jan 2023 06:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
44.241.175.242200 OK 43 B URL HTTP/2 ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP 44.241.175.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /api/v1/halo_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:08 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:08 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=
142.250.74.34302 Found 288 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6632913b3cf727a5a334b9b298c8054a
20b600c1df76522b72f7bb31ce46b55f319af403
6f8e8e126a9777c41d8d797127ed6e18abeec2795acccd2b3de9bcaf1367e6de
GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=
142.250.74.34302 Found 244 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ccbcdd8d64ba1a4d10da9daaf6f8fc75
18fd42f770aa7ea076daefa4dd82a8c7a140871e
fe509e58c2e5c819086e008e07d10749f28dc9a9859fca7373fbd3bf8a372110
GET /pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3NDIwMTQyNy1XMVZLM0RMNi0yQzI5&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://ids.ad.gt/api/v1/g_match?google_error=3
date: Fri, 20 Jan 2023 07:57:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c879678554111268bb03205043d38eeb
4539feac988bdef389c9109c06091d248404aa94
b08c400df9a05b23a553909d74c38c4c4e83a7d92fa0a8c1a8e4412dbf4326e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5418
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Last-Modified: Fri, 20 Jan 2023 06:26:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0
185.86.137.132302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0
IP 185.86.137.132:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Fri, 20 Jan 2023 07:57:08 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 20 Jan 2024 07:57:09 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12999%3b%24o%3d11100; expires=Sat, 20 Jan 2024 07:57:09 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Sat, 20 Jan 2024 07:57:09 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Fri, 20 Jan 2023 07:57:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 20 Jan 2023 07:57:09 GMT
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001674201427-W1VK3DL6-2C29&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1674201429092;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=56caa836-c6f7-481c-9b1d-302a47135551;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Tue, 21 Mar 2023 07:57:09 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.5.69200 OK 67 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.5.69:0
File type JSON data\012- , ASCII text
Hash 2612c2514bbb4dd51b9164dba3569234
839dad2fb2d7b257a045d1df253e4469e1ef200c
a634d86ccbb74f568a47529c6d9c6c354bd20100370e29f87593c6fa02a4af44
OPTIONS /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://tinyurl.com/
Origin: https://tinyurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641ea2d64b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/ec.js
142.250.74.110200 OK 1.1 kB URL HTTP/2 www.google-analytics.com/plugins/ua/ec.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (523)
Hash 17427cd827c6f9e01d5ee868be659be5
6ff2e43c1a10e3c924870b48ae3cc36280b97f53
59157001be3cd5b0e3eae8afa425d1c694591c403fb9692bc3ad6d3235b423e7
GET /plugins/ua/ec.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:47:48 GMT
expires: Fri, 20 Jan 2023 08:47:48 GMT
cache-control: public, max-age=3600
age: 561
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/ecommerce.js
142.250.74.110200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:50:50 GMT
expires: Fri, 20 Jan 2023 08:50:50 GMT
cache-control: public, max-age=3600
age: 379
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0
185.89.210.101302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 20 Jan 2023 07:57:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: bc785c6c-c7c6-428a-bd0a-85dc723b9188
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 458b1bdf4b34fd717855194ec3ed3d78
5605c303da3a961db51cf72968c5fba9ee39a15e
8c428a59a7670d2573091e68fccc7a2eab835bd9ec10ba44ccefe945754becf6
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:08 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: RV0nTQsJhYnsnzGMmXomASqBafdMPckxq2HJPzkN1jMBtDHtZR1GxlgNwK2MqUFTeAg7nSjNKRg=
x-amz-request-id: 1V0PFMYQQPT5G2T0
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3072
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 78c641f32a83fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1
185.86.137.132200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1
IP 185.86.137.132:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&sas_uid=[sas_uid]&gdpr=0&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Fri, 20 Jan 2023 07:57:08 GMT
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
54.171.68.161200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP 54.171.68.161:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001674201427-W1VK3DL6-2C29&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: NdcfG+EKT4w=
Content-Length: 59
Connection: keep-alive
ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
18.158.165.92302 Found 0 B URL HTTP/2 ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
IP 18.158.165.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=a1894a8c-498d-4f64-97ab-d101b91b6a33; Expires=Thu, 20 Apr 2023 07:57:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674201429; Expires=Thu, 20 Apr 2023 07:57:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 206b8c98d6d310d983a591385c97fa72
390a8ef09756d5a7a9e3966bfaa44d01869fe6ba
241245058a38107d3f999c4fa2dc709240427b60b6556c561d963d503d5f5c61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5117
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:09 GMT
Last-Modified: Fri, 20 Jan 2023 06:31:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
185.64.190.80200 OK 20 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP 185.64.190.80:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
18.158.165.92200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D
IP 18.158.165.92:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001674201427-W1VK3DL6-2C29%26impr_uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---
98.98.134.242204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---
IP 98.98.134.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1--- HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 20 Jan 2023 07:57:09 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 959d5e087bedee14440ccfa469e3b6bc
d89c35cd7dd31b0e8d1aa8c09ff0dc9d1d9276a3
2b3495a6603e779cdf2c9d354fb05db2fcc9a61b007409cea55c574056acce2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 07:57:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 01:57:49 GMT
Expires: Wed, 25 Jan 2023 01:57:48 GMT
Etag: "d89c35cd7dd31b0e8d1aa8c09ff0dc9d1d9276a3"
Cache-Control: max-age=409838,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78c641f6d9afb506-OSL
ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551
44.241.175.242200 OK 43 B URL HTTP/2 ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551
IP 44.241.175.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /api/v1/tapad_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&tapad_id=56caa836-c6f7-481c-9b1d-302a47135551 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:09 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
18.159.74.210302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
IP 18.159.74.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d15d96bc-ae0c-49c8-a68e-ee9c157c3760; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?google_error=3
44.241.175.242200 OK 43 B URL HTTP/2 ids.ad.gt/api/v1/g_match?google_error=3
IP 44.241.175.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /api/v1/g_match?google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
18.159.74.210200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D
IP 18.159.74.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbidswitch%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
69.173.144.138204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif
x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
18.159.74.210302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
IP 18.159.74.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=8555d3c5-9c91-4274-942d-5d67aa350505; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201430; path=/; expires=Sat, 20-Jan-2024 07:57:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.129.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.129.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 08 Jan 2023 06:27:18 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 20 Jan 2023 07:57:10 GMT
Age: 4346
X-Served-By: cache-lga13626-LGA, cache-bma1636-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 18270
X-Timer: S1674201431.999693,VS0,VE0
Vary: Accept-Encoding
x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
18.159.74.210200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
IP 18.159.74.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=99746
expires: Sat, 21 Jan 2023 11:39:37 GMT
date: Fri, 20 Jan 2023 07:57:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash 322c1a7cb677b5d6f49d0cc942affb24
b530124392d53bda696d084928796bac9936596c
23602c2499583bb28b01e8df28b62e8338d85fa6b25c8efa68d369b2ee708521
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/javascript
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
etag: W/"63bde5c2-162a9"
expires: Sat, 21 Jan 2023 07:57:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
eb2.3lift.com/sync?us_privacy=1---&
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/sync?us_privacy=1---&
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync?us_privacy=1---& HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash ef087afc103a168499c95403200b08e8
7fbaeac4c185f6cd1a2583da67a8ee3720ba9ad0
99780a3fe5656a280a6a27e1671babe151e5cae0394b55e595ce45072e681183
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 19 Jan 2023 23:20:15 GMT
Content-Encoding: gzip
Content-Length: 10036
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=55385
Expires: Fri, 20 Jan 2023 23:20:16 GMT
Date: Fri, 20 Jan 2023 07:57:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2f91b30d389c92921b897354eba392fb
8c36e8f936b342fa222e11f22e90dd6702dbf336
671bb64818ec08b063ffdf87d20bd281e9c6591397f98325bb0952b312024c93
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 07:00:35 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wxdIg6Kcgx1qynOO5MTwuEd7qIjpPohoXtFWyiP2Oc2fT5_Swg74wQ==
Age: 3396
ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
52.30.8.210302 Found 0 B URL HTTP/2 ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID
IP 52.30.8.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: application/json;charset=utf-8
content-length: 0
location: https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=ge96f9ff0d86f298b974&gdpr=&gdpr_consent=&us_privacy=1---
set-cookie: yieldmo_id=ge96f9ff0d86f298b974%7C1674201431121%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 20-Jan-2024 07:57:11 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2f91b30d389c92921b897354eba392fb
8c36e8f936b342fa222e11f22e90dd6702dbf336
671bb64818ec08b063ffdf87d20bd281e9c6591397f98325bb0952b312024c93
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 06:53:02 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PQjBv6x4jyTwf9KzFuX55KL9rZzElGJBBhZDda2BvtSdkPALpvLl-A==
Age: 3849
x.bidswitch.net/sync?ssp=yieldmo
18.159.74.210302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=yieldmo
IP 18.159.74.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 20 Jan 2023 07:57:11 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=yieldmo
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c4f8cd6e-e753-4ebb-ae0f-320c5594badd; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674201431; path=/; expires=Sat, 20-Jan-2024 07:57:11 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=yieldmo
18.159.74.210200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=yieldmo
IP 18.159.74.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=yieldmo HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash 6e35e70bdb5ce5b916b42f4116a71abb
ec97d7c867098a2495d38337f30d8e00f8f0b1e7
a7e9d8f57a41ff943f014ec6f587f251f7052b372eff4cf64089507a31b8ddd6
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Thu, 20 Apr 2023 00:18:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 60
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6fdee3eb413854cade636a92a2e1939
df4fe2911a0be37b0b02067e2b744a9fc3c805c7
1ecdfe4869234770084ae8c361897255839edb87f51ed428bab997cc75d6df41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5112
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 07:57:11 GMT
Last-Modified: Fri, 20 Jan 2023 06:31:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.2.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash e60f9b1c70383f18d1071a26033c8d7a
45b9e278e76367e007043168c8e67d4b6dfa7a62
25b2316b021a68a1874c988f9ca764f963cf8f54387ccc39e5aee89a6c4bc20c
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Sat, 21 Jan 2023 07:57:09 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
198.47.127.18302 Found 327 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
IP 198.47.127.18:0
File type HTML document, ASCII text, with very long lines (325)
Hash bae2da9862e215880f8d59faf28b2b06
029fe2c23b7d368af9adb8f71950c779a08d160f
a61bf30b2c69f4c3cda8bfe7dfc157949d96bd843712f9b01756a373eb3b162f
GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 327
X-Firefox-Spdy: h2
pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
69.173.144.138204 No Content 0 B URL HTTP/1.1 pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=yieldmo HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif
image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
198.47.127.18200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1
IP 198.47.127.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:10 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9c726728c3662b9c7cc7edfedb715275
96d4566563e9ae08330ab0d258001b669d04d7d9
216ea6b03b761020bbc7ccb51ea0c63e9de31ab73dae8c0af0dc7fa33ee07739
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162644
Date: Fri, 20 Jan 2023 07:57:11 GMT
Etag: "63ca14af-1d7"
Expires: Sun, 22 Jan 2023 05:07:55 GMT
Last-Modified: Fri, 20 Jan 2023 04:12:31 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: InxzUckInCEUpwbpCMX9bJkwwuj59nXxQzdDWaBik7OBuPdLJ3GAfw==
Age: 3324
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DE8D78DD9-9865-42B1-9134-ED21D65B3C6F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=64944
expires: Sat, 21 Jan 2023 01:59:35 GMT
date: Fri, 20 Jan 2023 07:57:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=21
44.195.94.142302 Found 128 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=21
IP 44.195.94.142:0
File type HTML document, ASCII text
Hash 3ad5f66cf9cf19ee50f4b6237c040178
a87796d1b22cb7118da17834f5cc199b672ea082
58d40dd43681343dd62cf7d48f1259ac146b92b3cbbffdd99529264bdc12feae
GET /sync?nid=21 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.yieldmo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 07:57:11 GMT
Location: https://ads.yieldmo.com/sync?pn_id=stk&userid=CU43EkzsSnJ_Vq_ZEHnhiltaKpo&gdpr=&gdpr_consent=
Set-Cookie: sa-user-id=s%3A0-094e3712-4cec-4a72-7f56-afd91079e18a.jmU2kzMM2COxHOQF2%2Bn8cMWhaX0efPnaD8wtVKvpqIY; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3ACU43EkzsSnJ_Vq_ZEHnhiltaKpo.Qqu6dAjCEyrkBiZxKWZm6Z7XyOp98HOy0nWzAlZjkkY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 128
Connection: keep-alive
c1.adform.net/serving/cookie/match?CC=1&party=1283
37.157.5.141200 OK 78 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1283
IP 37.157.5.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 919c6416f57907f73d0af504149b2ee1
4857e9b4e2620d0da8715d9350b0d484288d9cf0
5cd7a4c27e20c5106a59ca58794604295fd6678a7855d483c072e320f13d46a7
GET /serving/cookie/match?CC=1&party=1283 HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.yieldmo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
a.pub.network/tinyurl-com/pubfig.min.js
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/tinyurl-com/pubfig.min.js
IP 104.18.21.206:0
GET /tinyurl-com/pubfig.min.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsMcxGgq7AB5bbjPaHWYtRe2wKx9pxZxRGSNN9hqHjmx64YuQaNsfV8WK9jERg2LXxN8KZy76sIG2vdjs9a9m_qGQ
cache-control: public, max-age=1800
expires: Fri, 20 Jan 2023 08:27:05 GMT
last-modified: Tue, 10 Jan 2023 21:11:04 GMT
etag: W/"f40ec14bc52dad3554c26afa9435a641"
x-goog-generation: 1673385064585346
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170997
x-goog-hash: crc32c=qE3GUg==, md5=9A7BS8UtrTVUwmr6lDWmQQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39604
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641dcd87eb50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP 104.18.21.206:0
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: text/css
x-guploader-uploadid: ADPycdv0N-z42vzsy5FgNcRSzYjx2i-tIAWXpN8LPiXJ_5LzV_7V5ZZDnzEutaw7A6Lwvy5B03heMB8Q01nZiSG0B2emWA
x-goog-generation: 1666967770269941
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2096
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 20 Jan 2023 08:57:05 GMT
cache-control: public, max-age=3600
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
etag: W/"816783146b3907e634d0e822ca759864"
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641dcd86db50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 20 Jan 2023 07:34:28 GMT
last-modified: Thu, 19 Jan 2023 20:39:28 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
etag: W/"82ba66ad1a339d2375e1fbac8da251b3"
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: lfWCHQDltUsqSy8FIOiBJDQldQPrMaSBmu1zBYJvnL7C1uh2XlnjoQ==
age: 1359
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
52.54.160.235200 OK 0 B IP 52.54.160.235:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
content-type: application/x-www-form-urlencoded
key: 5c018cb890535b0010a5ea87
Origin: https://tinyurl.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Fri, 20 Jan 2023 04:53:42 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OaSf0In2_xPNTCN7vRcuyrsIyNp95Cg1Ys4EHHf9PqLeeZ9cogjSaw==
age: 25268
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
143.204.55.20200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
IP 143.204.55.20:0
GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 20 Jan 2023 07:30:42 GMT
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
cache-control: max-age=3600
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kw5pXGlI17NfH785MhtEISr-7Ch5Qw2CGLXP2FJD9teJ79w1JpG6Xg==
age: 1587
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1---
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=156696&sc=1&u=E8D78DD9-9865-42B1-9134-ED21D65B3C6F&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 07:57:11 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
104.18.17.107200 OK 0 B URL HTTP/2 cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
IP 104.18.17.107:0
GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: text/javascript
x-amz-id-2: HVbkRM5qGzxI0EyKHKnO+r1lcYa/AAVnEyPjC23n7NyZCyRP6w4ZqH5MzQy2DgoGKGL4cjEcrhY=
x-amz-request-id: HRD3YN0KK66AJ6AP
last-modified: Fri, 20 Jan 2023 06:53:54 GMT
etag: W/"ea1feaf276a1febfc0265b94c3caa4fa"
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-cache-status: HIT
age: 6
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e2cf890b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.76:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Fri, 20 Jan 2023 03:00:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 03:00:26 GMT
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b-YZW6zK5hadwRwDmmd9S6DQzk8ZIvNuvoW7b9nJeOSAHfhN94lh4g==
age: 17797
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftinyurl.com%2F&domain=tinyurl.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tinyurl.com
server-processing-duration-in-ticks: 1242735
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
104.18.21.206200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js
IP 104.18.21.206:0
GET /core/pubfig/pubfig.messaging.2.37.1.51d6c93756ae01bff349d86db73e510ac0590cfc.js HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Cookie: _fsuid=6140153e-9a87-4618-b451-4774b947b0a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtHciSBX0L7FoKfE0nRC1jzgwovS6dnKkO3p4hJ1JXeXaI1i5NeMcPJr8vQCeKKlCyDaYE1LigkIqxW-vNQJH-W
expires: Fri, 20 Jan 2023 08:57:07 GMT
cache-control: public, max-age=3600
last-modified: Thu, 15 Dec 2022 19:23:34 GMT
etag: W/"4fa0fe97247218d3c79d543fa663d902"
x-goog-generation: 1671132214233304
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 236006
content-language: en
x-goog-hash: crc32c=K2FWmw==, md5=T6D+lyRyGNPHnVQ/pmPZAg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 39905
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641e8b899b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
185.64.190.80302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
IP 185.64.190.80:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 20 Jan 2023 07:57:09 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 07:57:09 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001674201427-W1VK3DL6-2C29
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0
44.241.175.242202 Accepted 0 B URL HTTP/2 ids.ad.gt/api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0
IP 44.241.175.242:0
GET /api/v1/match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&adnxs_id=0&gdpr=0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
set-cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; Expires=Sun, 19 Jan 2025 07:57:09 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated
104.20.139.65200 OK 0 B URL HTTP/2 tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated
IP 104.20.139.65:0
GET /app/nospam/tinyurl.com/4zkwjrpx/terminated HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:05 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: XSRF-TOKEN=eyJpdiI6InJYY1NhRGcyVk9mNXZ2L0RmeWtOa3c9PSIsInZhbHVlIjoiSWx5NlBIZ2tKaUgxTjc1VmZUNEMvQ3kzZHgwSkxTcjQ0ays4ZFNFQi8zRW5XYkt4dzFxWW9RKzFBdGovV2ZIaHFGVE5jUjZueUhYam92SGJDRHFVMkJXTlZENmlJSlBJdDluMVZpeHBEYTlRekxSM0wvZDl1K2I4Mk5KbjErVTUiLCJtYWMiOiJiYmQ0Mjg3YzQ2ZGExOTMwYzY0MWE0MzRmNmVjNjI5YmZkMzMzN2JjNzVmYWVhZmVmNzc1MzM2YzQ4MzA5Mzk5IiwidGFnIjoiIn0%3D; expires=Fri, 20 Jan 2023 09:57:05 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; samesite=lax
tinyurl_session=eyJpdiI6IjR2eCtkbjFuSFZ0R0o3VHY2MkVMUXc9PSIsInZhbHVlIjoiOCtVdTk0djlGbzZsWnFrOG1UNVBwUm5Ib0wwQnhLbTNiUTVtWWl3ZG04R3lodG9ScWtHRzZRdkRZdit6Z2toelJTTlVtV2NDa2ZTNEc1UlhKQzZaVCszVmVUMTllRHp2YVphcitKcGlqdTVZRVFvbThEd1dKT1ZhdSs0aXQrSDEiLCJtYWMiOiJmM2I0NDQ4MmU2YTdhYjE4ZmJjZTFjMzY5YTBkY2ZmOTA4ODNlMmJlMWMyZTg1MzE0ZGRkMDY1YTE1ZDBlNDQzIiwidGFnIjoiIn0%3D; expires=Fri, 20 Jan 2023 09:57:05 GMT; Max-Age=7200; path=/; domain=.tinyurl.com; httponly; samesite=lax
tinyUUID=eyJpdiI6Ikp6bmg4ZXh2Q0ZwRkx3S2owZFJDS3c9PSIsInZhbHVlIjoiSTMwc2NpUEFvNnVUR0FFQjE3MThUZ2pFUGNDc3RvNUtNQml0b09QNU9NN05zSVhmbU5KWWFSYlpmQlgweVJ0SXhLUGxDbkMrN2V3Q2g3WmtsMzR4SE52RDhPVUE0RUV6OVBmYjlEdWx0c0k9IiwibWFjIjoiMTM3Zjk3N2M1M2YyNTExMTQ2ZjU3YzQ5YTRhMTBjNTkxZjJhZmJjOGI0OWYzNGVlZmFjNTYzOWQ0MWE5Njg2MyIsInRhZyI6IiJ9; expires=Wed, 19 Jan 2028 07:57:05 GMT; Max-Age=157680000; path=/; domain=.tinyurl.com; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 07:57:05 GMT
expires: Fri, 20 Jan 2023 11:57:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c641d8be571bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
54.230.111.75200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87
IP 54.230.111.75:0
GET /scripts/v1/pushnami-adv/5c018cb890535b0010a5ea87 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 20 Jan 2023 07:49:27 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qPr3O0px2vFqeqvJDmT7lmgF1s9altxeGvkOKj5T25jie-kaza53wQ==
age: 458
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
IP 143.204.55.76:0
GET /tcfv2/cmp2.js?referer=tinyurl.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=3600
date: Fri, 20 Jan 2023 07:52:34 GMT
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rlJruC25OcsZW-dVci_-Kag6QlDWzFFFpnwewcI0ADZ1vrQdf8Sdqg==
age: 273
X-Firefox-Spdy: h2
tinyurl.com/4zkwjrpx
104.20.139.65301 Moved Permanently 0 B IP 104.20.139.65:0
Analyzer Verdict Alert openphish Orange
phishtank Other
fortinet Phishing
GET /4zkwjrpx HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 20 Jan 2023 07:57:04 GMT
content-type: text/html; charset=UTF-8
location: https://tinyurl.com/app/nospam/tinyurl.com/4zkwjrpx/terminated
0: X-LIGHTTPD-LONGURL
1: http://co63024.tw1.ru/sdfgh/drtyu/Or22/Orange22/
2: Cache-Control
3: private, no-cache, no-store, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641d57bb71bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782
213.19.162.21200 OK 0 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782
IP 213.19.162.21:0
GET /a/api/fastlane.json?account_id=16924&site_id=433298&zone_id=2478238&size_id=15&alt_size_ids=10%2C16%3B2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1214,1,,,&eid_criteo.com=MiHyMl9zc0x2QW13ZWlBTUxSc0ZuYXI3VEx4OEs4MEJITXlvJTJGM2F2ZVNjWmJiRkdHOHQ4dll0SjdEYUVSUVRmOEJadHp3ZTNkcDFjYUdXY1lOdXVRenZ1NkxRJTNEJTNE%5E1&eid_pubcid.org=ab816a26-496c-466b-a64b-f7a48716ecea%5E1&ppuid=6140153e-9a87-4618-b451-4774b947b0a6&rf=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.name=tinyurl-com&tg_i.domain=tinyurl.com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.page=https%3A%2F%2Ftinyurl.com%2Fapp%2Fnospam%2Ftinyurl.com%2F4zkwjrpx%2Fterminated&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&tk_flint=pbjs_lite_v7.19.7&x_source.tid=9221a2f5-2a68-4d8d-abd3-0e803e61344f%3B1a55f401-87f3-4e24-bfeb-dec65879a7ec&l_pb_bid_id=32fcc28bd5a0d198%3B33088c90f632c028&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Ftinyurl_right-multisize-2.0%2Ftinyurl_right-multisize-2.0%3B%2F15184186%2Ftinyurl_footer-multisize-2.0%2Ftinyurl_footer-multisize-2.0&slots=2&rand=0.04700137948292782 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://tinyurl.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LD48AX0T-1N-GAO7; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqLy5QUu7v+ve9DtVM30fCgOapXdOfj/TwAwS88S+y6EcoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LD48AX0T-1N-GAO7; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqLy5QUu7v+ve9DtVM30fCgOapXdOfj/TwAwS88S+y6EcoDfHIOQivO4ICd6Q+AmJtaZo7MRB/uMtAPlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sat, 20-Jan-2024 07:57:07 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
IP 143.204.55.76:0
GET /choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:22:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Fri, 20 Jan 2023 07:57:06 GMT
cache-control: max-age=3600
etag: W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HbljVW_iFn-GOSypEJSHLEru3jP61yQ64f45SZIt14ShxkkIMDb2sg==
age: 18
X-Firefox-Spdy: h2
btloader.com/tag?h=freestar-io&upapi=true
104.26.6.139200 OK 0 B URL HTTP/2 btloader.com/tag?h=freestar-io&upapi=true
IP 104.26.6.139:0
GET /tag?h=freestar-io&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:06 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"ee4a0482a74e4e53afc8475fef23457f"
last-modified: Fri, 20 Jan 2023 07:16:19 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKCwrGMLIyOHm7Z2bWjqNeS12AB9frN0rw%2FDbvpQW%2B5pd3kJSU5HmRk6gOC4URZJwY%2BYiIHsF9UO1rwythzMwkYYwnTyy0BUmciUaSa4vXRhPRZjmOxYAA5jAjZ78A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c641e37bd40b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
104.22.5.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url=
IP 104.22.5.69:0
GET /v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=tinyurl.com&url= HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://tinyurl.com
Connection: keep-alive
Referer: https://tinyurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:07 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://tinyurl.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c641eb7f02b51d-OSL
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3
44.241.175.242200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3
IP 44.241.175.242:0
GET /api/v1/g_match?id=AU1D-0100-001674201427-W1VK3DL6-2C29&google_error=3 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tinyurl.com/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001674201427-W1VK3DL6-2C29; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 20 Jan 2023 07:57:09 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Fri, 20 Jan 2023 19:57:09 GMT
X-Firefox-Spdy: h2